1839 matches found
ROS-20260324-73-0010
A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260324-73-0015
A vulnerability in the ipv6 component of the Linux operating system kernel is associated with the execution of a loop with an inaccessible exit condition. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260320-73-0013
A vulnerability in the Golang programming language is related to errors in the certificate authentication procedure. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260317-73-0030
A vulnerability in the net/xfrm component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...
ROS-20260313-73-0016
A vulnerability in the dell-wmi-sysman component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...
EUVD-2026-10572
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
CVE-2026-27685
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
CVE-2026-24309 Missing Authorization check in SAP NetWeaver Application Server for ABAP
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...
The vulnerability of the i40e_validate_cloud_filter() function in the drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c file of the Intel Ethernet network adapter driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the i40evalidatecloudfilter function in the drivers/net/ethernet/intel/i40e/i40evirtchnlpf.c file of the Intel Ethernet network adapter driver for the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacke...
EUVD-2025-208431
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...
Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005925)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005925 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The...
The vulnerability of the tcp_disconnect() function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the tcpdisconnect function in the net/ipv4/tcp.c module of the Linux kernel’s IPv4 protocol implementation is related to improper release of resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
CVE-2026-25963
Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet’s certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...
CVE-2024-36319
Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...
CVE-2023-31324
A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...
Advisory ROSA-SA-2026-3182
Software: sqlite 3.26.0 OS: ROSA Virtualization 3.0 unaffected versions = sqlite-3.26.0-20.rv30 affected versions sqlite-3.26.0-20.rv30 CVE-ID: CVE-2025-6965 BDU-ID: 2025-08786 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Aggregate Term Handler component of the SQLite database management syst...
CVE-2024-36319
Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...
CVE-2023-31323
Type confusion in the AMD Secure Processor ASP could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent XGMI TA leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability...
CVE-2024-36319
Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...