Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1-25 di 4563 risultati
Pagina 1 di 183

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-7774 tarfile.data_filter path traversal bypass allows writing outside the extraction directory09-06-20261
MSRC Security UpdateCVE-2026-8643 pip can extract console_scripts and gui_scripts outside installation directory09-06-20262
MSRC Security UpdateCVE-2026-43958 Rrdtool: rrdtool: stack buffer overflow allows local code execution or denial of service09-06-20263
MSRC Security UpdateCVE-2026-10722 cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow09-06-20264
MSRC Security UpdateCVE-2026-37460 Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.09-06-20265
MSRC Security UpdateCVE-2026-50219 libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,09-06-20266
MSRC Security UpdateCVE-2026-27145 Inefficient candidate hostname parsing in crypto/x50909-06-20267
MSRC Security UpdateCVE-2026-50292 In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution09-06-20268
MSRC Security UpdateCVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto09-06-20269
MSRC Security UpdateCVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime09-06-202610
MSRC Security UpdateCVE-2026-46272 coresight: tmc-etr: Fix race condition between sysfs and perf mode09-06-202611
MSRC Security UpdateCVE-2026-46250 MIPS: Work around LLVM bug when gp is used as global register variable09-06-202612
MSRC Security UpdateCVE-2026-50031 ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.09-06-202613
MSRC Security UpdateCVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward09-06-202614
MSRC Security UpdateCVE-2026-42250 Off-by-One Leading to Out-of-Bounds Write in bzip209-06-202615
MSRC Security UpdateCVE-2025-15649 IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date09-06-202616
MSRC Security UpdateCVE-2026-48962 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob09-06-202617
MSRC Security UpdateCVE-2026-42790 nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification09-06-202618
MSRC Security UpdateCVE-2026-42789 Non-CA certificate accepted as intermediate issuer in public_key path validation09-06-202619
MSRC Security UpdateCVE-2026-40510 OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c09-06-202620
MSRC Security UpdateCVE-2026-40528 OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c09-06-202621
MSRC Security UpdateCVE-2026-42496 Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory09-06-202622
MSRC Security UpdateCVE-2026-42502 Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html09-06-202623
MSRC Security UpdateCVE-2026-39833 Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent09-06-202624
MSRC Security UpdateCVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent09-06-202625
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter