Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1101-1125 di 3834 risultati
Pagina 45 di 154

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-68767 hfsplus: Verify inode mode when loading from disk18-02-20261101
MSRC Security UpdateCVE-2025-68806 ksmbd: fix buffer validation by including null terminator size in EA length18-02-20261102
MSRC Security UpdateCVE-2025-68796 f2fs: fix to avoid updating zero-sized extent in extent cache18-02-20261103
MSRC Security UpdateCVE-2025-71095 net: stmmac: fix the crash issue for zero copy XDP_TX action18-02-20261104
MSRC Security UpdateCVE-2025-40180 mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop18-02-20261105
MSRC Security UpdateCVE-2025-68822 Input: alps - fix use-after-free bugs caused by dev3_register_work18-02-20261106
MSRC Security UpdateCVE-2025-68803 NFSD: NFSv4 file creation neglects setting ACL18-02-20261107
MSRC Security UpdateCVE-2021-33503 An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component the authority regular expression exhibits catastrophic backtracking causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.18-02-20261108
MSRC Security UpdateCVE-2025-68471 Avahi has a reachable assertion in lookup_start18-02-20261109
MSRC Security UpdateCVE-2025-68468 Avahi has a reachable assertion in lookup_multicast_callback18-02-20261110
MSRC Security UpdateCVE-2025-40158 ipv6: use RCU in ip6_output()18-02-20261111
MSRC Security UpdateCVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()18-02-20261112
MSRC Security UpdateCVE-2025-68276 Avahi has a reachable assertion in avahi_wide_area_scan_cache18-02-20261113
MSRC Security UpdateCVE-2022-42916 In curl before 7.86.0 the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion e.g. using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.18-02-20261114
MSRC Security UpdateCVE-2025-40168 smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().18-02-20261115
MSRC Security UpdateCVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings18-02-20261116
MSRC Security UpdateCVE-2026-22801 LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*18-02-20261117
MSRC Security UpdateCVE-2025-40146 blk-mq: fix potential deadlock while nr_requests grown18-02-20261118
MSRC Security UpdateCVE-2025-40149 tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().18-02-20261119
MSRC Security UpdateCVE-2025-40139 smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().18-02-20261120
MSRC Security UpdateCVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock18-02-20261121
MSRC Security UpdateCVE-2025-40135 ipv6: use RCU in ip6_xmit()18-02-20261122
MSRC Security UpdateCVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation18-02-20261123
MSRC Security UpdateCVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data18-02-20261124
MSRC Security UpdateCVE-2025-60876 BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).18-02-20261125
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter