The vulnerability of the ext4_mb_find_good_group_avg_frag_lists() function in the ext4 file system of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the ext4mbfindgoodgroupavgfraglists function in the ext4 file system of the Linux operating system is related to read errors beyond the memory boundary. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy. The vulnerabilities include hard-coded cryptographic keys, improper processing of OS commands, and out-of-bounds write and read errors. Attackers can exploit these vulnerabilities to gain...

ROS-20250114-04

The incognito mode vulnerability in Mozilla Firefox, Firefox ESR browsers is due to the application not properly impose security restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions Incognito mode vulnerability in...

The vulnerability of the fbdev component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the fbdev component in the Linux operating system’s kernel is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the SCSI component in the Linux operating system is related to memory boundary errors in the scsimodesense function. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Linux operating system’s crypto kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s crypto kernel component is related to memory boundary errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the mlx5e component in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the mlx5e component in the Linux operating system is related to memory boundary errors. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

ROS-2-1374

2.1374 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-995

2.995 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

ROS-2-1675

2.1675 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

ROS-2-855

2.855 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-20230622-08

Mozilla Thunderbird email client vulnerability is related to a boundary error in FileReader::DoReadData when reading a file. Exploitation of the vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system. memory corruption and...

ROS-20230418-05

A vulnerability in the OpenSSL cryptographic library is related to a boundary error in the PEMreadbioex function. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted PEM file to an application, cause a memory re-release error, and perform a typing...

ROS-20220701-01

Vim text editor vulnerability is related to boundary conditions in textobject.c. Exploitation The vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a read error outside the boundaries, and read the memory contents. victim to open it, cau...

Adobe InDesign < 16.4.2 / 17.0 < 17.2.0 Multiple Arbitrary code execution (APSB22-23)

The version of Adobe InDesign installed on the remote Windows host is prior to 16.4.2, 17.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-23 advisory. - Adobe InDesign versions 17.1 and earlier and 16.4.1 and earlier are affected by an out-of-bounds write...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. A buffer overflow vulnerability exists in Samsung SMR, which stems from an incorrect boundary check in the Quram Agif library and can be exploited by attackers to cause arbitrary code execution...

ROS-2-708

2.708 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

ROS-20220217-01

MariaDB database management system vulnerability, related to a formatted string error in the in the implementation of the CONNECT function. Exploitation of the vulnerability could allow an attacker acting remotely, send a specially crafted SQL query containing format string specifiers and execute...

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat is a set of PDF file editing and conversion tools from Adobe. Adobe Acrobat and Reader is vulnerable to a buffer overflow vulnerability that stems from a boundary error when handling untrusted input. A remote attacker could exploit the vulnerability to create a specially crafted PDF...

GDAL 缓冲区错误漏洞

GDAL is an open source geospatial data abstraction library. A buffer error vulnerability exists in GDAL that stems from the product's PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment functions failing to correctly determine memory boundaries when calling...