NOTIZIE

SERVIZI

Un’ontologia rappresenta una risorsa per organizzare la conoscenza di un dominio in maniera più dettagliata attraverso...

Il servizio offre uno strumento semplice e rapido per l'autovalutazione per il calcolo del rischio cibernetico. Il...

Il servizio offre la possibilità di cercare informazioni, note pubblicamente, relative a vulnerabilità di sicurezza...

Servizio Rilevazione Malware. Il servizio permette di rilevare comportamenti malevoli in file (ad esempio, eseguibili o...

ULTIMI CVE

Published Description
CVE-2018-1951
04-01-2019 10:29:00
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153494.
CVE-2019-5310
04-01-2019 09:29:00
YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request.
CVE-2019-5009
04-01-2019 09:29:00
Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.
CVE-2019-5007
03-01-2019 18:29:00
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing.
CVE-2019-5006
03-01-2019 18:29:00
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.

Pages

ULTIMI EXPLOIT

Date Title Platform Author
21-09-2018
WebRTC - VP9 Processing Use-After-Free multiple Google Security Research
20-09-2018
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) windows_x86 Abdullah Alıç
19-09-2018
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege windows Google Security Research
19-09-2018
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting linux Fahimeh Rezaei
19-09-2018
Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU windows Google Security Research

Pages