30 matches found
CVE-2026-8367
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
ROS-20251105-02
A vulnerability in the LibTIFF library is related to a bounds checking bug in the setrow function in tools/thumbnail.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the LibTIFF library is related to a bounds checking b...
EUVD-2001-1042
Malware in sbrugna...
Microsoft Word Code Execution Vulnerability (CNVD-2025-18817)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which is caused due to a post-release usage error when opening a specially crafted file. An attacker could exploit this vulnerability ...
Microsoft Office 资源管理错误漏洞
Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which is caused due to a post-release usage...
LSN-0113-1: Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: ubifs: authenticatio...
ROS-20250703-07
A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the libvpx library of the Google Chrome and Microsoft Edge...
After upgrading from 1912 to 2402, unable to view license usage in Studio
After upgrading Delivery controllers from 1912 to 2402, unable to view license usage in Studio. Studio show error : An error has occurred with the Citrix License Server. Check the license server to make sure it is running, then try again...
ROS-20240830-01
Vulnerability of the rndissetresponse function in the rndis component of the Linux kernel is related to the "BufOffset + 8" operation, which can cause an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vrr compone...
Unspecified vulnerability in Linux kernel (CNVD-2024-28364)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a type usage error in the nvidiasmmucontextfault function in the iommu/arm-smmu module. No details of the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a type usage error in the nvidiasmmucontextfault function in the iommu/arm-smmu module. No details of the...
Advisory ROSA-SA-2024-2344
Software: gstreamer-plugins-bad-free 0.10.23 OS: rosa-server79 packageevrstring: gstreamer-plugins-bad-free-0.10.23-24.res7 CVE-ID: CVE-2023-44446 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A post-release usage error was detected in the MXF demultiplexer in GStreamer when processing some MXF video...
Advisory ROSA-SA-2023-2287
Software: dnsmasq 2.79 OS: ROSA Virtualization 2.1 packageevrstring: dnsmasq-2.79-26.rv3.src.rpm CVE-ID: CVE-2022-0934 BDU-ID: 2022-03253 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DHCPv6 protocol implementation of the Dnsmasq DNS server is related to a memory usage error after memory is...
ROS-20230414-04
The curl program vulnerability is related to a memory usage error after release when processing rejected requests from HTTP proxy using SMB or TELNET protocols. Exploitation of the vulnerability could allow an attacker acting remotely to cause a post-release memory usage error and cause the...
ROS-20220926-01
A vulnerability in the Vim text editor is related to a boundary error in the utfcptr2len function in mbyte. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a heap buffer overflow, and execute arbitrary code...
Adobe Acrobat and Adobe Acrobat Reader Buffer Overflow Vulnerability
Adobe Acrobat and Adobe Acrobat Reader are both products of the United States Ordoby Adobe.Adobe Acrobat is a set of PDF file editing and conversion tools.Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDF. Adobe Acrobat and Adobe Reader has a buffer overfl...
ROS-20220524-02
A vulnerability in the lightweight DNS, DHCP, and TFTP server Dnsmasq is related to a memory usage error after a release when processing DHCPv6 requests. Exploitation of the vulnerability could allow an attacker, acting remotely, send specially crafted DHCPv6 packets to a vulnerable application,...
MariaDB Binary_string::free_buffer() component memory misreference vulnerability
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A memory misreference vulnerability exists in Mariadb v10.9 and earlier versions, which originates in the /sql/sqlstring.h component...
ROS-20220315-01
A vulnerability in the libxml2 XML document parsing library is related to a post-release memory usage error when processing ID and IDREF attributes in the valid.c file. release when processing ID and IDREF attributes in valid.c file. Exploitation of the vulnerability could allow an attacker actin...
ROS-20220125-17
A vulnerability in the QEMU hardware emulator is related to a single offset error when emulating a SCSI device in QEMU. Exploitation of the vulnerability could allow an attacker acting remotely, cause QEMU to crash The QEMU hardware emulator vulnerability is related to a memory usage error after ...