NEWS

  • 05/08/2019 11:05:33

    Futuro 24 è rubrica di RaiNews24 dedicata a scienza e tecnologia, curata da Andrea Bettini e Marco Dedola. 

    Ogni settimana un viaggio verso il domani, alla scoperta dei luoghi dove si fa ricerca, dei protagonisti che vi lavorano e delle novità che promettono di cambiare...

  • 27/06/2019 12:54:04

    Esce oggi il Cybersecurity Act, nuovo strumento normativo europeo che punta a stabilire delle regole per una sicurezza informatica più coesa e comunitaria. Si tratta di un Regolamento che ha lo scopo di creare un quadro europeo ben definito sulla certificazione della sicurezza informatica di...

  • 20/06/2019 10:34:54

    Mozilla ha corretto Type Confusion, un bug che consentiva attacchi in remoto di un'efficacia devastante.

    SI trattava di una vulnerabilità zero-day che consentiva di avviare esecuzione di codice in remoto semplicemente attirando le vittime su un sito Internet sotto il controllo dei pirati...

  • 12/06/2019 12:16:12

    Niccolò Maggioni (corso di laurea in Informatica UniFi),  Ion Farima  (corso di laurea in Informatica UniFi), Lorenzo Coppi (ITIS Antonio Meucci, Firenze), Riccardo Degli Esposti (ITIS Antonio Meucci, Firenze) sono i quattro “hacker” toscani che hanno vinto le selezioni regionali per partecipare...

There are no events to display

SERVICES

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

LATEST CVE

Published Description
CVE-2019-12757
15-11-2019 18:15:00
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVE-2011-0703
15-11-2019 17:15:00
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.
CVE-2011-2726
15-11-2019 17:15:00
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.
CVE-2019-12756
15-11-2019 17:15:00
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.
CVE-2011-2910
15-11-2019 17:15:00
The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalation.

Pages

LATEST EXPLOIT

Date Title Platform Author
06-11-2019
QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path windows Ivan Marmolejo
06-11-2019
Wacom WTabletService 6.6.7-3 - 'WTabletServicePro' Unquoted Service Path windows Marcos Antonio León
06-11-2019
Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass hardware LiquidWorm
05-11-2019
WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive multiple Google Security Research
05-11-2019
SD.NET RIM 4.7.3c - 'idtyp' SQL Injection aspx Fabian Mosch_ Nick Theisinger

Pages