Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 3551-3575 di 3996 risultati
Pagina 143 di 160

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2024-22017 setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users using version greater or equal than Node.js 18.18.0 Node.js 20.4.0 and Node.js 21.18-02-20263551
MSRC Security UpdateCVE-2024-45506 HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024.18-02-20263552
MSRC Security UpdateCVE-2025-50102 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20263553
MSRC Security UpdateCVE-2024-39472 xfs: fix log recovery buffer allocation for the legacy h_size fixup18-02-20263554
MSRC Security UpdateCVE-2023-46218 This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk` even though `co.uk` is listed as a PSL domain. 18-02-20263555
MSRC Security UpdateCVE-2025-21749 net: rose: lock the socket in rose_bind()18-02-20263556
MSRC Security UpdateCVE-2025-38091 drm/amd/display: check stream id dml21 wrapper to get plane_id18-02-20263557
MSRC Security UpdateCVE-2025-39788 scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE18-02-20263558
MSRC Security UpdateCVE-2022-1292 The c_rehash script allows command injection18-02-20263559
MSRC Security UpdateCVE-2024-43892 memcg: protect concurrent access to mem_cgroup_idr18-02-20263560
MSRC Security UpdateCVE-2025-21614 go-git clients vulnerable to DoS via maliciously crafted Git server replies18-02-20263561
MSRC Security UpdateCVE-2024-1441 Libvirt: off-by-one error in udevlistinterfacesbystatus()18-02-20263562
MSRC Security UpdateCVE-2024-49913 drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream18-02-20263563
MSRC Security UpdateCVE-2025-6170 Libxml2: stack buffer overflow in xmllint interactive shell command handling18-02-20263564
MSRC Security UpdateCVE-2024-52560 fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr()18-02-20263565
MSRC Security UpdateCVE-2025-50099 Vulnerability in the MySQL Server product of Oracle MySQL18-02-20263566
MSRC Security UpdateCVE-2025-21735 NFC: nci: Add bounds checking in nci_hci_create_pipe()18-02-20263567
MSRC Security UpdateCVE-2024-36910 uio_hv_generic: Don't free decrypted memory18-02-20263568
MSRC Security UpdateCVE-2024-44974 mptcp: pm: avoid possible UaF when selecting endp18-02-20263569
MSRC Security UpdateCVE-2025-39745 rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels18-02-20263570
MSRC Security UpdateCVE-2025-32463 Sudo before 1.9.17p1 allows local users to obtain root access18-02-20263571
MSRC Security UpdateCVE-2022-47085 An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs.18-02-20263572
MSRC Security UpdateCVE-2023-52696 powerpc/powernv: Add a null pointer check in opal_powercap_init()18-02-20263573
MSRC Security UpdateCVE-2025-21613 go-git has an Argument Injection via the URL field18-02-20263574
MSRC Security UpdateCVE-2025-50077 Vulnerability in the MySQL Server product of Oracle MySQL18-02-20263575
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter