Italiano
English
Pubblicato il bando per la quinta edizione del Master in Cybersecurity dell'Università di Pisa, anno accademico 2020/21.
Per immatricolarsi al Master, l’interessato deve collegarsi al Portale Alice all’indirizzo https://www.studenti.unipi.it...
NOTIZIE & EVENTI
SERVIZI
|
Il servizio raccoglie informazioni relative ad exploit pubblici aggiornati giornalmente attraverso il repository... |
Il servizio offre una piattaforma che consente ai Registrar di verificare eventuali problemi di performance e sicurezza... |
Servizio Rilevazione Malware. Il servizio permette di rilevare comportamenti malevoli in file (ad esempio, eseguibili o... |
Un’ontologia rappresenta una risorsa per organizzare la conoscenza di un dominio in maniera più dettagliata attraverso... |
ULTIMI CVE
| Published | Description | |
|---|---|---|
| CVE-2020-14181 |
17-09-2020 01:15:00 |
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0. |
| CVE-2020-16233 |
16-09-2020 20:15:00 |
An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap. |
| CVE-2020-14515 |
16-09-2020 20:15:00 |
CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected. |
| CVE-2020-20406 |
16-09-2020 20:15:00 |
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes. |
| CVE-2020-14517 |
16-09-2020 20:15:00 |
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with the CodeMeter API. |
Pages
ULTIMI EXPLOIT
| Date | Title | Platform | Author |
|---|---|---|---|
|
25-09-2020 |
BigTree CMS 4.4.10 - Remote Code Execution | php | SunCSR |
|
25-09-2020 |
Anchor CMS 0.12.7 - Persistent Cross-Site Scripting (Authenticated) | php | Sinem Şahin |
|
25-09-2020 |
B-swiss 3 Digital Signage System 3.6.5 - Database Disclosure | multiple | LiquidWorm |
|
25-09-2020 |
B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin) | multiple | LiquidWorm |
|
24-09-2020 |
Simple Online Food Ordering System 1.0 - 'id' SQL Injection (Unauthenticated) | php | Aporlorxl23 |
Pages
CERT feeds
| Published | Title | URL |
|---|---|---|
| 05-05-2020 | Aggiornamento di sicurezza Android (maggio 2020) | CERT LINK |
| 04-05-2020 | Grave vulnerabilità in Cisco IOS XE SD-WAN Software | CERT LINK |
| 04-05-2020 | Risolte sette vulnerabilità in WordPress 5.4.1 | CERT LINK |
| 30-04-2020 | Aggiornamenti di sicurezza critici per Adobe Bridge, Illustrator e Magento | CERT LINK |
| 30-04-2020 | Grave vulnerabilità di tipo XSS in VMware ESXi | CERT LINK |