Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2351-2375 di 3755 risultati
Pagina 95 di 151

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-21776 USB: hub: Ignore non-compliant devices with too many configs or interfaces18-02-20262351
MSRC Security UpdateCVE-2024-20505 ClamAV Memory Handling DoS18-02-20262352
MSRC Security UpdateCVE-2021-20197 There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar objcopy strip ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users) an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.18-02-20262353
MSRC Security UpdateCVE-2022-43551 A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.18-02-20262354
MSRC Security UpdateCVE-2025-24294 18-02-20262355
MSRC Security UpdateCVE-2024-47726 f2fs: fix to wait dio completion18-02-20262356
MSRC Security UpdateCVE-2023-51384 In ssh-agent in OpenSSH before 9.6 certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys these constraints are only applied to the first key even if a PKCS#11 token returns multiple keys.18-02-20262357
MSRC Security UpdateCVE-2025-21785 arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array18-02-20262358
MSRC Security UpdateCVE-2024-44985 ipv6: prevent possible UAF in ip6_xmit()18-02-20262359
MSRC Security UpdateCVE-2007-2768 OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-time passwords (OTP) a similar issue to CVE-2007-2243.18-02-20262360
MSRC Security UpdateCVE-2024-28180 Go JOSE vulnerable to Improper Handling of Highly Compressed Data (Data Amplification)18-02-20262361
MSRC Security UpdateCVE-2025-52496 Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.18-02-20262362
MSRC Security UpdateCVE-2024-56767 dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset18-02-20262363
MSRC Security UpdateCVE-2024-47723 jfs: fix out-of-bounds in dbNextAG() and diAlloc()18-02-20262364
MSRC Security UpdateCVE-2024-58071 team: prevent adding a device which is already a team device lower18-02-20262365
MSRC Security UpdateCVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX18-02-20262366
MSRC Security UpdateCVE-2023-4535 Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys18-02-20262367
MSRC Security UpdateCVE-2024-39936 An issue was discovered in HTTP2 in Qt before 5.15.18 6.x before 6.2.13 6.3.x through 6.5.x before 6.5.7 and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early because the encrypted() signal has not yet been emitted and processed..18-02-20262368
MSRC Security UpdateCVE-2023-23914 A cleartext transmission of sensitive information vulnerability exists in curl 18-02-20262369
MSRC Security UpdateCVE-2025-49630 Apache HTTP Server: mod_proxy_http2 denial of service18-02-20262370
MSRC Security UpdateCVE-2024-42288 scsi: qla2xxx: Fix for possible memory corruption18-02-20262371
MSRC Security UpdateCVE-2024-58069 rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read18-02-20262372
MSRC Security UpdateCVE-2023-40661 Opensc: multiple memory issues with pkcs15-init (enrollment tool)18-02-20262373
MSRC Security UpdateCVE-2024-50044 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change18-02-20262374
MSRC Security UpdateCVE-2024-44931 gpio: prevent potential speculation leaks in gpio_device_get_desc()18-02-20262375
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter