NOTIZIE

EVENTI

  • 11-10-2018 09:00 to 13-10-2018 12:30
    Centro Congressi Le Benedettine Piazza San Paolo a Ripa D'Arno, Pisa, PI, Italia

    La Ludoteca del Registro .it organizza per l'Internet Festival 2018 dei laboratori ludico-didattici che offrono un percorso formativo sul tema della cyber security, affrontata attraverso giochi che cercano di spiegare a grandi e piccoli i principi della sicurezza in Rete, le principali minacce...

  • 12-10-2018 09:00 to 18:00
    Officine Garibaldi, Via Vincenzo Gioberti 39, 56124 Pisa

    Un evento tutto dedicato alla cyber security a cui parteciperanno esperti di settore, ricercatori, rappresentanti del mondo delle imprese. Nel corso della giornata saranno presentate le attività di ricerca ed innovazione compiute dal Cybersecurity Lab del CNR di Pisa in cooperazione con l’...

  • 26-10-2018 (All day)
    Officine Cantelmo, Viale Michele de Pietro 12. Lecce

    In occasione del Festival "Conversazioni sul Futuro" la Ludoteca del Registro torna a Lecce con una tappa del suo Roadshow: la mattina sarà dedicata ai laboratori di Cybersecurity con le Scuole, nel pomeriggio ci sarà una breve sessione formativa rivolta ai docenti sull'uso dell'app...

SERVIZI

Il servizio mostra una rappresentazione 3D del traffico di rete relativo ad attacchi ad una honeypot a Pisa. Inoltre,...

Un’ontologia rappresenta una risorsa per organizzare la conoscenza di un dominio in maniera più dettagliata attraverso...

Il servizio offre la possibilità di cercare informazioni, note pubblicamente, relative a vulnerabilità di sicurezza...

Il servizio offre un sondaggio per la verifica della conformità di un’organizzazione al GDPR (General Data Protection...

ULTIMI CVE

Published Description
CVE-2018-10498
24-09-2018 19:29:00
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file:/// URIs. The issue lies in the lack of proper validation of user-supplied data, which can allow for reading arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges. Was ZDI-CAN-5329.
CVE-2018-10497
24-09-2018 19:29:00
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5328.
CVE-2018-10501
24-09-2018 19:29:00
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358.
CVE-2018-10496
24-09-2018 19:29:00
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5326.
CVE-2018-10500
24-09-2018 19:29:00
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.

Pages