16 matches found
ROS-20250403-10
Vulnerability in the Rack::Static class of the modular interface between web servers and Rack web applications is related to with errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected informat...
ROS-20250402-06
Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...
ROS-20250326-03
The vulnerability in the document-oriented database management system MongoDB is related to bugs in the query analysis of some complex self-referential $lookup subconvectors, leading to sending to the server literal values in expressions for encrypted fields as plaintext instead of encrypted text...
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 lies in their memory management after it is freed. This allows attackers to gain unauthorized access to protected information.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the use of memory after it is freed during the processing of AcroForms forms. Exploiting this...
The vulnerability of the Flask framework lies in its ability to send a single client’s cookie session file to other users, allowing an attacker to access protected information.
The vulnerability of the Flask framework lies in the ability to send a session cookie file from one client to other users. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to protected information...
The vulnerability of the Elastic Cloud Enterprise analytics platform, related to security configuration errors, allows a perpetrator to gain access to protected information.
The vulnerability of the Elastic Cloud Enterprise analytics platform is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the insufficient protection of registration data, allowing attackers to access the protected information.
The vulnerability of Advantech WebAccess remote monitoring software is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...
The vulnerability of the Apache Tomcat application server, related to the inconsistent interpretation of HTTP requests, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Apache Tomcat application server is related to the inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected information...
The vulnerability of the Web Server component of the Primavera Portfolio Management software allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Web Server component of the Primavera Portfolio Management software for automating production processes exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to...
The vulnerability of RDP clients on Windows operating systems allows attackers to gain unauthorized access to protected information.
The vulnerability of RDP clients on Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information through a specially created application...
Xen Project XSA-240 Mitigation Shadow Paging Conflict Vulnerability (XSA-280)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a vulnerability allowing a guest system to potentially elevate privileges, access protected information, and perform a DoS against the host. A number of caveats exist to determine if a...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
Multiple vulnerabilities exist in the libruby1.8 package of the Debian GNU/Linux operating system. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of Microsoft Lync Server software allows a malicious attacker to compromise the accessibility of protected information.
The vulnerability in Lync Server allows a malicious individual to trigger a system failure...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
The Linux-headers-2.6.26-2-sparc64 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Mac OS X operating system, which allows a perpetrator to gain access to protected information
The vulnerability of debugging interfaces in the kernel of the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker acting locally to gain access to protected information...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.4-mckinley package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...