ROS-20260605-73-0050

The vulnerability of the Canvas2D component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient testing for unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

Advisory ROSA-SA-2026-3300

CVE-ID: CVE-2025-11731 BDU-ID: 2026-02739 CVE-Crit: LOW CVE-DESCRIPTION: The vulnerability in the exsltFuncResultComp function of the functions.c component in the Libxslt XML analysis library is related to data type conversion errors. Exploitation of this vulnerability may allow an attacker to...

ROS-20260529-73-0017

The vulnerability of the software for interacting with servers via CURL is related to the execution of operations within the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption control within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, can be exploited due to improper handling of argument separators in commands. This allows attackers to trigger service failures.

The vulnerability of the device management platform for heating, ventilation, and air conditioning systems, lighting, and energy consumption control within the Niagara Framework, along with the access control and security measures, is related to improper elimination of argument separators in the...

The vulnerability of the Kerberos protocol for Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Kerberos protocol for Windows operating systems lies in the fact that the operation occurs outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

The vulnerability of the fastapi-guard tool for analyzing network traffic, network detection, and response lies in its use of a regular expression with inefficient computational complexity, allowing attackers to trigger service failures.

The vulnerability of the fastapi-guard tool for analyzing network traffic, detecting network issues, and responding to them is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker operating remotely to cause...

The vulnerability of the PDF Preview module in the HarmonyOS operating system, which allows a hacker to trigger a service failure

The vulnerability of the PDF Preview module in the HarmonyOS operating system is related to pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the Apache Commons FileUpload library, related to unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the Apache Commons FileUpload library is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Local Security Authority Subsystem Service (LSASS) in Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Local Security Authority Subsystem Service LSASS in Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the `make_aggr_tables_info` and `optimize_stage2` functions of the MariaDB database management system allows a hacker to cause service failures.

The vulnerability of the makeaggrtablesinfo and optimizestage2 functions in the MariaDB database management system is related to improper behavior. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the SSH server in the Golang programming language, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the SSH server in the Golang programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the server of the Zabbix universal monitoring system allows a intruder to trigger a service failure.

The vulnerability of the Zabbix universal monitoring system is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

The vulnerability of the SIP processing subsystem of the Cisco BroadWorks platform allows a attacker to trigger a service failure.

The vulnerability of the SIP processing subsystem in Cisco BroadWorks collaboration platforms is related to uncontrolled memory consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the ASP.NET Core software platform and the Microsoft Visual Studio development environment, related to unlimited resource distribution, allows attackers to trigger service failures.

The vulnerability of the ASP.NET Core software platform and the Microsoft Visual Studio development environment is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Juniper Networks Junos OS Evolved operating system’s extraction service allows a hacker to trigger a service failure.

The vulnerability of Juniper Networks Junos OS Evolved operating system-based filtering services is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow a malicious actor to trigger service failures remotely...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to remotely cause service failures by uploading a specially created malware file...

The vulnerability of the microprogramming software on Intel Server Board M50FCP and Intel Server Board D50DNP, related to an error in handling exceptional states, allows a perpetrator to trigger a service failure.

The vulnerability of the microprogramming software on Intel Server Board M50FCP and Intel Server Board D50DNP is related to an error in handling exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the PCX Image development platform’s SDP code base allows attackers to trigger a service failure.

The vulnerability of the PCX Image development platform’s SDP code base is related to the manipulation of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the MongoDB database management system, related to improper validation of consistency in input data, allows a attacker to cause service failures.

The vulnerability of the MongoDB database management system is related to improper validation of consistency in input data during index processing with the PrepareUnique parameter. Exploiting this vulnerability allows an attacker to cause service failures remotely...

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework, which allows a hacker to trigger a service failure.

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...