Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

25411 risultati

VulnerabilitàAlta
CVE-2026-12309 - Memory safety bug fixed in Firefox 152

CVE ID :CVE-2026-12309 Published : June 16, 2026, 1:16 p.m. | 25 minutes ago Description :Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
VulnerabilitàAlta
CVE-2026-12310 - Memory safety bug fixed in Firefox 152

CVE ID :CVE-2026-12310 Published : June 16, 2026, 1:16 p.m. | 25 minutes ago Description :Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
VulnerabilitàAlta
CVE-2026-12311 - Information disclosure, sandbox escape in the Security: Process Sandboxing component

CVE ID :CVE-2026-12311 Published : June 16, 2026, 1:16 p.m. | 25 minutes ago Description :Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
VulnerabilitàAlta
CVE-2026-12312 - Memory safety bug fixed in Firefox 152

CVE ID :CVE-2026-12312 Published : June 16, 2026, 1:16 p.m. | 25 minutes ago Description :Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
News
Cyberagentschap VS waarschuwt voor actief misbruikt LiteSpeed cPanel-lek

Cyberagentschap VS waarschuwt voor actief misbruikt LiteSpeed cPanel-lek Het Amerikaanse cyberagentschap CISA waarschuwt voor actief misbruik van een kwetsbaarheid in de LiteSpeed cPanel-plug-in waardoor een aanvaller zijn rechten kan verhogen naar die van root. Op 1 juni ... Read more Published Date: Jun 16, 2026 (5 days, 19 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-54420 CVE-2026-48172 CVE-2026-5442

CVEfeed Newsroom16 giu 2026
VulnerabilitàAlta
CVE-2026-12225 - syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent

CVE ID :CVE-2026-12225 Published : June 16, 2026, 11:20 a.m. | 21 minutes ago Description :syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containing specific strings such as AtlassianMobileApp or JIRA. When such a User-Agent is present, the plugin does not enforce the configured 2FA checks for protected web resources. Successful exploitation allows the attacker to access the affected Atlassian application as the compromised user without completing 2FA. If the compromised account has administrative privileges, the attacker can access administrative functionality and may disable the 2FA plugin or make arbitrary administrative changes. The issue is fixed in version 3.5.0.0. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
News
Vulnerability in jansi library

Vulnerability in jansi library Vulnerability in jansi library CVE ID CVE-2026-8484 Publication date 16 June 2026 Vendor FuseSource Product jansi Vulnerable versions All through 2.4.3 Vulnerability type (CWE) Heap-based Buffer Overf ... Read more Published Date: Jun 16, 2026 (4 days ago) Vulnerabilities has been mentioned in this article. CVE-2026-8484

CVEfeed Newsroom16 giu 2026
VulnerabilitàAlta
CVE-2026-40750 - WordPress Kids Online Store theme <= 0.8.9 - Arbitrary File Upload vulnerability

CVE ID :CVE-2026-40750 Published : June 16, 2026, 10:39 a.m. | 1 hour, 2 minutes ago Description :Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.8.9. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
VulnerabilitàAlta
CVE-2026-8484 - Heap buffer overflow in Jansi

CVE ID :CVE-2026-8484 Published : June 16, 2026, 10:32 a.m. | 1 hour, 10 minutes ago Description :A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes (DoS). All versions are believed to be vulnerable. This project is unmaintained at the time of CVE assignment. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
News
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed explo ... Read more Published Date: Jun 16, 2026 (3 days, 7 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-25089 CVE-2026-11645 CVE-2026-39813 CVE-2026-39808 CVE-2026-35616

CVEfeed Newsroom16 giu 2026
VulnerabilitàAlta
CVE-2026-10829 - Moxa NPort Stack-Based Buffer Overflow Remote Code Execution

CVE ID :CVE-2026-10829 Published : June 16, 2026, 10:18 a.m. | 1 hour, 23 minutes ago Description :A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parameter on the Basic settings page. An attacker could exploit this vulnerability by sending crafted input to the web service, resulting in memory corruption. Successful exploitation of this vulnerability could allow remote code execution on the target system with root privileges. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE16 giu 2026
VulnerabilitàAlta
CVE-2026-8442 (CVSS 8.1)

The WP Review Slider Pro plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 12.6.8. This is due to missing authorization checks on the wpfb_hide_review and wprp_save_review_admin AJAX handlers combined with insufficient path validation in the wpfb_hidereview_ajax() function, which uses strpos() to check that a stored media URL starts with the expected prefix but fails to sanitize path traversal sequences in the remaining relative path before passing it to unlink(). This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files on the affected site's server which may make remote code execution possible.

NVD (NIST)16 giu 2026

Pagina 288 di 2118

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.