Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2076-2100 di 5359 risultati
Pagina 84 di 215

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-4891 CVE-2026-489103-06-20262076
MSRC Security UpdateCVE-2026-5450 scanf %mc off-by-one heap buffer overflow03-06-20262077
MSRC Security UpdateCVE-2024-30896 InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organizations feature is operating as intended and that users may choose to add users to non-default organizations. A future release of InfluxDB 2.x will remove the ability to retrieve tokens from the API.03-06-20262078
MSRC Security UpdateCVE-2026-42304 Twisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains03-06-20262079
MSRC Security UpdateCVE-2026-5358 Static buffer overflow in deprecated nis_local_principal03-06-20262080
MSRC Security UpdateCVE-2026-7168 cross-proxy Digest auth state leak03-06-20262081
MSRC Security UpdateCVE-2026-5928 Static buffer overflow in deprecated nis_local_principal03-06-20262082
MSRC Security UpdateCVE-2019-11254 Kubernetes API Server denial of service vulnerability from malicious YAML payloads03-06-20262083
MSRC Security UpdateCVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()03-06-20262084
MSRC Security UpdateCVE-2026-6253 proxy credentials leak over redirect-to proxy03-06-20262085
MSRC Security UpdateCVE-2013-1633 easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.03-06-20262086
MSRC Security UpdateCVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure03-06-20262087
MSRC Security UpdateCVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF03-06-20262088
MSRC Security UpdateCVE-2023-1386 Qemu: 9pfs: suid/sgid bits not dropped on file write03-06-20262089
MSRC Security UpdateCVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.03-06-20262090
MSRC Security UpdateCVE-2020-8561 Webhook redirect in kube-apiserver03-06-20262091
MSRC Security UpdateCVE-2021-25740 Holes in EndpointSlice Validation Enable Host Network Hijack03-06-20262092
Unit42The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)02-06-20262093
MSRC Security UpdateCVE-2026-40361 Microsoft Outlook and Word Remote Code Execution Vulnerability02-06-20262094
Unit42Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor02-06-20262095
MSRC Security UpdateCVE-2026-44839 RabbitMQ: Unsanitized vhost names allow for XSS in management UI02-06-20262096
MSRC Security UpdateCVE-2025-15649 IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date02-06-20262097
MSRC Security UpdateCVE-2026-28387 Potential Use-after-free in DANE Client Code02-06-20262098
MSRC Security UpdateCVE-2026-25833 Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function02-06-20262099
MSRC Security UpdateCVE-2026-25834 Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.02-06-20262100
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter