Ransomfeed ransomfeed

Alerts & Advisory dai CERTs

Gli ultimi avvisi di sicurezza dai Computer Emergency Response Teams governativi e non-governativi rilevanti del mondo cybersec

Mostrando 2376-2400 di 3834 risultati
Pagina 96 di 154

Avvisi di Sicurezza

CERT Alert Data #
MSRC Security UpdateCVE-2025-50096 Vulnerability in the MySQL Server product of Oracle MySQL18-02-20262376
MSRC Security UpdateCVE-2024-39474 mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL18-02-20262377
MSRC Security UpdateCVE-2025-38146 net: openvswitch: Fix the dead loop of MPLS parse18-02-20262378
MSRC Security UpdateCVE-2010-4226 cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.18-02-20262379
MSRC Security UpdateCVE-2025-21736 nilfs2: fix possible int overflows in nilfs_fiemap()18-02-20262380
MSRC Security UpdateCVE-2024-43891 tracing: Have format file honor EVENT_FILE_FL_FREED18-02-20262381
MSRC Security UpdateCVE-2025-38126 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping18-02-20262382
MSRC Security UpdateCVE-2024-0684 Coreutils: heap overflow in split --line-bytes with very long lines18-02-20262383
MSRC Security UpdateCVE-2024-47705 block: fix potential invalid pointer dereference in blk_add_partition18-02-20262384
MSRC Security UpdateCVE-2025-53023 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).18-02-20262385
MSRC Security UpdateCVE-2025-27219 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.18-02-20262386
MSRC Security UpdateCVE-2024-43897 net: drop bad gso csum_start and offset in virtio_net_hdr18-02-20262387
MSRC Security UpdateCVE-2023-44488 VP9 in libvpx before 1.13.1 mishandles widths leading to a crash related to encoding.18-02-20262388
MSRC Security UpdateCVE-2012-2677 Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool18-02-20262389
MSRC Security UpdateCVE-2016-2781 chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer.18-02-20262390
MSRC Security UpdateCVE-2025-38092 ksmbd: use list_first_entry_or_null for opinfo_get_list()18-02-20262391
MSRC Security UpdateCVE-2024-55553 In FRRouting (FRR) all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size18-02-20262392
MSRC Security UpdateCVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()18-02-20262393
MSRC Security UpdateCVE-2024-22017 setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users using version greater or equal than Node.js 18.18.0 Node.js 20.4.0 and Node.js 21.18-02-20262394
MSRC Security UpdateCVE-2024-45506 HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024.18-02-20262395
MSRC Security UpdateCVE-2025-50102 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).18-02-20262396
MSRC Security UpdateCVE-2024-39472 xfs: fix log recovery buffer allocation for the legacy h_size fixup18-02-20262397
MSRC Security UpdateCVE-2023-46218 This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk` even though `co.uk` is listed as a PSL domain. 18-02-20262398
MSRC Security UpdateCVE-2025-21749 net: rose: lock the socket in rose_bind()18-02-20262399
MSRC Security UpdateCVE-2025-38091 drm/amd/display: check stream id dml21 wrapper to get plane_id18-02-20262400
Nessun risultato trovato

Prova a modificare i termini di ricerca

Le Fonti

Questa selezione di advisories è una lista ordinata per data di tutte le pubblicazioni dalle seguenti fonti:

US-CERT CISA
Twitter
NCSC
Twitter
Center of Internet Security
Twitter
FR-CERT Alertes
Twitter
FR-CERT Avis
Twitter
EU-ENISA Publications
Twitter
Google TAG
Microsoft Security
SANS
Twitter
Unit42
Twitter
MSRC Security Update
Twitter
CERT-Bund DE
Twitter
CSIRT IT
Twitter
Consiglio Federale CH
Twitter