Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 426-450 di 4595 risultati
Pagina 18 di 184

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions03-06-2026426
MSRC Security UpdateCVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html03-06-2026427
MSRC Security UpdateCVE-2025-60876 BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).03-06-2026428
MSRC Security UpdateCVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertion03-06-2026429
MSRC Security UpdateCVE-2025-11083 GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow03-06-2026430
MSRC Security UpdateCVE-2026-6845 Binutils: binutils: denial of service via crafted elf file03-06-2026431
MSRC Security UpdateCVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail03-06-2026432
MSRC Security UpdateCVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x50903-06-2026433
MSRC Security UpdateCVE-2026-42502 Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html03-06-2026434
MSRC Security UpdateCVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto03-06-2026435
MSRC Security UpdateCVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http03-06-2026436
MSRC Security UpdateCVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar03-06-2026437
MSRC Security UpdateCVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization03-06-2026438
MSRC Security UpdateCVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs03-06-2026439
MSRC Security UpdateCVE-2026-40356 In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.03-06-2026440
MSRC Security UpdateCVE-2025-55554 pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().03-06-2026441
MSRC Security UpdateCVE-2026-40355 In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.03-06-2026442
MSRC Security UpdateCVE-2025-55551 An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.03-06-2026443
MSRC Security UpdateCVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh03-06-2026444
MSRC Security UpdateCVE-2026-41526 In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path to handle user input are affected and could be exploited. In particular, because sendInput() sends a string to a terminal, a control character such as \x01 can be used during injection.03-06-2026445
MSRC Security UpdateCVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability03-06-2026446
MSRC Security UpdateCVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve03-06-2026447
MSRC Security UpdateCVE-2024-58266 The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.03-06-2026448
MSRC Security UpdateCVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection03-06-2026449
MSRC Security UpdateCVE-2025-5791 Users: `root` appended to group listings03-06-2026450
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter