NOTIZIE & EVENTI

SERVIZI

Il servizio raccoglie informazioni relative ad exploit pubblici aggiornati giornalmente attraverso il repository...

Il servizio analizza gruppi di email file (formato .eml) per identificare le email indesiderate (SPAM). Il servizio...

Servizio Rilevazione Malware. Il servizio permette di rilevare comportamenti malevoli in file (ad esempio, eseguibili o...

Il servizio offre uno strumento semplice e rapido per l'autovalutazione per il calcolo del rischio cibernetico. Il...

ULTIMI CVE

Published Description
CVE-2020-13523
04-08-2020 19:15:00
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.
CVE-2020-16134
04-08-2020 19:15:00
An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet Box 3 prior to 11.01.20, and Internet Box light prior to 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device's plus or reset button, an attacker can create a user with elevated privileges on the Sysbus-API. This can then be used to modify local or remote SSH access, thus allowing a login session as the superuser.
CVE-2020-16203
04-08-2020 19:15:00
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
CVE-2020-4525
04-08-2020 16:15:00
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182435.
CVE-2020-4631
04-08-2020 16:15:00
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372.

Pages

ULTIMI EXPLOIT

Date Title Platform Author
16-06-2020
Gila CMS 1.11.8 - 'query' SQL Injection php BillyV4
15-06-2020
Netgear R7000 Router - Remote Code Execution hardware grimm-co
15-06-2020
SOS JobScheduler 1.13.3 - Stored Password Decryption multiple Sander Ubink
12-06-2020
SmarterMail 16 - Arbitrary File Upload multiple vvhack.org
12-06-2020
Sysax MultiServer 6.90 - Reflected Cross Site Scripting multiple Luca Epifanio

Pages