NEWS

  • 15/05/2019 14:32:19

    La cybersecurity si impara da piccoli. Più di 1000 bambini (1007 per l’esattezza) delle scuole primarie e delle scuole secondarie di primo grado di tutta Italia durante quest’anno scolastico hanno potuto scoprire come navigare in maniera sicura e consapevole in Rete grazie ai laboratori sulla...

  • 14/05/2019 13:39:21

    Si chiama Candy Cream l’exploit che attraverso il sistema di infotainment, è in grado di alterare alcune funzioni dell’auto come ad esempio manomettere la chiusura centralizzata, aumentare i giri del motore segnalati dal tachimetro, azionare i tergicristalli e le frecce di emergenza. L’exploit...

  • 03/05/2019 14:33:12

     

     

    È più importante istallare un buon antivirus o magari fare periodicamente un back up dei dati contenuti nei nostri device? Magari è bene fare entrambe le cose, ma appare evidente che mentre un antivirus lo compriamo prima o poi, molta meno attenzione rivolgiamo alla pratica del...

  • 12/04/2019 15:56:17

    In azienda è la tecnologia del momento, già conosciuta dall'85% dei manager che ne hanno compreso il potenziale per lo sviluppo, anche grazie ai primi progetti concreti in cui si sta affermando come modalità di certificazione dei dati in vari settori. Ma la blockchain inizia a fare breccia anche...

There are no events to display

SERVICES

The service offers a platform that allows Registrars to check for any performance and security problems present on...

This service collects data related to public available exploits. The database is updated daily through the official...

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

LATEST CVE

Published Description
CVE-2019-9892
21-05-2019 20:29:02
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem.
CVE-2019-10067
21-05-2019 20:29:00
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS.
CVE-2019-10066
21-05-2019 20:29:00
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS.
CVE-2019-6513
21-05-2019 18:29:19
An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.
CVE-2019-12270
21-05-2019 17:29:00
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. The share is used to retrieve documents for processing, and to store processed documents for display in the browser. The only required share level access is read/write by the JobProcessor service account. At the local filesystem level, the only additional required permissions would be read/write from the servlet engine, such as Tomcat. (The affected server components are not installed with Content Server by default, and must be installed separately.) NOTE: the vendor's position is that customers are not supposed to use this default setting without consulting the documentation.

Pages