Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2926-2950 di 4005 risultati
Pagina 118 di 161

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2024-4323 Fluent Bit Memory Corruption Vulnerability18-02-20262926
MSRC Security UpdateCVE-2022-27651 A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity.18-02-20262927
MSRC Security UpdateCVE-2021-4160 BN_mod_exp may produce incorrect results on MIPS18-02-20262928
MSRC Security UpdateCVE-2022-48303 GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump18-02-20262929
MSRC Security UpdateCVE-2025-37967 usb: typec: ucsi: displayport: Fix deadlock18-02-20262930
MSRC Security UpdateCVE-2024-57900 ila: serialize calls to nf_register_net_hooks()18-02-20262931
MSRC Security UpdateCVE-2025-68366 nbd: defer config unlock in nbd_genl_connect18-02-20262932
MSRC Security UpdateCVE-2024-26648 drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()18-02-20262933
MSRC Security UpdateCVE-2024-45296 path-to-regexp outputs backtracking regular expressions18-02-20262934
MSRC Security UpdateCVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work18-02-20262935
MSRC Security UpdateCVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var18-02-20262936
MSRC Security UpdateCVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock18-02-20262937
MSRC Security UpdateCVE-2022-46175 JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__` allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype which is the commonly understood definition of Prototype Pollution. However polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys but could include denial of service cross-site scripting elevation18-02-20262938
MSRC Security UpdateCVE-2024-29041 Express.js Open Redirect in malformed URLs18-02-20262939
MSRC Security UpdateCVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service.18-02-20262940
MSRC Security UpdateCVE-2024-39481 media: mc: Fix graph walk in media_pipeline_start18-02-20262941
MSRC Security UpdateCVE-2025-39721 crypto: qat - flush misc workqueue during device shutdown18-02-20262942
MSRC Security UpdateCVE-2025-23142 sctp: detect and prevent references to a freed transport in sendmsg18-02-20262943
MSRC Security UpdateCVE-2024-0340 Kernel: information disclosure in vhost/vhost.c:vhost_new_msg()18-02-20262944
MSRC Security UpdateCVE-2024-35854 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash18-02-20262945
MSRC Security UpdateCVE-2025-3360 Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().18-02-20262946
MSRC Security UpdateCVE-2025-21865 gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().18-02-20262947
MSRC Security UpdateCVE-2024-8096 OCSP stapling bypass with GnuTLS18-02-20262948
MSRC Security UpdateCVE-2025-68732 gpu: host1x: Fix race in syncpt alloc/free18-02-20262949
MSRC Security UpdateCVE-2025-38208 smb: client: add NULL check in automount_fullpath18-02-20262950
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter