Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2901-2925 di 5367 risultati
Pagina 117 di 215

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-34871 An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).19-05-20262901
MSRC Security UpdateCVE-2026-34873 An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.19-05-20262902
MSRC Security UpdateCVE-2025-66442 In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.19-05-20262903
MSRC Security UpdateCVE-2026-42011 Gnutls: gnutls: security bypass due to incorrect name constraint handling19-05-20262904
MSRC Security UpdateCVE-2026-25835 Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG).19-05-20262905
MSRC Security UpdateCVE-2026-34876 An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtls_ccm_finish() in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by missing validation of the tag_len parameter against the size of the internal 16-byte authentication buffer. The issue affects the public multipart CCM API in Mbed TLS 3.x, where mbedtls_ccm_finish() can be invoked directly by applications. In Mbed TLS 4.x versions prior to the fix, the same missing validation exists in the internal implementation; however, the function is not exposed as part of the public API. Exploitation requires application-level invocation of the multipart CCM API.19-05-20262906
MSRC Security UpdateCVE-2026-4892 CVE-2026-489219-05-20262907
MSRC Security UpdateCVE-2026-34874 An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0.19-05-20262908
MSRC Security UpdateCVE-2026-8295 Integer overflow in simdjson19-05-20262909
MSRC Security UpdateCVE-2026-5773 wrong reuse of SMB connection19-05-20262910
MSRC Security UpdateCVE-2026-7168 cross-proxy Digest auth state leak19-05-20262911
MSRC Security UpdateCVE-2026-6253 proxy credentials leak over redirect-to proxy19-05-20262912
MSRC Security UpdateCVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison19-05-20262913
MSRC Security UpdateCVE-2026-6429 netrc credential leak with reused proxy connection19-05-20262914
MSRC Security UpdateCVE-2026-43267 wifi: rtw89: fix potential zero beacon interval in beacon tracking19-05-20262915
MSRC Security UpdateCVE-2026-43228 hfs: Replace BUG_ON with error handling for CNID count checks19-05-20262916
MSRC Security UpdateCVE-2026-4873 connection reuse ignores TLS requirement19-05-20262917
MSRC Security UpdateCVE-2026-43213 wifi: rtw89: pci: validate sequence number of TX release report19-05-20262918
MSRC Security UpdateCVE-2025-71272 most: core: fix resource leak in most_register_interface error paths19-05-20262919
MSRC Security UpdateCVE-2026-43219 net: cpsw_new: Fix potential unregister of netdev that has not been registered yet19-05-20262920
MSRC Security UpdateCVE-2026-6276 stale custom cookie host causes cookie leak19-05-20262921
MSRC Security UpdateCVE-2026-43185 ksmbd: fix signededness bug in smb_direct_prepare_negotiation()19-05-20262922
MSRC Security UpdateCVE-2026-43115 srcu: Use irq_work to start GP in tiny SRCU19-05-20262923
MSRC Security UpdateCVE-2026-43126 ALSA: mixer: oss: Add card disconnect checkpoints19-05-20262924
MSRC Security UpdateCVE-2026-43204 ASoC: qcom: q6asm: drop DSP responses for closed data streams19-05-20262925
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter