Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1526-1550 di 3768 risultati
Pagina 62 di 151

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.21-02-20261526
MSRC Security UpdateCVE-2025-68823 ublk: fix deadlock when reading partition table21-02-20261527
MSRC Security UpdateCVE-2022-32206 curl < 7.84.0 supports "chained" HTTP compression algorithms meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb" makingcurl end up spending enormous amounts of allocated heap memory or trying toand returning out of memory errors.21-02-20261528
MSRC Security UpdateCVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily.21-02-20261529
MSRC Security UpdateCVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation21-02-20261530
MSRC Security UpdateCVE-2026-21860 Werkzeug safe_join() allows Windows special device names with compound extensions21-02-20261531
MSRC Security UpdateCVE-2025-40289 drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM21-02-20261532
MSRC Security UpdateCVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.21-02-20261533
MSRC Security UpdateCVE-2025-21839 KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop21-02-20261534
MSRC Security UpdateCVE-2025-15444 Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium21-02-20261535
MSRC Security UpdateCVE-2025-48637 In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.21-02-20261536
MSRC Security UpdateCVE-2023-46847 Squid: denial of service in http digest authentication21-02-20261537
MSRC Security UpdateCVE-2025-2953 PyTorch torch.mkldnn_max_pool2d denial of service21-02-20261538
MSRC Security UpdateCVE-2023-5824 Squid: dos against http and https21-02-20261539
MSRC Security UpdateCVE-2025-14819 OpenSSL partial chain store policy bypass21-02-20261540
MSRC Security UpdateCVE-2025-12084 Quadratic complexity in node ID cache clearing21-02-20261541
MSRC Security UpdateCVE-2025-15079 libssh global known_hosts override21-02-20261542
MSRC Security UpdateCVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x50921-02-20261543
MSRC Security UpdateCVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).21-02-20261544
MSRC Security UpdateCVE-2024-58089 btrfs: fix double accounting race when btrfs_run_delalloc_range() failed21-02-20261545
MSRC Security UpdateCVE-2025-14524 bearer token leak on cross-protocol redirect21-02-20261546
MSRC Security UpdateCVE-2021-24119 In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.21-02-20261547
MSRC Security UpdateCVE-2025-15224 libssh key passphrase bypass without agent set21-02-20261548
MSRC Security UpdateCVE-2025-14017 broken TLS options for threaded LDAPS21-02-20261549
MSRC Security UpdateCVE-2023-52969 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.21-02-20261550
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter