Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1151-1175 di 4259 risultati
Pagina 47 di 171

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2019-18222 The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.18-02-20261151
MSRC Security UpdateCVE-2025-38307 ASoC: Intel: avs: Verify content returned by parse_int_array()18-02-20261152
MSRC Security UpdateCVE-2023-42365 A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.18-02-20261153
MSRC Security UpdateCVE-2022-4968 netplan leaks the private key of wireguard to local users.18-02-20261154
MSRC Security UpdateCVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common.18-02-20261155
MSRC Security UpdateCVE-2025-38274 fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()18-02-20261156
MSRC Security UpdateCVE-2022-33967 squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.18-02-20261157
MSRC Security UpdateCVE-2023-42364 A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.18-02-20261158
MSRC Security UpdateCVE-2022-45410 When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.18-02-20261159
MSRC Security UpdateCVE-2025-38300 crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()18-02-20261160
MSRC Security UpdateCVE-2025-27810 Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.18-02-20261161
MSRC Security UpdateCVE-2025-21672 afs: Fix merge preference rule failure condition18-02-20261162
MSRC Security UpdateCVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).18-02-20261163
MSRC Security UpdateCVE-2022-27536 Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.18-02-20261164
MSRC Security UpdateCVE-2024-50613 libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.18-02-20261165
MSRC Security UpdateCVE-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution18-02-20261166
MSRC Security UpdateCVE-2023-42366 A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.18-02-20261167
MSRC Security UpdateCVE-2023-45288 HTTP/2 CONTINUATION flood in net/http18-02-20261168
MSRC Security UpdateCVE-2019-14197 An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.18-02-20261169
MSRC Security UpdateCVE-2025-38261 riscv: save the SR_SUM status over switches18-02-20261170
MSRC Security UpdateCVE-2025-21666 vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]18-02-20261171
MSRC Security UpdateCVE-2024-50614 TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.18-02-20261172
MSRC Security UpdateCVE-2024-3447 Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()18-02-20261173
MSRC Security UpdateCVE-2023-24540 Improper handling of JavaScript whitespace in html/template18-02-20261174
MSRC Security UpdateCVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user()18-02-20261175
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter