Italiano
English
Pubblicato il bando per la quinta edizione del Master in Cybersecurity dell'Università di Pisa, anno accademico 2020/21.
Per immatricolarsi al Master, l’interessato deve collegarsi al Portale Alice all’indirizzo https://www.studenti.unipi.it...
NEWS & EVENTS
SERVICES
|
The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection... |
This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-... |
This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as... |
This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service... |
LATEST CVE
| Published | Description | |
|---|---|---|
| CVE-2020-14181 |
17-09-2020 01:15:00 |
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0. |
| CVE-2020-24374 |
16-09-2020 20:15:00 |
A DNS rebinding vulnerability in Freebox HD before 1.5.29. |
| CVE-2020-14519 |
16-09-2020 20:15:00 |
This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. This is especially relevant for systems or devices where a web browser is used to access a web server) via a specifically crafted Java Script payload, which may allow alteration or creation of license files for when combined with CVE-2020-14515. |
| CVE-2020-24376 |
16-09-2020 20:15:00 |
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox Server before 4.2.3. |
| CVE-2020-14513 |
16-09-2020 20:15:00 |
CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields. |
Pages
LATEST EXPLOIT
| Date | Title | Platform | Author |
|---|---|---|---|
|
25-09-2020 |
BigTree CMS 4.4.10 - Remote Code Execution | php | SunCSR |
|
25-09-2020 |
Anchor CMS 0.12.7 - Persistent Cross-Site Scripting (Authenticated) | php | Sinem Şahin |
|
25-09-2020 |
B-swiss 3 Digital Signage System 3.6.5 - Database Disclosure | multiple | LiquidWorm |
|
25-09-2020 |
B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin) | multiple | LiquidWorm |
|
24-09-2020 |
Simple Online Food Ordering System 1.0 - 'id' SQL Injection (Unauthenticated) | php | Aporlorxl23 |
Pages
CERT feeds
| Published | Title | URL |
|---|---|---|
| 05-05-2020 | Aggiornamento di sicurezza Android (maggio 2020) | CERT LINK |
| 04-05-2020 | Grave vulnerabilità in Cisco IOS XE SD-WAN Software | CERT LINK |
| 04-05-2020 | Risolte sette vulnerabilità in WordPress 5.4.1 | CERT LINK |
| 30-04-2020 | Aggiornamenti di sicurezza critici per Adobe Bridge, Illustrator e Magento | CERT LINK |
| 30-04-2020 | Grave vulnerabilità di tipo XSS in VMware ESXi | CERT LINK |