Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1101-1125 di 4259 risultati
Pagina 45 di 171

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2024-20967 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).18-02-20261101
MSRC Security UpdateCVE-2024-20981 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20261102
MSRC Security UpdateCVE-2024-33600 nscd: Null pointer crashes after notfound response18-02-20261103
MSRC Security UpdateCVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()18-02-20261104
MSRC Security UpdateCVE-2024-20973 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).18-02-20261105
MSRC Security UpdateCVE-2023-37203 Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.18-02-20261106
MSRC Security UpdateCVE-2023-4806 Glibc: potential use-after-free in getaddrinfo()18-02-20261107
MSRC Security UpdateCVE-2024-20961 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).18-02-20261108
MSRC Security UpdateCVE-2024-30251 Denial of service when trying to parse malformed POST requests in aiohttp18-02-20261109
MSRC Security UpdateCVE-2019-16168 In SQLite through 3.29.0 whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field aka a "severe division by zero in the query planner."18-02-20261110
MSRC Security UpdateCVE-2023-6246 Glibc: heap-based buffer overflow in __vsyslog_internal()18-02-20261111
MSRC Security UpdateCVE-2025-21996 drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()18-02-20261112
MSRC Security UpdateCVE-2024-20971 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20261113
MSRC Security UpdateCVE-2023-5156 Glibc: dos due to memory leak in getaddrinfo.c18-02-20261114
MSRC Security UpdateCVE-2024-34062 tqdm CLI arguments injection attack18-02-20261115
MSRC Security UpdateCVE-2024-20977 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).18-02-20261116
MSRC Security UpdateCVE-2025-21969 Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd18-02-20261117
MSRC Security UpdateCVE-2023-4911 Glibc: buffer overflow in ld.so leading to privilege escalation18-02-20261118
MSRC Security UpdateCVE-2018-19416 An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf.18-02-20261119
MSRC Security UpdateCVE-2022-48619 An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap.18-02-20261120
MSRC Security UpdateCVE-2025-31344 The giflib open-source component has a buffer overflow vulnerability18-02-20261121
MSRC Security UpdateCVE-2023-4527 Glibc: stack read overflow in getaddrinfo in no-aaaa mode18-02-20261122
MSRC Security UpdateCVE-2022-42915 curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL it sets up the connection to the remote server by issuing a CONNECT request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict gopher gophers ldap ldaps rtmp rtmps or telnet. The earliest affected version is 7.77.0.18-02-20261123
MSRC Security UpdateCVE-2022-2585 It was discovered that when exec'ing from a non-leader thread armed POSIX CPU timers would be left on a list but freed leading to a use-after-free.18-02-20261124
MSRC Security UpdateCVE-2010-4756 The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.18-02-20261125
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter