Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2076-2100 di 3853 risultati
Pagina 84 di 155

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-38068 crypto: lzo - Fix compression buffer overrun18-02-20262076
MSRC Security UpdateCVE-2024-25176 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.18-02-20262077
MSRC Security UpdateCVE-2025-21867 bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()18-02-20262078
MSRC Security UpdateCVE-2025-38158 hisi_acc_vfio_pci: fix XQE dma address error18-02-20262079
MSRC Security UpdateCVE-2024-47671 USB: usbtmc: prevent kernel-usb-infoleak18-02-20262080
MSRC Security UpdateCVE-2023-50966 erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.18-02-20262081
MSRC Security UpdateCVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.18-02-20262082
MSRC Security UpdateCVE-2025-22058 udp: Fix memory accounting leak.18-02-20262083
MSRC Security UpdateCVE-2024-4068 Memory Exhaustion in braces18-02-20262084
MSRC Security UpdateCVE-2025-27363 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.18-02-20262085
MSRC Security UpdateCVE-2022-50230 arm64: set UXN on swapper page tables18-02-20262086
MSRC Security UpdateCVE-2025-7339 on-headers vulnerable to http response header manipulation18-02-20262087
MSRC Security UpdateCVE-2025-38103 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()18-02-20262088
MSRC Security UpdateCVE-2024-49969 drm/amd/display: Fix index out of bounds in DCN30 color transformation18-02-20262089
MSRC Security UpdateCVE-2023-51714 An issue was discovered in the HTTP2 implementation in Qt before 5.15.17 6.x before 6.2.11 6.3.x through 6.5.x before 6.5.4 and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.18-02-20262090
MSRC Security UpdateCVE-2024-56596 jfs: fix array-index-out-of-bounds in jfs_readdir18-02-20262091
MSRC Security UpdateCVE-2024-47739 padata: use integer wrap around to prevent deadlock on seq_nr overflow18-02-20262092
MSRC Security UpdateCVE-2025-21941 drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params18-02-20262093
MSRC Security UpdateCVE-2024-58083 KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()18-02-20262094
MSRC Security UpdateCVE-2024-31852 LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production."18-02-20262095
MSRC Security UpdateCVE-2025-38145 soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()18-02-20262096
MSRC Security UpdateCVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init18-02-20262097
MSRC Security UpdateCVE-2025-58754 Axios is vulnerable to DoS attack through lack of data size check18-02-20262098
MSRC Security UpdateCVE-2024-37370 In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token causing the unwrapped token to appear truncated to the application.18-02-20262099
MSRC Security UpdateCVE-2025-38039 net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled18-02-20262100
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter