NEWS

EVENTS

  • 11-10-2018 09:00 to 13-10-2018 12:30
    Centro Congressi Le Benedettine Piazza San Paolo a Ripa D'Arno, Pisa, PI, Italia

    La Ludoteca del Registro .it organizza per l'Internet Festival 2018 dei laboratori ludico-didattici che offrono un percorso formativo sul tema della cyber security, affrontata attraverso giochi che cercano di spiegare a grandi e piccoli i principi della sicurezza in Rete, le principali minacce...

  • 12-10-2018 09:00 to 18:00
    Officine Garibaldi, Via Vincenzo Gioberti 39, 56124 Pisa

    Un evento tutto dedicato alla cyber security a cui parteciperanno esperti di settore, ricercatori, rappresentanti del mondo delle imprese. Nel corso della giornata saranno presentate le attività di ricerca ed innovazione compiute dal Cybersecurity Lab del CNR di Pisa in cooperazione con l’...

  • 26-10-2018 (All day)
    Officine Cantelmo, Viale Michele de Pietro 12. Lecce

    In occasione del Festival "Conversazioni sul Futuro" la Ludoteca del Registro torna a Lecce con una tappa del suo Roadshow: la mattina sarà dedicata ai laboratori di Cybersecurity con le Scuole, nel pomeriggio ci sarà una breve sessione formativa rivolta ai docenti sull'uso dell'app...

SERVICES

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

The service detects malicious signatures in analysed files, by scanning it with 57 different commercial anti-malware....

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The service analyzes a DNS request log and detects if there are domain names which can be generated by a Domain...

LATEST CVE

Published Description
CVE-2019-6497
20-01-2019 15:29:01
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
CVE-2019-6496
20-01-2019 15:29:00
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA.
CVE-2018-18908
20-01-2019 15:29:00
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests over cleartext HTTP. This makes the data submitted in these requests prone to Man in The Middle (MiTM) attacks, whereby an attacker would be able to obtain the data sent in these requests. Some of the requests contain potentially sensitive information that could be useful to an attacker, such as the victim's Sky username.
CVE-2019-3773
18-01-2019 17:29:01
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
CVE-2019-3774
18-01-2019 17:29:01
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

Pages

LATEST EXPLOIT

Date Title Platform Author
14-01-2019
Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection php Ihsan Sencan
14-01-2019
Microsoft Windows 10 - DSSVC MoveFileInheritSecurity Privilege Escalation windows Google Security Research
14-01-2019
i-doit CMDB 1.12 - SQL Injection php Ihsan Sencan
14-01-2019
xorg-x11-server < 1.20.3 - Local Privilege Escalation (Solaris 11 inittab) solaris Marco Ivaldi
14-01-2019
Across DR-810 ROM-0 - Backup File Disclosure hardware SajjadBnd

Pages