Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1951-1975 di 3902 risultati
Pagina 79 di 157

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2023-7104 SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow18-02-20261951
MSRC Security UpdateCVE-2025-38160 clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()18-02-20261952
MSRC Security UpdateCVE-2024-26836 platform/x86: think-lmi: Fix password opcode ordering for workstations18-02-20261953
MSRC Security UpdateCVE-2024-34155 Stack exhaustion in all Parse functions in go/parser18-02-20261954
MSRC Security UpdateCVE-2024-4770 When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.18-02-20261955
MSRC Security UpdateCVE-2022-4450 Double free after calling PEM_read_bio_ex18-02-20261956
MSRC Security UpdateCVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow18-02-20261957
MSRC Security UpdateCVE-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()18-02-20261958
MSRC Security UpdateCVE-2025-37874 net: ngbe: fix memory leak in ngbe_probe() error path18-02-20261959
MSRC Security UpdateCVE-2022-49636 vlan: fix memory leak in vlan_newlink()18-02-20261960
MSRC Security UpdateCVE-2022-28737 There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables18-02-20261961
MSRC Security UpdateCVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit18-02-20261962
MSRC Security UpdateCVE-2023-51764 Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address allowing bypass of an SPF protection mechanism. This occurs because Postfix supports . but some other popular e-mail servers do not. To prevent attack variants (by always disallowing without ) a different solution is required such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23 3.6.13 3.7.9 3.8.4 or 3.9.18-02-20261963
MSRC Security UpdateCVE-2024-49992 drm/stm: Avoid use-after-free issues with crtc and plane18-02-20261964
MSRC Security UpdateCVE-2025-38068 crypto: lzo - Fix compression buffer overrun18-02-20261965
MSRC Security UpdateCVE-2024-25176 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.18-02-20261966
MSRC Security UpdateCVE-2025-21867 bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()18-02-20261967
MSRC Security UpdateCVE-2025-38158 hisi_acc_vfio_pci: fix XQE dma address error18-02-20261968
MSRC Security UpdateCVE-2024-47671 USB: usbtmc: prevent kernel-usb-infoleak18-02-20261969
MSRC Security UpdateCVE-2023-50966 erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.18-02-20261970
MSRC Security UpdateCVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.18-02-20261971
MSRC Security UpdateCVE-2025-22058 udp: Fix memory accounting leak.18-02-20261972
MSRC Security UpdateCVE-2024-4068 Memory Exhaustion in braces18-02-20261973
MSRC Security UpdateCVE-2025-27363 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.18-02-20261974
MSRC Security UpdateCVE-2022-50230 arm64: set UXN on swapper page tables18-02-20261975
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter