Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 6001-6025 di 6124 risultati
Pagina 241 di 245

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-33940 Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial15-04-20266001
MSRC Security UpdateCVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x50915-04-20266002
MSRC Security UpdateCVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation15-04-20266003
MSRC Security UpdateCVE-2026-33941 Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options15-04-20266004
MSRC Security UpdateCVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block15-04-20266005
MSRC Security UpdateCVE-2026-33891 Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input15-04-20266006
MSRC Security UpdateCVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)15-04-20266007
MSRC Security UpdateCVE-2026-33895 Forge has signature forgery in Ed25519 due to missing S > L check15-04-20266008
MSRC Security UpdateCVE-2026-33671 Picomatch has a ReDoS vulnerability via extglob quantifiers15-04-20266009
MSRC Security UpdateCVE-2025-1220 Null byte termination in hostnames15-04-20266010
MSRC Security UpdateCVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation15-04-20266011
MSRC Security UpdateCVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch6415-04-20266012
MSRC Security UpdateCVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`15-04-20266013
MSRC Security UpdateCVE-2025-30258 In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."15-04-20266014
MSRC Security UpdateCVE-2025-62718 Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF15-04-20266015
MSRC Security UpdateCVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain15-04-20266016
MSRC Security UpdateCVE-2026-34480 Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters15-04-20266017
MSRC Security UpdateCVE-2026-34479 Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters15-04-20266018
MSRC Security UpdateCVE-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout15-04-20266019
MSRC Security UpdateCVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount15-04-20266020
MSRC Security UpdateCVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF15-04-20266021
MSRC Security UpdateCVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse15-04-20266022
MSRC Security UpdateCVE-2026-5392 wolfSSL heap OOB read in PKCS7 SignedData streaming15-04-20266023
MSRC Security UpdateCVE-2026-5263 URI nameConstraints not enforced in ConfirmNameConstraints()15-04-20266024
MSRC Security UpdateCVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.315-04-20266025
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter