Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1676-1700 di 3902 risultati
Pagina 68 di 157

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-68366 nbd: defer config unlock in nbd_genl_connect18-02-20261676
MSRC Security UpdateCVE-2024-57900 ila: serialize calls to nf_register_net_hooks()18-02-20261677
MSRC Security UpdateCVE-2024-26648 drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()18-02-20261678
MSRC Security UpdateCVE-2024-45296 path-to-regexp outputs backtracking regular expressions18-02-20261679
MSRC Security UpdateCVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work18-02-20261680
MSRC Security UpdateCVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var18-02-20261681
MSRC Security UpdateCVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock18-02-20261682
MSRC Security UpdateCVE-2024-29041 Express.js Open Redirect in malformed URLs18-02-20261683
MSRC Security UpdateCVE-2022-46175 JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__` allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype which is the commonly understood definition of Prototype Pollution. However polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys but could include denial of service cross-site scripting elevation18-02-20261684
MSRC Security UpdateCVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service.18-02-20261685
MSRC Security UpdateCVE-2024-39481 media: mc: Fix graph walk in media_pipeline_start18-02-20261686
MSRC Security UpdateCVE-2025-39721 crypto: qat - flush misc workqueue during device shutdown18-02-20261687
MSRC Security UpdateCVE-2025-23142 sctp: detect and prevent references to a freed transport in sendmsg18-02-20261688
MSRC Security UpdateCVE-2024-0340 Kernel: information disclosure in vhost/vhost.c:vhost_new_msg()18-02-20261689
MSRC Security UpdateCVE-2024-35854 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash18-02-20261690
MSRC Security UpdateCVE-2025-3360 Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().18-02-20261691
MSRC Security UpdateCVE-2025-21865 gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().18-02-20261692
MSRC Security UpdateCVE-2024-8096 OCSP stapling bypass with GnuTLS18-02-20261693
MSRC Security UpdateCVE-2025-68732 gpu: host1x: Fix race in syncpt alloc/free18-02-20261694
MSRC Security UpdateCVE-2025-38208 smb: client: add NULL check in automount_fullpath18-02-20261695
MSRC Security UpdateCVE-2025-40914 Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow18-02-20261696
MSRC Security UpdateCVE-2022-27649 A flaw was found in Podman where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.18-02-20261697
MSRC Security UpdateCVE-2024-6603 In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.18-02-20261698
MSRC Security UpdateCVE-2025-39711 media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls18-02-20261699
MSRC Security UpdateCVE-2025-7783 Usage of unsafe random function in form-data for choosing boundary18-02-20261700
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter