NEWS

  • 05/08/2019 11:05:33

    Futuro 24 è rubrica di RaiNews24 dedicata a scienza e tecnologia, curata da Andrea Bettini e Marco Dedola. 

    Ogni settimana un viaggio verso il domani, alla scoperta dei luoghi dove si fa ricerca, dei protagonisti che vi lavorano e delle novità che promettono di cambiare...

  • 27/06/2019 12:54:04

    Esce oggi il Cybersecurity Act, nuovo strumento normativo europeo che punta a stabilire delle regole per una sicurezza informatica più coesa e comunitaria. Si tratta di un Regolamento che ha lo scopo di creare un quadro europeo ben definito sulla certificazione della sicurezza informatica di...

  • 20/06/2019 10:34:54

    Mozilla ha corretto Type Confusion, un bug che consentiva attacchi in remoto di un'efficacia devastante.

    SI trattava di una vulnerabilità zero-day che consentiva di avviare esecuzione di codice in remoto semplicemente attirando le vittime su un sito Internet sotto il controllo dei pirati...

  • 12/06/2019 12:16:12

    Niccolò Maggioni (corso di laurea in Informatica UniFi),  Ion Farima  (corso di laurea in Informatica UniFi), Lorenzo Coppi (ITIS Antonio Meucci, Firenze), Riccardo Degli Esposti (ITIS Antonio Meucci, Firenze) sono i quattro “hacker” toscani che hanno vinto le selezioni regionali per partecipare...

There are no events to display

SERVICES

This service offers the possibility of searching public domain information related to known security hardware and...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

LATEST CVE

Published Description
CVE-2019-9012
15-08-2019 14:15:23
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.
CVE-2018-14672
15-08-2019 14:15:13
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
CVE-2018-14671
15-08-2019 14:15:13
In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability.
CVE-2019-15062
14-08-2019 19:15:10
An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element (containing a user/card.php CSRF request) in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. (The protection mechanism for CSRF is to check the Referer header; however, because the attack is from one of the application's own settings pages, this mechanism is bypassed.)
CVE-2019-14427
14-08-2019 18:15:11
XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.

Pages

LATEST EXPLOIT

Date Title Platform Author
31-08-2018
Argus Surveillance DVR 4.0.0.0 - Privilege Escalation windows_x86 hyp3rlinx

Pages