Ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2876-2900 di 5367 risultati

Pagina 116 di 215

Avvisi di Sicurezza

CERT	Alert	Data	#
MSRC Security Update	CVE-2026-46483 Vim: Command injection in tar#Vimuntar via missing shellescape {special} flag	20-05-2026	2876
MSRC Security Update	CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command	20-05-2026	2877
MSRC Security Update	CVE-2026-43491 net: qrtr: ns: Limit the maximum server registration per node	20-05-2026	2878
MSRC Security Update	CVE-2026-43493 crypto: pcrypt - Fix handling of MAY_BACKLOG requests	20-05-2026	2879
MSRC Security Update	CVE-2026-43492 lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()	20-05-2026	2880
Center of Internet Security	Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution	20-05-2026	2881
MSRC Security Update	CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability	19-05-2026	2882
MSRC Security Update	CVE-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address	19-05-2026	2883
MSRC Security Update	CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"	19-05-2026	2884
MSRC Security Update	CVE-2026-43443 ASoC: amd: acp-mach-common: Add missing error check for clock acquisition	19-05-2026	2885
MSRC Security Update	CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding	19-05-2026	2886
MSRC Security Update	CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue	19-05-2026	2887
MSRC Security Update	CVE-2026-31717 ksmbd: validate owner of durable handle on reconnect	19-05-2026	2888
MSRC Security Update	CVE-2026-41673 xmldom: Denial of service via uncontrolled recursion in XML serialization	19-05-2026	2889
MSRC Security Update	CVE-2026-41675 xmldom: XML node injection through unvalidated processing instruction serialization	19-05-2026	2890
MSRC Security Update	CVE-2026-41674 xmldom: XML injection through unvalidated DocumentType serialization	19-05-2026	2891
MSRC Security Update	CVE-2026-41672 xmldom: XML node injection through unvalidated comment serialization	19-05-2026	2892
MSRC Security Update	CVE-2026-43869 Apache Thrift: TSSLTransportFactory.java hostname verification	19-05-2026	2893
MSRC Security Update	CVE-2026-43870 Apache Thrift: Node.js web_server.js multi-vulnerability	19-05-2026	2894
MSRC Security Update	CVE-2026-43868 Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern	19-05-2026	2895
MSRC Security Update	CVE-2026-41082 In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.	19-05-2026	2896
MSRC Security Update	CVE-2026-25833 Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function	19-05-2026	2897
MSRC Security Update	CVE-2026-25834 Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.	19-05-2026	2898
MSRC Security Update	CVE-2026-34872 An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle).	19-05-2026	2899
MSRC Security Update	CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection	19-05-2026	2900