CVE-2020-4079 12 Jan 2021

Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 2.8.0, when the ajax endpoint for the "excel export" portal... Read more ➔

CVE-2020-25192 (v3: 5.3) 23 Dec 2020

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authoriz... Read more ➔

CVE-2020-0497 (v3: 5.5) 15 Dec 2020

In canUseBiometric of BiometricServiceBase, there is a missing permission check. This could lead to local information disclosure with no additional ex... Read more ➔

CVE-2020-0498 (v3: 5.5) 15 Dec 2020

In decode_packed_entry_number of codebook.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote informati... Read more ➔

CVE-2020-0500 (v3: 5.5) 15 Dec 2020

In startInputUncheckedLocked of InputMethodManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to loca... Read more ➔

CVE-2020-27023 (v3: 4.4) 15 Dec 2020

In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead t... Read more ➔

CVE-2019-19283 14 Dec 2020

A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the serv... Read more ➔

CVE-2020-5676 (v3: 7.5) 3 Dec 2020

GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors. Read more ➔

CVE-2020-4625 (v3: 5.3) 30 Nov 2020

IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag... Read more ➔

CVE-2020-4626 (v3: 4.3) 30 Nov 2020

IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially cra... Read more ➔

CVE-2020-7568 19 Nov 2020

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could a... Read more ➔

CVE-2020-26230 13 Nov 2020

Radar COVID is the official COVID-19 exposure notification app for Spain. In affected versions of Radar COVID, identification and de-anonymization of... Read more ➔

CVE-2020-26220 11 Nov 2020

toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could... Read more ➔

CVE-2020-2307 4 Nov 2020

Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables. Read more ➔

CVE-2020-27180 (v3: 7.5) 27 Oct 2020

konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter. Read more ➔

CVE-2020-27183 (v3: 9.8) 27 Oct 2020

A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015 allows attackers to disclose sensitive user information... Read more ➔

CVE-2020-15794 15 Oct 2020

A vulnerability has been identified in Desigo Insight (All versions). Some error messages in the web application show the absolute path to the request... Read more ➔

CVE-2020-15250 12 Oct 2020

In JUnit4 before version 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system... Read more ➔

CVE-2020-15235 5 Oct 2020

In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone exc... Read more ➔

CVE-2020-4612 (v3: 6.5) 22 Sep 2020

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. IBM X-For... Read more ➔

CVE-2020-4616 (v3: 5.3) 22 Sep 2020

IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request. IBM X-Force ID... Read more ➔

CVE-2020-0286 (v3: 7.5) 18 Sep 2020

In Bluetooth AVRCP, there is a possible leak of audio metadata due to residual data. This could lead to remote information disclosure with no addition... Read more ➔

CVE-2020-4171 (v3: 4.3) 27 Aug 2020

IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174407. Read more ➔

CVE-2020-12777 (v3: 7.5) 10 Aug 2020

A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system... Read more ➔

CVE-2020-12780 (v3: 7.5) 10 Aug 2020

A security misconfiguration exists in Combodo iTop, which can expose sensitive information. Read more ➔

Key Capabilities

Automated survey templates

PIA/DPIA & TIA assessment

Data mapping

Automated risk assessment

Vendor risk management

Consent management

Privacy-by-design

Predefined document templates

Breach notification

Automated control selection

Continuous control testing

Security training

Cookie scanning

Multilingual

Key Capabilities

AI data discovery

Data Analysis

Data Visualisation

Data Linking

Key Capabilities

Automated pre-filled surveys

PIA/DPIA/TIA assessment

Automated vendor risk assessment

Automatic Schrems II contracts

Predefined document templates

Data mapping

Contract management

Legal basis for sharing data

Key Capabilities

Privacy regulation research

Regulation comparison tool

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Key Capabilities

Off the shelf web interface

Supports any privacy legislation

Pre-defined GDPR & CCPA templates

DSAR workflow management

Consumer messaging interface

Automated consumer data collection

Key Capabilities

Automatic control selection

Encode your legal position

Key Capabilities

Test each and every control

Key Capabilities

Cookie scanning

Website consent

Privacy notices

Key Capabilities

Simple GDPR surveys

Off the shelf web interface

Pre-defined GDPR templates

DSAR workflow management

Data subject messaging interface

Automated data subject info retrieval

Key Capabilities

Simple CCPA surveys

Off the shelf web interface

Pre-defined CCPA templates

Consumer request workflow management

Consumer messaging interface

Automated consumer data retrieval

Key Capabilities

Automatic Schrems II contracts

Key Capabilities

Privacy regulation research

Regulation comparison tool

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Key Capabilities

Defusing the GDPR time bomb

GDPR - And they’re off...

Proteus-Cyber Ltd- Threat Intelligence Tools for Data Privacy Protection

Proteus-Cyber Ltd- Privacy Impact Assessment GDPR

Proteus-Cyber Ltd- Threat Intelligence Tools - Update

Canada’s Proposed New Consumer Privacy Protection Act: The Good, the Bad, the Missed Opportunities

Proposition 24 – November 3rd, 2020 1879. (19-0021A1) AMENDS CONSUMER PRIVACY LAWS. INITIATIVE STATUTE.