ROS-20250812-02

The Liblouis translator vulnerability is due to a bounds error inside the compilePassOpcode function in the compileTranslationTable.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system Liblouis translator vulnerability is related to a boundar...

ROS-20250812-01

A vulnerability in the Guzzle HTTP client library of the PHP programming language interpreter is related to an incorrectly implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability i...

ROS-20250812-03

The MIFF component of the GraphicsMagick cross-platform graphics library is vulnerable to authorization errors. authorization errors. Exploitation of the vulnerability could allow an attacker to compromise the confidentiality, integrity, and availability of protected information. confidentiality,...

Litestar has potential log injection in exception logging

Summary Litestar does not escape url paths when logging exceptions. This makes logger vulnerable to CRLF injection if logging level is configured to debug or logexceptions is set to "always", which allows attackers to inject newlines and forge log entries. Details Litestar directly formats unquot...

BIT-LIBPHP-2025-1735 pgsql extension does not check for errors during escaping

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

BIT-LIBPYTHON-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

BIT-GOLANG-2025-47907 Incorrect results returned from Rows.Scan in database/sql

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

Race Condition Vulnerability

Library name is vulnerable to race condition. The vulnerability is due to query cancellation during the Scan method execution, which allows an attacker to interfere with parallel queries and cause unexpected results or errors...

Linux Distros Unpatched Vulnerability : CVE-2022-20008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if...

Linux Distros Unpatched Vulnerability : CVE-2025-38345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination an...

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. A security vulnerability exists in Imagination Graphics DDK, which originates from reading kernel heap data and then releasing or null pointer dereferencing resulting in a memory leak or kernel exception...

UBUNTU-CVE-2025-47907

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

CVE-2025-47907 Incorrect results returned from Rows.Scan in database/sql

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

pgsql extension does not check for errors during escaping

...

CVE-2025-54640

ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions...

Linux Distros Unpatched Vulnerability : CVE-2025-38334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary storage. SGX instructions do not...

ROS-20250806-06

Vulnerability in the libxml2 XML file parsing library is related to boundary checking errors in the shell xmllint - shell.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

Linux Distros Unpatched Vulnerability : CVE-2022-25762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat...

redis: Redis Unauthenticated Denial of Service

A flaw was found in Redis. Unauthenticated connections can trigger repeated IP protocol errors, leading to client starvation and an application-level denial of service. This flaw allows an attacker to induce this condition without authentication. This issue results in a denial of service conditio...

Linux Distros Unpatched Vulnerability : CVE-2019-14763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid. CVE-2019-14763 Note that Ness...