Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1176-1200 di 3755 risultati
Pagina 48 di 151

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).18-02-20261176
MSRC Security UpdateCVE-2022-27536 Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.18-02-20261177
MSRC Security UpdateCVE-2024-50613 libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.18-02-20261178
MSRC Security UpdateCVE-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution18-02-20261179
MSRC Security UpdateCVE-2023-42366 A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.18-02-20261180
MSRC Security UpdateCVE-2023-45288 HTTP/2 CONTINUATION flood in net/http18-02-20261181
MSRC Security UpdateCVE-2019-14197 An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.18-02-20261182
MSRC Security UpdateCVE-2025-38261 riscv: save the SR_SUM status over switches18-02-20261183
MSRC Security UpdateCVE-2025-21666 vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]18-02-20261184
MSRC Security UpdateCVE-2024-50614 TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.18-02-20261185
MSRC Security UpdateCVE-2024-3447 Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()18-02-20261186
MSRC Security UpdateCVE-2023-24540 Improper handling of JavaScript whitespace in html/template18-02-20261187
MSRC Security UpdateCVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user()18-02-20261188
MSRC Security UpdateCVE-2022-3510 Parsing issue in protobuf message-type extension18-02-20261189
MSRC Security UpdateCVE-2025-38251 atm: clip: prevent NULL deref in clip_push()18-02-20261190
MSRC Security UpdateCVE-2020-36475 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.18-02-20261191
MSRC Security UpdateCVE-2025-21683 bpf: Fix bpf_sk_select_reuseport() memory leak18-02-20261192
MSRC Security UpdateCVE-2024-0874 Coredns: cd bit response is cached and served later18-02-20261193
MSRC Security UpdateCVE-2024-50615 TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.18-02-20261194
MSRC Security UpdateCVE-2025-38263 bcache: fix NULL pointer in cache_set_flush()18-02-20261195
MSRC Security UpdateCVE-2020-36477 An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though).18-02-20261196
MSRC Security UpdateCVE-2023-6816 Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer18-02-20261197
MSRC Security UpdateCVE-2025-21665 filemap: avoid truncating 64-bit offset to 32 bits18-02-20261198
MSRC Security UpdateCVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.18-02-20261199
MSRC Security UpdateCVE-2024-49761 REXML ReDoS vulnerability18-02-20261200
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter