NEWS & EVENTS

  • 09/12/2020 13:02:00

    Cyrano event will be held on December 16th, 2020 form 10 to 12 am, to share ideas about the sectorial challenges in cyber security.

    During this event Fabio Martinelli will introduce the cyber security observatory, also promoted by E-CORRIDOR. All the stakeholders...

  • 06/10/2020 18:01:22

    Il 9 ottobre, durante Internet Festival, avra’ luogo il Cybersecurity Day ( dell’Istituto di Informatica e Telematica del Cnr (IIT).

    All’evento parteciperanno esperti di settore, ricercatori, rappresentanti del mondo delle imprese. Nel corso della giornata saranno presentate le attività...

  • 29/09/2020 11:45:53

    Il 24 settembre scorso Fabio Martinelli è stato invitato dalla Commissione Europea a parlare delle prossime sfide in cyber security nell'ambito degli European research and innovation days 2020.

    In questa occasione ha avuto cosi modo di illustrare le prossime attivita' di ricerca del Cyber...

  • 04/09/2020 13:57:59

    Pubblicato il bando per la quinta edizione del Master in Cybersecurity dell'Università di Pisa, anno accademico 2020/21.

    Per immatricolarsi al Master, l’interessato deve collegarsi al Portale Alice all’indirizzo https://www.studenti.unipi.it...

SERVICES

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

This service offers the possibility of searching public domain information related to known security hardware and...

The service shows a 3D representation of network traffic related to attacks on a honeypot in Pisa. In addition, the...

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

LATEST CVE

Published Description
CVE-2021-27581
05-03-2021 23:15:00
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-28042
05-03-2021 22:15:00
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-3420
05-03-2021 21:15:00
A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow.
CVE-2020-29028
05-03-2021 21:15:00
Cross-site Scripting (XSS) vulnerability in web GUI of Secomea GateManager allows an attacker to inject arbitrary javascript code. This issue affects: Secomea GateManager all versions prior to 9.4.
CVE-2020-29020
05-03-2021 21:15:00
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.

Pages

LATEST EXPLOIT

Date Title Platform Author
05-03-2021
CatDV 9.2 - RMI Authentication Bypass java Christopher Ellis
05-03-2021
Fluig 1.7.0 - Path Traversal multiple Lucas Souza
04-03-2021
Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated) php Suraj Bhosale
04-03-2021
Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting (XSS) php Tushar Vaidya
04-03-2021
Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS) php Tushar Vaidya

Pages