NEWS

  • 12/06/2019 12:16:12

    Niccolò Maggioni (corso di laurea in Informatica UniFi),  Ion Farima  (corso di laurea in Informatica UniFi), Lorenzo Coppi (ITIS Antonio Meucci, Firenze), Riccardo Degli Esposti (ITIS Antonio Meucci, Firenze) sono i quattro “hacker” toscani che hanno vinto le selezioni regionali per partecipare...

  • 07/06/2019 16:59:44

    Scoperta una grave vulnerabilità di sicurezza (CVE-2019-0708) che affligge i sistemi Windows versioni 7, Vista, XP, Server
    2008R2, e Server 2003.
    La vulnerabilità in questione ha un potenziale impatto paragonabile a quello di EternalBlue sfruttato dal malware WannaCry e simili....

  • 28/05/2019 16:06:01

    Oggi è andato in onda un servizio del Tg1 a cura di Roberta Badaloni, riguardante il nostro Osservatorio su Cybersecurity. Fabio Martinelli e Gianpiero Costantino sono stati intervistati dalla giornalista, sul business del cybercrime. Buona...

  • 15/05/2019 14:32:19

    La cybersecurity si impara da piccoli. Più di 1000 bambini (1007 per l’esattezza) delle scuole primarie e delle scuole secondarie di primo grado di tutta Italia durante quest’anno scolastico hanno potuto scoprire come navigare in maniera sicura e consapevole in Rete grazie ai laboratori sulla...

There are no events to display

SERVICES

The service offers a platform that allows Registrars to check for any performance and security problems present on...

This service offers the possibility of searching public domain information related to known security hardware and...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

LATEST CVE

Published Description
CVE-2013-7472
15-06-2019 19:29:00
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.
CVE-2019-12840
15-06-2019 16:29:00
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
CVE-2019-12839
15-06-2019 16:29:00
In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution.
CVE-2019-12835
15-06-2019 15:29:00
formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping.
CVE-2019-12831
15-06-2019 14:29:00
In MyBB before 1.8.21, an attacker can abuse a default behavior of MySQL on many systems (that leads to truncation of strings that are too long for a database column) to create a PHP shell in the cache directory of a targeted forum via a crafted XML import, as demonstrated by truncation of aaaaaaaaaaaaaaaaaaaaaaaaaa.php.css to aaaaaaaaaaaaaaaaaaaaaaaaaa.php with a 30-character limit, aka theme import stylesheet name RCE.

Pages

LATEST EXPLOIT

Pages