Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 351-375 di 4364 risultati
Pagina 15 di 175

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing03-03-2026351
MSRC Security UpdateCVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing03-03-2026352
MSRC Security UpdateCVE-2026-28420 Vim has Heap-based Buffer Overflow and OOB Read in :terminal03-03-2026353
MSRC Security UpdateCVE-2026-28421 Vim has a heap-buffer-overflow and a segmentation fault03-03-2026354
MSRC Security UpdateCVE-2026-28417 Vim has OS Command Injection in netrw03-03-2026355
MSRC Security UpdateCVE-2025-71162 dmaengine: tegra-adma: Fix use-after-free03-03-2026356
MSRC Security UpdateCVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set03-03-2026357
MSRC Security UpdateCVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency03-03-2026358
MSRC Security UpdateCVE-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation.03-03-2026359
MSRC Security UpdateCVE-2025-11563 wcurl path traversal with percent-encoded slashes03-03-2026360
MSRC Security UpdateCVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern03-03-2026361
MSRC Security UpdateCVE-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.03-03-2026362
MSRC Security UpdateCVE-2026-21620 TFTP Path Traversal03-03-2026363
MSRC Security UpdateCVE-2026-27199 Werkzeug safe_join() allows Windows special device names03-03-2026364
MSRC Security UpdateCVE-2026-23224 erofs: fix UAF issue for file-backed mounts w/ directio option03-03-2026365
MSRC Security UpdateCVE-2025-71237 nilfs2: Fix potential block overflow that cause system hang03-03-2026366
MSRC Security UpdateCVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths03-03-2026367
MSRC Security UpdateCVE-2026-23228 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()03-03-2026368
MSRC Security UpdateCVE-2025-71230 hfs: ensure sb->s_fs_info is always cleaned up03-03-2026369
MSRC Security UpdateCVE-2026-23222 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly03-03-2026370
MSRC Security UpdateCVE-2026-1979 mruby JMPNOT-to-JMPIF Optimization vm.c mrb_vm_exec use after free03-03-2026371
MSRC Security UpdateCVE-2026-23217 riscv: trace: fix snapshot deadlock with sbi ecall03-03-2026372
MSRC Security UpdateCVE-2025-15079 libssh global known_hosts override03-03-2026373
MSRC Security UpdateCVE-2025-15224 libssh key passphrase bypass without agent set03-03-2026374
MSRC Security UpdateCVE-2023-45229 Out-of-Bounds Read in EDK II Network Package03-03-2026375
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter