Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1076-1100 di 4259 risultati
Pagina 44 di 171

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2022-1941 Out of Memory issue in ProtocolBuffers for cpp and python18-02-20261076
MSRC Security UpdateCVE-2023-32731 Information leak in gRPC18-02-20261077
MSRC Security UpdateCVE-2023-4785 Denial of Service in gRPC Core 18-02-20261078
MSRC Security UpdateCVE-2023-33953 Denial-of-Service in gRPC18-02-20261079
MSRC Security UpdateCVE-2023-32732 Denial-of-Service in gRPC18-02-20261080
MSRC Security UpdateCVE-2023-6915 Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c18-02-20261081
MSRC Security UpdateCVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family)18-02-20261082
MSRC Security UpdateCVE-2023-46219 When saving HSTS data to an excessively long file name curl could end up removing all contents making subsequent requests using that file unaware of the HSTS status they should otherwise use. 18-02-20261083
MSRC Security UpdateCVE-2020-18032 Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.18-02-20261084
MSRC Security UpdateCVE-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec18-02-20261085
MSRC Security UpdateCVE-2020-21528 A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.18-02-20261086
MSRC Security UpdateCVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows18-02-20261087
MSRC Security UpdateCVE-2023-29403 Unsafe behavior in setuid/setgid binaries in runtime18-02-20261088
MSRC Security UpdateCVE-2018-1129 A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable.18-02-20261089
MSRC Security UpdateCVE-2021-38191 An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread.18-02-20261090
MSRC Security UpdateCVE-2023-3600 During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.18-02-20261091
MSRC Security UpdateCVE-2020-15586 Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers as demonstrated by the httputil.ReverseProxy Handler because it reads a request body and writes a response at the same time.18-02-20261092
MSRC Security UpdateCVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go18-02-20261093
MSRC Security UpdateCVE-2024-20963 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).18-02-20261094
MSRC Security UpdateCVE-2024-20965 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20261095
MSRC Security UpdateCVE-2024-20969 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).18-02-20261096
MSRC Security UpdateCVE-2019-11358 jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype.18-02-20261097
MSRC Security UpdateCVE-2024-20985 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).18-02-20261098
MSRC Security UpdateCVE-2023-49292 Possible private key restoration in go package github.com/ecies/go18-02-20261099
MSRC Security UpdateCVE-2024-33601 nscd: netgroup cache may terminate daemon on memory allocation failure18-02-20261100
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter