Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1851-1875 di 3706 risultati
Pagina 75 di 149

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2024-23848 In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.18-02-20261851
MSRC Security UpdateCVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes and crash because of a missing param_kernel->data_size check. This is related to ctl_ioctl.18-02-20261852
MSRC Security UpdateCVE-2023-6531 Kernel: gc's deletion of an skb races with unix_stream_read_generic() leading to uaf18-02-20261853
MSRC Security UpdateCVE-2024-23849 In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1 there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison resulting in out-of-bounds access.18-02-20261854
MSRC Security UpdateCVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.18-02-20261855
MSRC Security UpdateCVE-2024-0727 PKCS12 Decoding crashes18-02-20261856
MSRC Security UpdateCVE-2024-0607 Kernel: nf_tables: pointer math issue in nft_byteorder_eval()18-02-20261857
MSRC Security UpdateCVE-2023-51258 A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512.18-02-20261858
MSRC Security UpdateCVE-2024-0741 An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.18-02-20261859
MSRC Security UpdateCVE-2023-49568 Maliciously crafted Git server replies can cause DoS on go-git clients18-02-20261860
MSRC Security UpdateCVE-2023-49569 Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients18-02-20261861
MSRC Security UpdateCVE-2024-0646 Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination18-02-20261862
MSRC Security UpdateCVE-2024-0639 Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos18-02-20261863
MSRC Security UpdateCVE-2024-0641 Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke18-02-20261864
MSRC Security UpdateCVE-2024-0565 Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client18-02-20261865
MSRC Security UpdateCVE-2024-0562 Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c18-02-20261866
MSRC Security UpdateCVE-2022-41717 Excessive memory growth in net/http and golang.org/x/net/http218-02-20261867
MSRC Security UpdateCVE-2022-21698 Uncontrolled Resource Consumption in promhttp18-02-20261868
MSRC Security UpdateCVE-2022-29526 Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter the Faccessat function could incorrectly report that a file is accessible.18-02-20261869
MSRC Security UpdateCVE-2022-32149 Denial of service via crafted Accept-Language header in golang.org/x/text/language18-02-20261870
MSRC Security UpdateCVE-2023-32067 0-byte UDP payload DoS in c-ares18-02-20261871
MSRC Security UpdateCVE-2023-31130 Buffer Underwrite in ares_inet_net_pton()18-02-20261872
MSRC Security UpdateCVE-2020-22217 Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c.18-02-20261873
MSRC Security UpdateCVE-2023-31147 Insufficient randomness in generation of DNS query IDs in c-ares18-02-20261874
MSRC Security UpdateCVE-2022-4904 A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.18-02-20261875
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter