Advisories

• CVE-2021-31858 (To Be Disclosed)
• CVE-2020-13990 (To Be Disclosed)
• CVE-2020-13989 (To Be Disclosed)
• CVE-2019-7558 (To Be Disclosed)
• CVE-2019-7557 (To Be Disclosed)
• CVE-2019-7556 (To Be Disclosed)
• CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
• CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin
• CVE-2020-13639 - Outsystems ECT Provider Unauthenticated Cross-Site Scripting Stored
• CVE-2019-5493 - Information Disclosure Vulnerability in Data ONTAP operating in 7-Mode
• CVE-2021-29357 - Outsystems ECT Provider Server Side Request Forgery
• CVE-2020-13963 - SOPlanning Authentication Bypass
• CVE-2020-15934 - Privilege escalation vulnerability in FortiClient for Linux
• CVE-2018-10377 - Insufficient Validation of Burp Collaborator Server Certificate
• CVE-2017-9376 - ManageEngine ServiceDesk Plus Local File Inclusion
• CVE-2017-9362 - ManageEngine ServiceDesk Plus XML External Entity via CMDB API
• CVE-2017-10992 - HP Storage Essentials Remote Code Execution via Java deserialization
• CVE-2016-10125 - DLink DGS-1100 switch static hard-coded TLS crypto keys in firmware
• CVE-2016-3670 Stored Cross Site Scripting in Liferay CE
• CVE-2016-4056 - Stored Cross-Site Scripting in TYPO3 Bookmarks
• Insecure Direct Object Reference in OSTicket attachments
• CVE-2015-7968 - SAP Netweaver Application Server XXE (SAP Security Note 2183189)
• Google AOSP Email App HTML Injection
• CVE-2015-7342 Multiple SQL Injection in JNews Joomla Component
• CVE-2015-7340 SQL Injection in JEvents Joomla Component
• CVE-2015-7338 SQL Injection in AcyMailing Joomla Component
• CVE-2015-7341 Bypass File Upload Restriction in JNews Joomla Component
• CVE-2015-7343 Reflected Cross-Site Scripting in JNews Joomla Component
• CVE-2015-7339 Bypass File Upload Restriction in JCE Joomla Component
• CVE-2015-7344 Cross-Site Scripting in HikaShop Joomla Component
• CVE-2015-7349 - Reflected cross-site scripting vulnerability in DIGIPASS authentication for Citrix Web Interface
• CVE-2015-3784 Apple iOS Office Viewer XXE vulnerability
• CVE-2014-4925 HTML injection in Good For Enterprise Android
• CVE-2014-1635 Belkin N750 Buffer Overflow
• CVE-2014-1634 - SQL Injection in Advanced Newsletter Magento extension
• CVE-2013-3319 - SAP Host Agent Information Disclosure

Latest Advisories

• CVE-2021-41844 Open Redirect in JetEngine Wordpress Plugin
• CVE-2021-38607 Stored Cross-Site Scripting in JetEngine Wordpress Plugin
• CVE-2020-13639 - Outsystems ECT Provider Unauthenticated Cross-Site Scripting Stored
• CVE-2019-5493 - Information Disclosure Vulnerability in Data ONTAP operating in 7-Mode
• CVE-2021-29357 - Outsystems ECT Provider Server Side Request Forgery

Latest Articles

• The Curious Case of Apple iOS IKEv2 VPN On Demand
• Gmail Android app insecure Network Security Configuration.
• Reviewing Android Webviews fileAccess attack vectors.
• Droidstat-X, Android Applications Security Analyser Xmind Generator
• Uber Hacking: How we found out who you are, where you are and where you went!