Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2401-2425 di 3854 risultati
Pagina 97 di 155

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-38146 net: openvswitch: Fix the dead loop of MPLS parse18-02-20262401
MSRC Security UpdateCVE-2010-4226 cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.18-02-20262402
MSRC Security UpdateCVE-2025-21736 nilfs2: fix possible int overflows in nilfs_fiemap()18-02-20262403
MSRC Security UpdateCVE-2024-43891 tracing: Have format file honor EVENT_FILE_FL_FREED18-02-20262404
MSRC Security UpdateCVE-2025-38126 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping18-02-20262405
MSRC Security UpdateCVE-2024-0684 Coreutils: heap overflow in split --line-bytes with very long lines18-02-20262406
MSRC Security UpdateCVE-2024-47705 block: fix potential invalid pointer dereference in blk_add_partition18-02-20262407
MSRC Security UpdateCVE-2025-53023 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).18-02-20262408
MSRC Security UpdateCVE-2025-27219 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.18-02-20262409
MSRC Security UpdateCVE-2023-44488 VP9 in libvpx before 1.13.1 mishandles widths leading to a crash related to encoding.18-02-20262410
MSRC Security UpdateCVE-2024-43897 net: drop bad gso csum_start and offset in virtio_net_hdr18-02-20262411
MSRC Security UpdateCVE-2012-2677 Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool18-02-20262412
MSRC Security UpdateCVE-2016-2781 chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer.18-02-20262413
MSRC Security UpdateCVE-2025-38092 ksmbd: use list_first_entry_or_null for opinfo_get_list()18-02-20262414
MSRC Security UpdateCVE-2024-55553 In FRRouting (FRR) all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size18-02-20262415
MSRC Security UpdateCVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()18-02-20262416
MSRC Security UpdateCVE-2024-22017 setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users using version greater or equal than Node.js 18.18.0 Node.js 20.4.0 and Node.js 21.18-02-20262417
MSRC Security UpdateCVE-2024-45506 HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024.18-02-20262418
MSRC Security UpdateCVE-2025-50102 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20262419
MSRC Security UpdateCVE-2024-39472 xfs: fix log recovery buffer allocation for the legacy h_size fixup18-02-20262420
MSRC Security UpdateCVE-2023-46218 This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk` even though `co.uk` is listed as a PSL domain. 18-02-20262421
MSRC Security UpdateCVE-2025-21749 net: rose: lock the socket in rose_bind()18-02-20262422
MSRC Security UpdateCVE-2025-38091 drm/amd/display: check stream id dml21 wrapper to get plane_id18-02-20262423
MSRC Security UpdateCVE-2025-39788 scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE18-02-20262424
MSRC Security UpdateCVE-2022-1292 The c_rehash script allows command injection18-02-20262425
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter