|
Il servizio analizza un log di richieste DNS e identifica se all’interno sono stati risolti dei nomi a dominio che... |
Il servizio offre un sondaggio per la verifica della conformità di un’organizzazione al GDPR (General Data Protection... |
Il servizio mostra una rappresentazione 3D del traffico di rete relativo ad attacchi ad una honeypot a Pisa. Inoltre,... |
Il servizio offre la possibilità di cercare informazioni, note pubblicamente, relative a vulnerabilità di sicurezza... |
| Published | Description | |
|---|---|---|
| CVE-2020-6806 |
25-03-2020 22:15:00 |
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. |
| CVE-2020-6807 |
25-03-2020 22:15:00 |
When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. |
| CVE-2020-6813 |
25-03-2020 22:15:00 |
When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74. |
| CVE-2020-6811 |
25-03-2020 22:15:00 |
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. |
| CVE-2020-6815 |
25-03-2020 22:15:00 |
Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74. |
| Date | Title | Platform | Author |
|---|---|---|---|
|
11-07-2019 |
Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting | aspx | Owais Mehtab |
|
10-07-2019 |
Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS Strings | windows | Google Security Research |
|
10-07-2019 |
Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative cubeStackDepth | windows | Google Security Research |
|
10-07-2019 |
Microsoft DirectWrite / AFDKO - Use of Uninitialized Memory While Freeing Resources in var_loadavar | windows | Google Security Research |
|
10-07-2019 |
Microsoft Windows - Font Subsetting DLL Heap-Based Out-of-Bounds Read in MergeFonts | windows | Google Security Research |
Italiano
English