Ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 3376-3400 di 4595 risultati

Pagina 136 di 184

Avvisi di Sicurezza

CERT	Alert	Data	#
MSRC Security Update	CVE-2026-27171 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.	15-04-2026	3376
MSRC Security Update	CVE-2026-27139 FileInfo can escape from a Root in os	15-04-2026	3377
MSRC Security Update	CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)	15-04-2026	3378
MSRC Security Update	CVE-2026-33940 Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial	15-04-2026	3379
MSRC Security Update	CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509	15-04-2026	3380
MSRC Security Update	CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation	15-04-2026	3381
MSRC Security Update	CVE-2026-33941 Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options	15-04-2026	3382
MSRC Security Update	CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block	15-04-2026	3383
MSRC Security Update	CVE-2026-33891 Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input	15-04-2026	3384
MSRC Security Update	CVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)	15-04-2026	3385
MSRC Security Update	CVE-2026-33895 Forge has signature forgery in Ed25519 due to missing S > L check	15-04-2026	3386
MSRC Security Update	CVE-2026-33671 Picomatch has a ReDoS vulnerability via extglob quantifiers	15-04-2026	3387
MSRC Security Update	CVE-2025-1220 Null byte termination in hostnames	15-04-2026	3388
MSRC Security Update	CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation	15-04-2026	3389
MSRC Security Update	CVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64	15-04-2026	3390
MSRC Security Update	CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`	15-04-2026	3391
MSRC Security Update	CVE-2025-30258 In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."	15-04-2026	3392
MSRC Security Update	CVE-2025-62718 Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF	15-04-2026	3393
MSRC Security Update	CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain	15-04-2026	3394
MSRC Security Update	CVE-2026-34480 Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters	15-04-2026	3395
MSRC Security Update	CVE-2026-34479 Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters	15-04-2026	3396
MSRC Security Update	CVE-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout	15-04-2026	3397
MSRC Security Update	CVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount	15-04-2026	3398
MSRC Security Update	CVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF	15-04-2026	3399
MSRC Security Update	CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse	15-04-2026	3400