Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 1976-2000 di 3902 risultati
Pagina 80 di 157

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-7339 on-headers vulnerable to http response header manipulation18-02-20261976
MSRC Security UpdateCVE-2025-38103 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()18-02-20261977
MSRC Security UpdateCVE-2024-49969 drm/amd/display: Fix index out of bounds in DCN30 color transformation18-02-20261978
MSRC Security UpdateCVE-2023-51714 An issue was discovered in the HTTP2 implementation in Qt before 5.15.17 6.x before 6.2.11 6.3.x through 6.5.x before 6.5.4 and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.18-02-20261979
MSRC Security UpdateCVE-2024-56596 jfs: fix array-index-out-of-bounds in jfs_readdir18-02-20261980
MSRC Security UpdateCVE-2024-47739 padata: use integer wrap around to prevent deadlock on seq_nr overflow18-02-20261981
MSRC Security UpdateCVE-2025-21941 drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params18-02-20261982
MSRC Security UpdateCVE-2024-31852 LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production."18-02-20261983
MSRC Security UpdateCVE-2024-58083 KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()18-02-20261984
MSRC Security UpdateCVE-2025-38145 soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()18-02-20261985
MSRC Security UpdateCVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init18-02-20261986
MSRC Security UpdateCVE-2025-58754 Axios is vulnerable to DoS attack through lack of data size check18-02-20261987
MSRC Security UpdateCVE-2024-37370 In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token causing the unwrapped token to appear truncated to the application.18-02-20261988
MSRC Security UpdateCVE-2025-38039 net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled18-02-20261989
MSRC Security UpdateCVE-2023-30589 The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3 only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16 v18 and v20 18-02-20261990
MSRC Security UpdateCVE-2024-36013 Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()18-02-20261991
MSRC Security UpdateCVE-2025-68324 scsi: imm: Fix use-after-free bug caused by unfinished delayed work18-02-20261992
MSRC Security UpdateCVE-2025-38149 net: phy: clear phydev->devlink when the link is deleted18-02-20261993
MSRC Security UpdateCVE-2023-3817 Excessive time spent checking DH q parameter value18-02-20261994
MSRC Security UpdateCVE-2024-50036 net: do not delay dst_entries_add() in dst_release()18-02-20261995
MSRC Security UpdateCVE-2024-56626 ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write18-02-20261996
MSRC Security UpdateCVE-2024-50061 i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition18-02-20261997
MSRC Security UpdateCVE-2022-34169 Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets18-02-20261998
MSRC Security UpdateCVE-2025-37992 net_sched: Flush gso_skb list too during ->change()18-02-20261999
MSRC Security UpdateCVE-2023-6546 Kernel: gsm multiplexing race condition leads to privilege escalation18-02-20262000
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter