NEWS

  • 05/08/2019 11:05:33

    Futuro 24 è rubrica di RaiNews24 dedicata a scienza e tecnologia, curata da Andrea Bettini e Marco Dedola. 

    Ogni settimana un viaggio verso il domani, alla scoperta dei luoghi dove si fa ricerca, dei protagonisti che vi lavorano e delle novità che promettono di cambiare...

  • 27/06/2019 12:54:04

    Esce oggi il Cybersecurity Act, nuovo strumento normativo europeo che punta a stabilire delle regole per una sicurezza informatica più coesa e comunitaria. Si tratta di un Regolamento che ha lo scopo di creare un quadro europeo ben definito sulla certificazione della sicurezza informatica di...

  • 20/06/2019 10:34:54

    Mozilla ha corretto Type Confusion, un bug che consentiva attacchi in remoto di un'efficacia devastante.

    SI trattava di una vulnerabilità zero-day che consentiva di avviare esecuzione di codice in remoto semplicemente attirando le vittime su un sito Internet sotto il controllo dei pirati...

  • 12/06/2019 12:16:12

    Niccolò Maggioni (corso di laurea in Informatica UniFi),  Ion Farima  (corso di laurea in Informatica UniFi), Lorenzo Coppi (ITIS Antonio Meucci, Firenze), Riccardo Degli Esposti (ITIS Antonio Meucci, Firenze) sono i quattro “hacker” toscani che hanno vinto le selezioni regionali per partecipare...

There are no events to display

SERVICES

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

The service shows a 3D representation of network traffic related to attacks on a honeypot in Pisa. In addition, the...

This service offers the possibility of searching public domain information related to known security hardware and...

LATEST CVE

Published Description
CVE-2019-3622
24-07-2019 12:15:12
Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create symbolic links.
CVE-2019-3485
24-07-2019 12:15:12
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1
CVE-2019-10992
24-07-2019 11:15:12
Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple out-of-bounds read vulnerabilities may cause information disclosure due to lacking user input validation for processing project files.
CVE-2019-3595
24-07-2019 11:15:12
Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. In our checks, the user must explicitly allow the code to execute.
CVE-2019-3591
24-07-2019 11:15:12
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted upload to a remote website which is correctly blocked by DLPe Web Protection. This would then render as an XSS when the DLP Admin viewed the event in the ePO UI.

Pages

LATEST EXPLOIT

Date Title Platform Author
04-12-2018
NUUO NVRMini2 3.9.1 - Authenticated Command Injection php Artem Metla
04-12-2018
DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting php Mohammed Abdul Raheem
04-12-2018
OpenSSH < 7.7 - User Enumeration (2) linux Leap Security
04-12-2018
Wireshark - 'find_signature' Heap Out-of-Bounds Read multiple Google Security Research
04-12-2018
KeyBase Botnet 1.5 - SQL Injection php n4pst3r

Pages