The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App, related to errors in processing input data, allows a malicious actor to elevate their privileges to a system-level level.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in processing input data. Exploiting this vulnerability can allow attackers to elevate their privileges to a system-level level...

The vulnerability of the ftruncate() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ftruncate function in the Linux operating system’s kernel is related to errors in the processing of input data during syntax analysis of code. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Opigno Learning path CMS system’s Drupal module lies in errors during the processing of input data during syntax analysis of code. This allows attackers to execute arbitrary code.

The vulnerability of the Opigno Learning path CMS system’s Drupal component is related to errors in data processing during syntax analysis of code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Advisory ROSA-SA-2025-2572

software: squid 5.10 OS: ROSA-CHROME packageevrstring: squid-5.10-1 CVE-ID: CVE-2024-45802 BDU-ID: 2024-08860 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to input processing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cau...

The vulnerability of the Adobe Experience Manager content and media data management system is related to errors in processing input data, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Webmin CGI request handler allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the Webmin CGI request handler relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...

The vulnerability of the Squid proxy server, related to errors in processing input data, allows a hacker to cause a service failure.

The vulnerability of the Squid proxy server is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted ESI packets...

The vulnerability of Microsoft Windows operating system consoles allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft Windows operating system consoles relates to errors in processing input data. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user downloads a specially crafted MSC file...

ROS-20240521-11

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

ROS-20240521-09

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

ROS-20240521-10

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

The vulnerability of the ANSI Escape Sequence Handler component in the WinRAR file archiver allows a hacker to trigger a service failure or replace the display on the screen.

The vulnerability of the ANSI Escape Sequence Handler component in the WinRAR file archiver is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to remotely cause service failures or replace the display on the screen...

The vulnerability in the implementation of the NFS network file system server for FreeBSD and OpenBSD allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the NFS network file system server implementation for FreeBSD and OpenBSD is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...

The vulnerability of Zoom’s video conferencing software, related to errors in processing input data, allows attackers to exploit their privileges.

The vulnerability of Zoom video conferencing software is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

PT-2024-1715 · Microsoft · Message Queuing +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queuing MSMQ affected versions not specified Description: The issue is related to errors in processing input data in the Windows operating system's message queuing component. This can allow an attacker to execute arbitrary...

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages, related to errors in processing input data, allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft Office and Microsoft 365 Apps for Enterprise packages is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code by having the user open a specially crafted malicious file...

The vulnerability of the Pragmatic General Multicast protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Pragmatic General Multicast protocol implementation in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the nginx.ingress.kubernetes.io/configuration-snippet component in the Kubernetes ingress-nginx cluster allows a attacker to execute arbitrary code or escalate their privileges.

The vulnerability of the nginx.ingress.kubernetes.io/configuration-snippet component, which handles incoming traffic in the Kubernetes ingress-nginx cluster, is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or increase...

The vulnerability of the Core server component of Oracle WebLogic Server allows a hacker to execute arbitrary code.

The vulnerability of the Core server component of Oracle WebLogic Server is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by injecting specially crafted messages via T3 and IIOP protocols...

The vulnerability of the Windows Message Queuing system allows a hacker to execute arbitrary code.

The vulnerability of Windows’ Message Queuing system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...