Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1751-1775 di 3902 risultati
Pagina 71 di 157

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-38735 gve: prevent ethtool ops after shutdown18-02-20261751
MSRC Security UpdateCVE-2025-21490 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20261752
MSRC Security UpdateCVE-2024-35870 smb: client: fix UAF in smb2_reconnect_server()18-02-20261753
MSRC Security UpdateCVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http18-02-20261754
MSRC Security UpdateCVE-2025-38204 jfs: fix array-index-out-of-bounds read in add_missing_indices18-02-20261755
MSRC Security UpdateCVE-2025-49794 Libxml: heap use after free (uaf) leads to denial of service (dos)18-02-20261756
MSRC Security UpdateCVE-2022-48893 drm/i915/gt: Cleanup partial engine discovery failures18-02-20261757
MSRC Security UpdateCVE-2019-16276 Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.18-02-20261758
MSRC Security UpdateCVE-2024-57887 drm: adv7511: Fix use-after-free in adv7533_attach_dsi()18-02-20261759
MSRC Security UpdateCVE-2022-35409 An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.18-02-20261760
MSRC Security UpdateCVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.18-02-20261761
MSRC Security UpdateCVE-2025-38351 KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush18-02-20261762
MSRC Security UpdateCVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.18-02-20261763
MSRC Security UpdateCVE-2025-37819 irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()18-02-20261764
MSRC Security UpdateCVE-2025-32050 Libsoup: integer overflow in append_param_quoted18-02-20261765
MSRC Security UpdateCVE-2024-42277 iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en18-02-20261766
MSRC Security UpdateCVE-2025-68371 scsi: smartpqi: Fix device resources accessed after device removal18-02-20261767
MSRC Security UpdateCVE-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes18-02-20261768
MSRC Security UpdateCVE-2023-49295 quic-go's path validation mechanism can cause denial of service18-02-20261769
MSRC Security UpdateCVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation18-02-20261770
MSRC Security UpdateCVE-2025-40913 Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow18-02-20261771
MSRC Security UpdateCVE-2025-49796 Libxml: type confusion leads to denial of service (dos)18-02-20261772
MSRC Security UpdateCVE-2019-16910 Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)18-02-20261773
MSRC Security UpdateCVE-2024-50038 netfilter: xtables: avoid NFPROTO_UNSPEC where needed18-02-20261774
MSRC Security UpdateCVE-2025-37963 arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users18-02-20261775
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter