Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 3001-3025 di 4005 risultati
Pagina 121 di 161

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2023-31486 HTTP::Tiny before 0.083 a Perl core module since 5.13.9 and available standalone on CPAN has an insecure default TLS configuration where users must opt in to verify certificates.18-02-20263001
MSRC Security UpdateCVE-2025-38352 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()18-02-20263002
MSRC Security UpdateCVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.18-02-20263003
MSRC Security UpdateCVE-2025-37930 drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()18-02-20263004
MSRC Security UpdateCVE-2025-68349 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid18-02-20263005
MSRC Security UpdateCVE-2025-38735 gve: prevent ethtool ops after shutdown18-02-20263006
MSRC Security UpdateCVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http18-02-20263007
MSRC Security UpdateCVE-2025-21490 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20263008
MSRC Security UpdateCVE-2024-35870 smb: client: fix UAF in smb2_reconnect_server()18-02-20263009
MSRC Security UpdateCVE-2025-38204 jfs: fix array-index-out-of-bounds read in add_missing_indices18-02-20263010
MSRC Security UpdateCVE-2025-49794 Libxml: heap use after free (uaf) leads to denial of service (dos)18-02-20263011
MSRC Security UpdateCVE-2022-48893 drm/i915/gt: Cleanup partial engine discovery failures18-02-20263012
MSRC Security UpdateCVE-2019-16276 Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.18-02-20263013
MSRC Security UpdateCVE-2024-57887 drm: adv7511: Fix use-after-free in adv7533_attach_dsi()18-02-20263014
MSRC Security UpdateCVE-2022-35409 An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.18-02-20263015
MSRC Security UpdateCVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.18-02-20263016
MSRC Security UpdateCVE-2025-38351 KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush18-02-20263017
MSRC Security UpdateCVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.18-02-20263018
MSRC Security UpdateCVE-2025-37819 irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()18-02-20263019
MSRC Security UpdateCVE-2025-32050 Libsoup: integer overflow in append_param_quoted18-02-20263020
MSRC Security UpdateCVE-2024-42277 iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en18-02-20263021
MSRC Security UpdateCVE-2025-68371 scsi: smartpqi: Fix device resources accessed after device removal18-02-20263022
MSRC Security UpdateCVE-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes18-02-20263023
MSRC Security UpdateCVE-2023-49295 quic-go's path validation mechanism can cause denial of service18-02-20263024
MSRC Security UpdateCVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation18-02-20263025
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter