News & Sicurezza
Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.
26364 risultati
CVE ID :CVE-2026-42014 Published : June 16, 2026, 2:16 a.m. | 7 hours, 25 minutes ago Description :A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-1765 Published : June 16, 2026, 2:16 a.m. | 7 hours, 25 minutes ago Description :A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch (previously known as tracker-miners). This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denial of Service (DoS) where the application crashes. It may also potentially expose sensitive information from the system's memory. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-1766 Published : June 16, 2026, 2:16 a.m. | 7 hours, 25 minutes ago Description :A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM (Comment) tags. An attacker could exploit this by providing a malicious MP3 file, leading to a denial of service (DoS), which causes an application crash, and potentially disclosing sensitive information from the heap memory. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-1767 Published : June 16, 2026, 2:16 a.m. | 7 hours, 25 minutes ago Description :A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length calculation during the parsing of performer tags can lead to a read beyond the allocated buffer, potentially causing a Denial of Service (DoS) due to a crash or enabling information disclosure. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-1764 Published : June 16, 2026, 2:16 a.m. | 7 hours, 26 minutes ago Description :A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the `extract_performers_tags` function can lead to a heap buffer overflow. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by triggering a read of unmapped memory. In some cases, it could also lead to information disclosure by reading visible heap data. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12162 Published : June 16, 2026, 1:16 a.m. | 8 hours, 25 minutes ago Description :Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12161 Published : June 16, 2026, 1:16 a.m. | 8 hours, 25 minutes ago Description :Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alternate username and user interaction with the Elevate Shell action. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CISA adds Cisco SD-WAN and LiteSpeed cPanel to KEV June 16, 2026CVE-2026-20262 | Cisco Catalyst SD-WAN Manager — Path TraversalCVE-2026-20262 is a directory or path traversal vulnerability in Cisco Catalyst SD-WAN Manager. This class of flaw allows at ... Read more Published Date: Jun 16, 2026 (2 days, 20 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-20262 CVE-2026-54420 CVE-2026-20253 CVE-2026-20245 CVE-2026-20182 CVE-2026-20133 CVE-2026-20127 CVE-2022-20775
CVE ID :CVE-2026-9262 Published : June 16, 2026, 12:16 a.m. | 9 hours, 25 minutes ago Description :Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-9261 Published : June 16, 2026, 12:16 a.m. | 9 hours, 25 minutes ago Description :Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-9260 Published : June 16, 2026, 12:16 a.m. | 9 hours, 25 minutes ago Description :Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-9258 Published : June 16, 2026, 12:16 a.m. | 7 hours, 25 minutes ago Description :Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Pagina 372 di 2197