|
Un’ontologia rappresenta una risorsa per organizzare la conoscenza di un dominio in maniera più dettagliata attraverso... |
Il servizio offre un sondaggio per la verifica della conformità di un’organizzazione al GDPR (General Data Protection... |
Il servizio analizza un log di richieste DNS e identifica se all’interno sono stati risolti dei nomi a dominio che... |
Il servizio offre la possibilità di cercare informazioni, note pubblicamente, relative a vulnerabilità di sicurezza... |
| Published | Description | |
|---|---|---|
| CVE-2020-13963 |
21-03-2021 21:15:00 |
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp (which is a guest account). |
| CVE-2021-23360 |
21-03-2021 16:15:00 |
This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Running this PoC will cause the command touch success to be executed, leading to the creation of a file called success. |
| CVE-2021-28961 |
21-03-2021 06:15:00 |
applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests. |
| CVE-2021-28957 |
21-03-2021 05:15:00 |
lxml 4.6.2 allows XSS. It places the HTML action attribute into defs.link_attrs (in html/defs.py) for later use in input sanitization, but does not do the same for the HTML5 formaction attribute. |
| CVE-2021-28953 |
21-03-2021 05:15:00 |
The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository. |
| Date | Title | Platform | Author |
|---|---|---|---|
|
19-03-2021 |
Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path | windows | Riadh Bouchahoua |
|
19-03-2021 |
Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated) | php | Christian Vierschilling |
|
19-03-2021 |
LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS | php | Clément Cruchet |
|
19-03-2021 |
Boonex Dolphin 7.4.2 - 'width' Stored XSS | php | Piyush Patil |
|
19-03-2021 |
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated) | hardware | LiquidWorm |
Italiano
English