Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1751-1775 di 3834 risultati
Pagina 71 di 154

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-21919 sched/fair: Fix potential memory corruption in child_cfs_rq_on_list18-02-20261751
MSRC Security UpdateCVE-2025-37995 module: ensure that kobject_put() is safe for module type kobjects18-02-20261752
MSRC Security UpdateCVE-2025-23266 NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.18-02-20261753
MSRC Security UpdateCVE-2024-47702 bpf: Fail verification for sign-extension of packet data/data_end/data_meta18-02-20261754
MSRC Security UpdateCVE-2024-27407 fs/ntfs3: Fixed overflow check in mi_enum_attr()18-02-20261755
MSRC Security UpdateCVE-2025-68736 landlock: Fix handling of disconnected directories18-02-20261756
MSRC Security UpdateCVE-2025-38202 bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()18-02-20261757
MSRC Security UpdateCVE-2024-36965 remoteproc: mediatek: Make sure IPI buffer fits in L2TCM18-02-20261758
MSRC Security UpdateCVE-2024-4323 Fluent Bit Memory Corruption Vulnerability18-02-20261759
MSRC Security UpdateCVE-2025-39694 s390/sclp: Fix SCCB present check18-02-20261760
MSRC Security UpdateCVE-2021-4160 BN_mod_exp may produce incorrect results on MIPS18-02-20261761
MSRC Security UpdateCVE-2022-27651 A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity.18-02-20261762
MSRC Security UpdateCVE-2022-48303 GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump18-02-20261763
MSRC Security UpdateCVE-2025-37967 usb: typec: ucsi: displayport: Fix deadlock18-02-20261764
MSRC Security UpdateCVE-2024-26648 drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()18-02-20261765
MSRC Security UpdateCVE-2024-57900 ila: serialize calls to nf_register_net_hooks()18-02-20261766
MSRC Security UpdateCVE-2025-68366 nbd: defer config unlock in nbd_genl_connect18-02-20261767
MSRC Security UpdateCVE-2024-45296 path-to-regexp outputs backtracking regular expressions18-02-20261768
MSRC Security UpdateCVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work18-02-20261769
MSRC Security UpdateCVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var18-02-20261770
MSRC Security UpdateCVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock18-02-20261771
MSRC Security UpdateCVE-2024-29041 Express.js Open Redirect in malformed URLs18-02-20261772
MSRC Security UpdateCVE-2022-46175 JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__` allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype which is the commonly understood definition of Prototype Pollution. However polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys but could include denial of service cross-site scripting elevation18-02-20261773
MSRC Security UpdateCVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service.18-02-20261774
MSRC Security UpdateCVE-2024-39481 media: mc: Fix graph walk in media_pipeline_start18-02-20261775
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter