Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1926-1950 di 3706 risultati
Pagina 78 di 149

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2010-4756 The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.18-02-20261926
MSRC Security UpdateCVE-2023-3772 Kernel: xfrm: null pointer dereference in xfrm_update_ae_params()18-02-20261927
MSRC Security UpdateCVE-2019-14203 An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.18-02-20261928
MSRC Security UpdateCVE-2023-48161 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c18-02-20261929
MSRC Security UpdateCVE-2023-3773 Kernel: xfrm: out-of-bounds read of xfrma_mtimer_thresh nlattr18-02-20261930
MSRC Security UpdateCVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP18-02-20261931
MSRC Security UpdateCVE-2023-45857 An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.18-02-20261932
MSRC Security UpdateCVE-2022-46457 NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c.18-02-20261933
MSRC Security UpdateCVE-2023-39326 Denial of service via chunk extensions in net/http18-02-20261934
MSRC Security UpdateCVE-2024-57256 An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.18-02-20261935
MSRC Security UpdateCVE-2024-32884 gix-transport indirect code execution via malicious username18-02-20261936
MSRC Security UpdateCVE-2025-38321 smb: Log an error when close_all_cached_dirs fails18-02-20261937
MSRC Security UpdateCVE-2023-39742 giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.18-02-20261938
MSRC Security UpdateCVE-2024-50082 blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race18-02-20261939
MSRC Security UpdateCVE-2019-16707 Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.18-02-20261940
MSRC Security UpdateCVE-2018-20505 SQLite 3.25.2 when queries are run on a table with a malformed PRIMARY KEY allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).18-02-20261941
MSRC Security UpdateCVE-2022-28506 There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.18-02-20261942
MSRC Security UpdateCVE-2019-14193 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.18-02-20261943
MSRC Security UpdateCVE-2022-24999 qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable).18-02-20261944
MSRC Security UpdateCVE-2024-50083 tcp: fix mptcp DSS corruption due to large pmtu xmit18-02-20261945
MSRC Security UpdateCVE-2025-38348 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()18-02-20261946
MSRC Security UpdateCVE-2023-24539 Improper sanitization of CSS values in html/template18-02-20261947
MSRC Security UpdateCVE-2020-10941 Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.18-02-20261948
MSRC Security UpdateCVE-2024-56635 net: avoid potential UAF in default_operstate()18-02-20261949
MSRC Security UpdateCVE-2025-38333 f2fs: fix to bail out in get_new_segment()18-02-20261950
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter