Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 651-675 di 4351 risultati
Pagina 27 di 175

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.21-02-2026651
MSRC Security UpdateCVE-2025-68823 ublk: fix deadlock when reading partition table21-02-2026652
MSRC Security UpdateCVE-2022-32206 curl < 7.84.0 supports "chained" HTTP compression algorithms meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb" makingcurl end up spending enormous amounts of allocated heap memory or trying toand returning out of memory errors.21-02-2026653
MSRC Security UpdateCVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily.21-02-2026654
MSRC Security UpdateCVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation21-02-2026655
MSRC Security UpdateCVE-2026-21860 Werkzeug safe_join() allows Windows special device names with compound extensions21-02-2026656
MSRC Security UpdateCVE-2025-40289 drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM21-02-2026657
MSRC Security UpdateCVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.21-02-2026658
MSRC Security UpdateCVE-2025-21839 KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop21-02-2026659
MSRC Security UpdateCVE-2025-15444 Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium21-02-2026660
MSRC Security UpdateCVE-2025-48637 In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.21-02-2026661
MSRC Security UpdateCVE-2023-46847 Squid: denial of service in http digest authentication21-02-2026662
MSRC Security UpdateCVE-2025-2953 PyTorch torch.mkldnn_max_pool2d denial of service21-02-2026663
MSRC Security UpdateCVE-2023-5824 Squid: dos against http and https21-02-2026664
MSRC Security UpdateCVE-2025-14819 OpenSSL partial chain store policy bypass21-02-2026665
MSRC Security UpdateCVE-2025-12084 Quadratic complexity in node ID cache clearing21-02-2026666
MSRC Security UpdateCVE-2025-15079 libssh global known_hosts override21-02-2026667
MSRC Security UpdateCVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x50921-02-2026668
MSRC Security UpdateCVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).21-02-2026669
MSRC Security UpdateCVE-2024-58089 btrfs: fix double accounting race when btrfs_run_delalloc_range() failed21-02-2026670
MSRC Security UpdateCVE-2025-14524 bearer token leak on cross-protocol redirect21-02-2026671
MSRC Security UpdateCVE-2021-24119 In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.21-02-2026672
MSRC Security UpdateCVE-2025-15224 libssh key passphrase bypass without agent set21-02-2026673
MSRC Security UpdateCVE-2025-14017 broken TLS options for threaded LDAPS21-02-2026674
MSRC Security UpdateCVE-2023-52969 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.21-02-2026675
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter