Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 5051-5075 di 5345 risultati
Pagina 203 di 214

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2023-27533 A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input thereby enabling attackers to execute arbitrary code on the system.18-02-20265051
MSRC Security UpdateCVE-2025-21780 drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()18-02-20265052
MSRC Security UpdateCVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic18-02-20265053
MSRC Security UpdateCVE-2025-21751 net/mlx5: HWS, change error flow on matcher disconnect18-02-20265054
MSRC Security UpdateCVE-2025-9566 Podman: podman kube play command may overwrite host files18-02-20265055
MSRC Security UpdateCVE-2024-56746 fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()18-02-20265056
MSRC Security UpdateCVE-2024-6119 Possible denial of service in X.509 name checks18-02-20265057
MSRC Security UpdateCVE-2024-50058 serial: protect uart_port_dtr_rts() in uart_shutdown() too18-02-20265058
MSRC Security UpdateCVE-2020-28362 Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.18-02-20265059
MSRC Security UpdateCVE-2024-58002 media: uvcvideo: Remove dangling pointers18-02-20265060
MSRC Security UpdateCVE-2024-24791 Denial of service due to improper 100-continue handling in net/http18-02-20265061
MSRC Security UpdateCVE-2025-1735 pgsql extension does not check for errors during escaping18-02-20265062
MSRC Security UpdateCVE-2025-57052 cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.18-02-20265063
MSRC Security UpdateCVE-2025-21761 openvswitch: use RCU protection in ovs_vport_cmd_fill_info()18-02-20265064
MSRC Security UpdateCVE-2024-2313 If kernel headers need to be extracted bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.18-02-20265065
MSRC Security UpdateCVE-2023-27534 A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.18-02-20265066
MSRC Security UpdateCVE-2025-5455 Possible denial of service when passing malformed data in a URL to qDecodeDataUrl18-02-20265067
MSRC Security UpdateCVE-2025-21794 HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()18-02-20265068
MSRC Security UpdateCVE-2025-6491 NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix18-02-20265069
MSRC Security UpdateCVE-2024-53150 ALSA: usb-audio: Fix out of bounds reads when finding clock sources18-02-20265070
MSRC Security UpdateCVE-2024-50059 ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition18-02-20265071
MSRC Security UpdateCVE-2023-52435 net: prevent mss overflow in skb_segment()18-02-20265072
MSRC Security UpdateCVE-2025-21722 nilfs2: do not force clear folio if buffer is referenced18-02-20265073
MSRC Security UpdateCVE-2019-10638 In the Linux kernel before 5.1.7 a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g. UDP and ICMP). When such traffic is sent to multiple destination IP addresses it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.18-02-20265074
MSRC Security UpdateCVE-2024-44946 kcm: Serialise kcm_sendmsg() for the same socket.18-02-20265075
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter