Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1401-1425 di 5364 risultati
Pagina 57 di 215

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption18-06-20261401
MSRC Security UpdateCVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption18-06-20261402
MSRC Security UpdateCVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion18-06-20261403
MSRC Security UpdateCVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages18-06-20261404
MSRC Security UpdateCVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function18-06-20261405
MSRC Security UpdateCVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html18-06-20261406
MSRC Security UpdateCVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html18-06-20261407
MSRC Security UpdateCVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc18-06-20261408
MSRC Security UpdateCVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability17-06-20261409
MSRC Security UpdateCVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability17-06-20261410
MSRC Security UpdateCVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability17-06-20261411
MSRC Security UpdateCVE-2026-35433 .NET Elevation of Privilege Vulnerability17-06-20261412
Center of Internet SecurityMultiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution16-06-20261413
Center of Internet SecurityA Vulnerability in SimpleHelp Could Allow for Authentication Bypass16-06-20261414
MSRC Security UpdateCVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability16-06-20261415
MSRC Security UpdateCVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability16-06-20261416
MSRC Security UpdateCVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability16-06-20261417
MSRC Security UpdateCVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability16-06-20261418
Unit42Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE16-06-20261419
MSRC Security UpdateCVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages16-06-20261420
MSRC Security UpdateCVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext.16-06-20261421
MSRC Security UpdateChromium: CVE-2026-11700 Use after free in Tracing16-06-20261422
MSRC Security UpdateChromium: CVE-2026-11699 Use after free in Bluetooth16-06-20261423
MSRC Security UpdateChromium: CVE-2026-11698 Use after free in Bluetooth16-06-20261424
MSRC Security UpdateChromium: CVE-2026-11697 Insufficient validation of untrusted input in UI16-06-20261425
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter