Gemeente Cyber Dreigingsradar
Kritiek

Dreigingen

Doorzoek en filter alle geregistreerde cyberdreigingen voor gemeenten.

223 dreigingen gevonden · pagina 13 van 19

LaagDDoS

CVE-2026-42256 net-imap: Denial of service via high iteration count for `SCRAM-*` authentication

Information published.

CVE-2026-42256

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2026-3219 pip doesn't reject concatenated ZIP and tar archives

Information published.

CVE-2026-3219

Microsoft Security Response CentergisterenDetails
LaagDDoS

CVE-2026-37458 Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE message.

Information published.

CVE-2026-37458

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2026-28808 ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)

Information published.

CVE-2026-28808

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2026-41080 libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.

Information published.

CVE-2026-41080

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC

Information published.

CVE-2026-43310

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2025-1176 GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow

Information published.

CVE-2025-1176

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2025-1178 GNU Binutils ld libbfd.c bfd_putl64 memory corruption

Information published.

CVE-2025-1178

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

CVE-2025-0665 eventfd double close

Information published.

CVE-2025-0665

Microsoft Security Response CentergisterenDetails
LaagKwetsbaarheid

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2 million installations. The Open

The Hacker NewsgisterenDetails
LaagLeveranciersincident

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. "Every existing tag in the repository has been moved to point to an imposter commit that does not appear in the action's normal commit history,

The Hacker NewsgisterenDetails
LaagLeveranciersincident

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. "The attack affects packages tied to the npm maintainer account atool, including echarts-for-react, a widely used React wrapper for Apache ECharts with roughly 1.1 million weekly

The Hacker NewsgisterenDetails