NEWS & EVENTS

  • Fabio Martinelli at Cyrano event
    09/12/2020 13:02:00

    Cyrano event will be held on December 16th, 2020 form 10 to 12 am, to share ideas about the sectorial challenges in cyber security.

    During this event Fabio Martinelli will introduce the cyber security observatory, also promoted by E-CORRIDOR. All the stakeholders...

    Read More
  • Cybersecurity day 2020 - 9 ottobre 2020
    06/10/2020 18:01:22

    Il 9 ottobre, durante Internet Festival, avra’ luogo il Cybersecurity Day ( dell’Istituto di Informatica e Telematica del Cnr (IIT).

    All’evento parteciperanno esperti di settore, ricercatori, rappresentanti del mondo delle imprese. Nel corso della giornata saranno presentate le attività...

    Read More
  • Il Cyber Lab del Cnr si presenta alla Commissione Europea
    29/09/2020 11:45:53

    Il 24 settembre scorso Fabio Martinelli è stato invitato dalla Commissione Europea a parlare delle prossime sfide in cyber security nell'ambito degli European research and innovation days 2020.

    In questa occasione ha avuto cosi modo di illustrare le prossime attivita' di ricerca del Cyber...

    Read More
  • Uscito il bando di iscrizione per l'edizione 2020-2021 del Master in Cybersecurity
    04/09/2020 13:57:59

    Pubblicato il bando per la quinta edizione del Master in Cybersecurity dell'Università di Pisa, anno accademico 2020/21.

    Per immatricolarsi al Master, l’interessato deve collegarsi al Portale Alice all’indirizzo https://www.studenti.unipi.it...

    Read More

BLOGS & VIDEOS

Ma Internet può rompersi?
Istituto di Informatica e Telematica
Cyber Security Day 2020
Lezioni di Scienza - Sicurezza Informatica di Fabio Martinelli

SERVICES

Self assessment tools

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

Read More
Vulnerability scan

The service offers a platform that allows Registrars to check for any performance and security problems present on...

Read More
Onthology

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

Read More
Exploit analysis

This service collects data related to public available exploits. The database is updated daily through the official...

Read More

LATEST CVE

Published Description
CVE-2018-3959
02-10-2018 17:29:01
 A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Author property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2017-7908
02-10-2018 17:29:00
 A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.
CVE-2018-3943
02-10-2018 17:29:00
 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-14826
02-10-2018 17:29:00
 Entes EMG12 versions 2.57 and prior The application uses a web interface where it is possible for an attacker to bypass authentication with a specially crafted URL. This could allow for remote code execution.
CVE-2018-14822
02-10-2018 17:29:00
 Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user and execute arbitrary code.

Pages