NEWS

  • 05/08/2019 11:05:33

    Futuro 24 è rubrica di RaiNews24 dedicata a scienza e tecnologia, curata da Andrea Bettini e Marco Dedola. 

    Ogni settimana un viaggio verso il domani, alla scoperta dei luoghi dove si fa ricerca, dei protagonisti che vi lavorano e delle novità che promettono di cambiare...

  • 27/06/2019 12:54:04

    Esce oggi il Cybersecurity Act, nuovo strumento normativo europeo che punta a stabilire delle regole per una sicurezza informatica più coesa e comunitaria. Si tratta di un Regolamento che ha lo scopo di creare un quadro europeo ben definito sulla certificazione della sicurezza informatica di...

  • 20/06/2019 10:34:54

    Mozilla ha corretto Type Confusion, un bug che consentiva attacchi in remoto di un'efficacia devastante.

    SI trattava di una vulnerabilità zero-day che consentiva di avviare esecuzione di codice in remoto semplicemente attirando le vittime su un sito Internet sotto il controllo dei pirati...

  • 12/06/2019 12:16:12

    Niccolò Maggioni (corso di laurea in Informatica UniFi),  Ion Farima  (corso di laurea in Informatica UniFi), Lorenzo Coppi (ITIS Antonio Meucci, Firenze), Riccardo Degli Esposti (ITIS Antonio Meucci, Firenze) sono i quattro “hacker” toscani che hanno vinto le selezioni regionali per partecipare...

There are no events to display

SERVICES

The main goal of the tool is to provide a simple and quick tool for cyber risk self-assessment. The tool requires two...

The service offers a platform that allows Registrars to check for any performance and security problems present on...

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

The service aims at offering a representation of the  Cybersecurity domain through the creation of a controlled...

LATEST CVE

Published Description
CVE-2018-20582
11-10-2019 16:15:16
The GREE+ (aka com.gree.greeplus) application 1.4.0.8 for Android suffers from Cross Site Request Forgery.
CVE-2019-2187
11-10-2019 15:15:10
In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124940143
CVE-2019-2173
11-10-2019 15:15:10
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-123013720
CVE-2019-2186
11-10-2019 15:15:10
In GetMBheader of combined_decode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-136175447
CVE-2019-2114
11-10-2019 15:15:10
In the default privileges of NFC, there is a possible local bypass of user interaction requirements on package installation due to a default permission. This could lead to local escalation of privilege by installing an application with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-123700348

Pages

LATEST EXPLOIT

Date Title Platform Author
01-10-2019
DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH) windows Xavi Beltran
01-10-2019
WebKit - Universal XSS Using Cached Pages multiple Google Security Research
01-10-2019
WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment multiple Google Security Research
01-10-2019
kic 2.4a - Denial of Service linux JosueEncinar
01-10-2019
DotNetNuke < 9.4.0 - Cross-Site Scripting multiple MaYaSeVeN

Pages