Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2151-2175 di 5359 risultati
Pagina 87 di 215

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2026-41080 libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.02-06-20262151
MSRC Security UpdateCVE-2026-42506 Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html02-06-20262152
MSRC Security UpdateCVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html02-06-20262153
MSRC Security UpdateCVE-2026-39833 Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent02-06-20262154
MSRC Security UpdateCVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html02-06-20262155
MSRC Security UpdateCVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html02-06-20262156
MSRC Security UpdateCVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh02-06-20262157
MSRC Security UpdateCVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh02-06-20262158
MSRC Security UpdateCVE-2026-39830 Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh02-06-20262159
MSRC Security UpdateCVE-2026-39829 Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh02-06-20262160
MSRC Security UpdateCVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh02-06-20262161
MSRC Security UpdateCVE-2026-39832 Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent02-06-20262162
MSRC Security UpdateCVE-2026-42508 Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts02-06-20262163
MSRC Security UpdateCVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent02-06-20262164
MSRC Security UpdateCVE-2026-42502 Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html02-06-20262165
MSRC Security UpdateCVE-2026-21717 A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the Node.js process. The most common trigger is any endpoint that calls `JSON.parse()` on attacker-controlled input, as JSON parsing automatically internalizes short strings into the affected hash table. This vulnerability affects **20.x, 22.x, 24.x, and 25.x**.02-06-20262166
MSRC Security UpdateCVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh02-06-20262167
MSRC Security UpdateCVE-2026-39821 Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna02-06-20262168
MSRC Security UpdateCVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh02-06-20262169
MSRC Security UpdateCVE-2026-46595 Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh02-06-20262170
MSRC Security UpdateCVE-2026-39831 Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh02-06-20262171
MSRC Security UpdateCVE-2026-39824 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows02-06-20262172
MSRC Security UpdateCVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading02-06-20262173
MSRC Security UpdateCVE-2026-8723 qs.stringify crashes on null/undefined entries in comma-format arrays under encodeValuesOnly02-06-20262174
MSRC Security UpdateCVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability02-06-20262175
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter