NEWS & EVENTS

SERVICES

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection...

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

LATEST CVE

Published Description
CVE-2020-0109
14-05-2020 21:15:00
In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148059175
CVE-2020-0024
14-05-2020 21:15:00
In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-137015265
CVE-2020-0100
14-05-2020 21:15:00
In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-8.0Android ID: A-150156584
CVE-2020-0106
14-05-2020 21:15:00
In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148414207
CVE-2020-0065
14-05-2020 21:15:00
An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448

Pages

LATEST EXPLOIT

Date Title Platform Author
04-09-2018
Logicspice FAQ Script 2.9.7 - Remote Code Execution php AkkuS
04-09-2018
Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection php Renos Nikolaou
04-09-2018
mooSocial Store Plugin 2.6 - SQL Injection php Andrea Bocchetti
04-09-2018
iSmartViewPro 1.5 - 'DDNS' Buffer Overflow windows_x86 Luis Martínez
03-09-2018
Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC) ios Luis Martínez

Pages