Threat Intelligence

Cross-site Scripting XSS Bounds of a Memory Buffer Improper Input Validation Exposure to Unauthorized Actor Improper SQL ('SQL Injection') Out-of-bounds Read Cross-Site Request Forgery (CSRF) Path Traversal Improper Access Control Use After Free Improper Authentication Out-of-bounds Write Integer Overflow or Wraparound NULL Pointer Dereference Special Elements (OS Command Injection) Generation of Code ('Code Injection') Improper Privilege Management Uncontrolled Resource Consumption Special Elements in Output (Injection) Race Condition

Microsoft Oracle IBM Google Apple Cisco Adobe Debian Redhat Linux Mozilla Canonical HP SUN Opensuse Apache Fedoraproject GNU Novell PHP Qualcomm Wireshark SAP Imagemagick Huawei Jenkins Foxitsoftware Symantec Suse EMC Freebsd Joomla Moodle Cpanel Siemens Vmware Wordpress Juniper Drupal Mcafee Ffmpeg XEN Netapp F5 Qemu Openbsd SGI Phpmyadmin Intel Opera

Debian Linux Android Linux Kernel Mac Os X Ubuntu Linux Firefox Chrome Iphone Os Windows Server 2008 Windows 7 Acrobat Reader Dc Acrobat Dc Windows 10 Flash Player Windows Server 2012 Enterprise Linux Desktop Internet Explorer Safari Enterprise Linux Server Windows 8.1 Acrobat Enterprise Linux Workstation Thunderbird Opensuse Windows Server 2016 Windows Rt 8.1 Windows Vista Windows Xp Mysql Seamonkey Fedora Acrobat Reader Firefox Esr Enterprise Linux Mac Os X Server IE JRE Edge JDK PHP Itunes Leap Wireshark Sunos Office Imagemagick IOS Windows 2000 Watchos Solaris

CVE-2020-12882 15 May 2020

Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow. Read more ➔

CVE-2020-11931 15 May 2020

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended acce... Read more ➔

CVE-2020-12440 14 May 2020

NGINX through 1.18.0 allows an HTTP request smuggling attack that can lead to cache poisoning, credential hijacking, or security bypass. Read more ➔

CVE-2020-0024 14 May 2020

In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local... Read more ➔

CVE-2020-0064 14 May 2020

An improper authorization while processing the provisioning data.Product: AndroidVersions: Android SoCAndroid ID: A-149866855 Read more ➔

CVE-2020-0065 14 May 2020

An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448 Read more ➔

CVE-2020-10612 14 May 2020

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is open witho... Read more ➔

CVE-2020-10616 14 May 2020

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace t... Read more ➔

CVE-2020-10620 14 May 2020

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to... Read more ➔

CVE-2020-0090 14 May 2020

An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048 Read more ➔

CVE-2020-0091 14 May 2020

In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700 Read more ➔

CVE-2020-0092 14 May 2020

In setHideSensitive of NotificationStackScrollLayout.java, there is a possible disclosure of sensitive notification content due to a permissions bypas... Read more ➔

CVE-2020-0093 14 May 2020

In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local informatio... Read more ➔

CVE-2020-0094 14 May 2020

In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to loc... Read more ➔

CVE-2020-0096 14 May 2020

In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local esc... Read more ➔

CVE-2020-0097 14 May 2020

In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to... Read more ➔

CVE-2020-0098 14 May 2020

In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of pr... Read more ➔

CVE-2020-0100 14 May 2020

In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of... Read more ➔

CVE-2020-0101 14 May 2020

In BnCrypto::onTransact of ICrypto.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information dis... Read more ➔

CVE-2020-0102 14 May 2020

In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local esca... Read more ➔

CVE-2020-0103 14 May 2020

In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code executio... Read more ➔

CVE-2020-0104 14 May 2020

In onShowingStateChanged of KeyguardStateMonitor.java, there is a possible inappropriate read due to a logic error. This could lead to local informati... Read more ➔

CVE-2020-0105 14 May 2020

In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowi... Read more ➔

CVE-2020-0106 14 May 2020

In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local i... Read more ➔

CVE-2020-0109 14 May 2020

In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of pri... Read more ➔

Key Capabilities

Automated survey templates

PIA/DPIA assessment

Data mapping

Automated risk assessment

Vendor risk management

Consent management

Privacy-by-design

Predefined document templates

Breach notification

Automated control selection

Continuous control testing

Security training

Cookie scanning

Multilingual

Key Capabilities

AI data discovery

Data Analysis

Data Visualisation

Data Linking

Key Capabilities

Automated pre-filled surveys

PIA/DPIA assessment

Automated vendor risk assessment

Predefined document templates

Data mapping

Contract management

Legal basis for sharing data

Key Capabilities

Privacy standards research

Cross standards research

Breach modelling and ROI calculator

Latest privacy news tracking

Latest Threat Intelligence

Key Capabilities

Off the shelf web interface

Supports any privacy legislation

Pre-defined GDPR & CCPA templates

DSAR workflow management

Consumer messaging interface

Automated consumer data collection

Key Capabilities

Automatic control selection

Encode your legal position

Key Capabilities

Test each and every control

Key Capabilities

Cookie scanning

Website consent

Privacy notices

Key Capabilities

Simple GDPR surveys

Off the shelf web interface

Pre-defined GDPR templates

DSAR workflow management

Data subject messaging interface

Automated data subject info retrieval

Key Capabilities

Simple CCPA surveys

Off the shelf web interface

Pre-defined CCPA templates

Consumer request workflow management

Consumer messaging interface

Automated consumer data retrieval

Key Capabilities

Privacy standards research

Cross standards research

Breach modelling and ROI calculator

Latest privacy news tracking

Latest Threat Intelligence

Key Capabilities

Defusing the GDPR time bomb

GDPR - And they’re off...

Threat Intelligence