NOTIZIE

  • 15/05/2019 14:32:19

    La cybersecurity si impara da piccoli. Più di 1000 bambini (1007 per l’esattezza) delle scuole primarie e delle scuole secondarie di primo grado di tutta Italia durante quest’anno scolastico hanno potuto scoprire come navigare in maniera sicura e consapevole in Rete grazie ai laboratori sulla...

  • 14/05/2019 13:39:21

    Si chiama Candy Cream l’exploit che attraverso il sistema di infotainment, è in grado di alterare alcune funzioni dell’auto come ad esempio manomettere la chiusura centralizzata, aumentare i giri del motore segnalati dal tachimetro, azionare i tergicristalli e le frecce di emergenza. L’exploit...

  • 03/05/2019 14:33:12

     

     

    È più importante istallare un buon antivirus o magari fare periodicamente un back up dei dati contenuti nei nostri device? Magari è bene fare entrambe le cose, ma appare evidente che mentre un antivirus lo compriamo prima o poi, molta meno attenzione rivolgiamo alla pratica del...

  • 12/04/2019 15:56:17

    In azienda è la tecnologia del momento, già conosciuta dall'85% dei manager che ne hanno compreso il potenziale per lo sviluppo, anche grazie ai primi progetti concreti in cui si sta affermando come modalità di certificazione dei dati in vari settori. Ma la blockchain inizia a fare breccia anche...

Non ci sono eventi da visualizzare

SERVIZI

Il Thesaurus offre una rappresentazione della conoscenza di un insieme di termini relativi alla Cybersecurity,...

Il servizio mostra una rappresentazione 3D del traffico di rete relativo ad attacchi ad una honeypot a Pisa. Inoltre,...

Il servizio offre una piattaforma che consente ai Registrar di verificare eventuali problemi di performance e sicurezza...

Il servizio utilizza una raccolta di tweet provenienti da utenti appartenenti a Twitter i cui tweet utilizzano parole...

ULTIMI CVE

Published Description
CVE-2019-1663
28-02-2019 13:29:02
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.
CVE-2019-1674
28-02-2019 13:29:02
A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools. This vulnerability is fixed in Cisco Webex Meetings Desktop App Release 33.6.6 and 33.9.1 releases. This vulnerability is fixed in Cisco Webex Productivity Tools Release 33.0.7.
CVE-2018-18495
28-02-2019 13:29:01
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.
CVE-2018-12406
28-02-2019 13:29:01
Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64.
CVE-2018-12400
28-02-2019 13:29:01
In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63.

Pages

ULTIMI EXPLOIT

Date Title Platform Author
03-09-2018
Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC) ios Luis Martínez
03-09-2018
Online Quiz Maker 1.0 - 'catid' SQL Injection php AkkuS
03-09-2018
Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC) windows_x86-64 Uriel Corral Salinas
03-09-2018
D-Link DIR-615 - Denial of Service (PoC) hardware Aniket Dinda
03-09-2018
VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC) windows Diego Santamaria

Pages