Ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 476-500 di 4595 risultati

Pagina 20 di 184

Avvisi di Sicurezza

CERT	Alert	Data	#
MSRC Security Update	CVE-2025-1150 GNU Binutils ld libbfd.c bfd_malloc memory leak	03-06-2026	476
Consiglio Federale CH	Aggiornamenti di sicurezza Android	03-06-2026	477
CSIRT IT	Aggiornamenti di sicurezza Android	03-06-2026	478
MSRC Security Update	CVE-2026-4890 CVE-2026-4890	03-06-2026	479
MSRC Security Update	CVE-2025-1151 GNU Binutils ld xmemdup.c xmemdup memory leak	03-06-2026	480
MSRC Security Update	CVE-2026-5172 CVE-2026-5172	03-06-2026	481
MSRC Security Update	CVE-2026-2291 CVE-2026-2291	03-06-2026	482
MSRC Security Update	CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak	03-06-2026	483
MSRC Security Update	CVE-2026-3219 pip doesn't reject concatenated ZIP and tar archives	03-06-2026	484
MSRC Security Update	CVE-2026-4893 CVE-2026-4893	03-06-2026	485
MSRC Security Update	CVE-2026-4891 CVE-2026-4891	03-06-2026	486
MSRC Security Update	CVE-2026-5450 scanf %mc off-by-one heap buffer overflow	03-06-2026	487
MSRC Security Update	CVE-2026-42304 Twisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains	03-06-2026	488
MSRC Security Update	CVE-2024-30896 InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organizations feature is operating as intended and that users may choose to add users to non-default organizations. A future release of InfluxDB 2.x will remove the ability to retrieve tokens from the API.	03-06-2026	489
MSRC Security Update	CVE-2026-5358 Static buffer overflow in deprecated nis_local_principal	03-06-2026	490
MSRC Security Update	CVE-2026-5928 Static buffer overflow in deprecated nis_local_principal	03-06-2026	491
MSRC Security Update	CVE-2026-7168 cross-proxy Digest auth state leak	03-06-2026	492
MSRC Security Update	CVE-2019-11254 Kubernetes API Server denial of service vulnerability from malicious YAML payloads	03-06-2026	493
MSRC Security Update	CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()	03-06-2026	494
MSRC Security Update	CVE-2026-6253 proxy credentials leak over redirect-to proxy	03-06-2026	495
MSRC Security Update	CVE-2013-1633 easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.	03-06-2026	496
MSRC Security Update	CVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure	03-06-2026	497
MSRC Security Update	CVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF	03-06-2026	498
MSRC Security Update	CVE-2023-1386 Qemu: 9pfs: suid/sgid bits not dropped on file write	03-06-2026	499
MSRC Security Update	CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.	03-06-2026	500