7663 matches found
ROS-20240927-07
A vulnerability in the WikibaseLexeme extension of the MediaWik hypertext implementation software tool is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges Vulnerability of UnlinkedWikibase extension of a...
ROS-20240920-09
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240920-11
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
ROS-20220207-01
Vulnerability in the implementation of the tipccryptokeyrcv function of the protocol for intra-cluster communication Transparent Inter-Process Communication TIPC of Linux kernel is related to insufficient input data verification when processing MSGCRYPTO messages. input data validation when...
ROS-20240902-10
GdkPixbuf image loading library vulnerability is related to heap memory corruption in aniloadchunk. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240904-11
A vulnerability in the implementation of the PEAP Protected Extensible Authentication Protocol protocol of the Wi-Fi WPA Supplicant client is caused by flaws in the authorization procedure. Wi-Fi WPA Supplicant is caused by a flaw in the authorization procedure. Exploitation of the vulnerability...
ROS-20240827-16
A vulnerability in the C-ares asynchronous DNS query library is related to uncontrolled resource consumption in the event of misinterpretation of packet length. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a corrupted UDP packet...
ROS-20240905-03
A vulnerability in the GTK GUI creation library GIMP Toolkit is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
ROS-20240904-04
A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation The vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information by sending specially crafted IPv6 packets. availabilit...
ROS-20240904-03
A vulnerability in the Gstreamer multimedia framework is associated with an integer overflow when processing EXIF file metadata. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240902-17
A vulnerability in the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays is related to a stack-based buffer overflow. GStreamer ORC data arrays is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an...
ROS-20240828-06
A vulnerability in the LibTIFF library is related to null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240827-12
A vulnerability in the cfgmarkports function of the Unbound DNS server is related to heap buffer overflow errors. Exploitation of the vulnerability allows an attacker acting remotely to cause denial of service or unauthorized actions on the system. A vulnerability in the ubctxsetfwd function of t...
ROS-20240816-12
Vulnerability of setupdscconfig function in drivers/gpu/drm/amd/display/dc/dsc/dcdsc.c module of driver amdgpu of the Linux operating system kernel is related to a lack of input validation. Exploitation the vulnerability could allow an attacker to cause a denial of service A vulnerability in the...
ROS-20240910-04
A vulnerability in the pcapfindalldevsex function of the libpcap library is related to the default support for remote packet capture. remote packet capture. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20240910-08
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the Gstream...
ROS-20240911-04
A vulnerability in the Kerberos network authentication protocol is associated with modification of the Extra Count open field of the confidential GSS krb5 shell token. Exploitation of the vulnerability allows an attacker acting remotely to affect the integrity and operation of the system. remotel...
ROS-20240904-07
A vulnerability in the Python programming language interpreter CPython is related to a loop with an unreachable exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240918-03
A vulnerability in the WebCore::RenderLayer::renderer function of the WPE WebKit and WebKitGTK web page display modules is related to memory usage after it is freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in...
ROS-20240911-09
Vulnerability of the pkgconftupleparse function libpkgconf/tuple.c of the software tool for setting flags for pkgconf development libraries is related to a buffer overrun. compiler and linker flags for pkgconf development libraries is related to the operation exceeding the buffer boundaries. in...
ROS-20240815-07
A vulnerability in the GNU C Library's nscd nameserver caching daemon is related to the returning a pointer outside the expected range. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the GNU C Library nscd nameserver caching daemon is...
ROS-20240816-02
Vulnerability in the ASN1 Parser function GTime2str of the libcurl library is related to reading outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause an octasis in the maintenance...
ROS-20240827-15
A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...
ROS-20240815-02
The vulnerability of the writestatustextandbuffer function of the cpr.c component of the program for information encryption and creation of electronic digital signatures GnuPG is related to insufficient neutralization of special elements in the request. Exploitation of the vulnerability allows a...
ROS-20240816-04
A vulnerability in the bermemallocx function of the OpenLDAP package is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...
ROS-20240916-10
A vulnerability in the ncwrapentry component of the library for controlling I/O to the terminal ncurses, is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availabili...
ROS-20240812-14
Vulnerability of the utf8asn1str function of the ASN1 parser of the cURL command line utility is related to the release of previously unallocated memory when processing the ASN1 UTF-8 string. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240806-16
Vulnerability in glXGetDrawableScreen neutral dispatch layer function for OpenGL API calls libglvnd is related to a segmentation violation. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20241029-08
Vulnerability in the OpenSearch software package related to improper validation of the nextUrl parameter. Exploitation of the vulnerability could allow an attacker to redirect a user to a malicious site A vulnerability in the server.maxHeadersCount configuration of the ws client-server library in...
ROS-20241017-08
Vulnerability in the 'http.cookies' standard library module of the Python programming language interpreter CPython is related to inefficient regular expression complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241015-06
A vulnerability in the OpenJPEG image encoding and decoding library is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240717-03
A vulnerability in the implementation of the gnutlspkcs7verify function of the GnuTLS cryptographic library is related to double release errors occurring during verification of pkcs7 signatures. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...
ROS-20240815-17
A vulnerability in the fwupd daemon for managing firmware update installation on Linux-based systems is related to saving an automatically generated password in /etc/fwupd/redfish.conf without proper restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to gain...
ROS-20240726-08
Vulnerability in the httpjson component of Elastick Stack Filebeat is due to a bug in the input data of the httpjson, because of which the contents of the Authorization or Proxy-Authorization http-request header may into the debug logs. Exploitation of the vulnerability could allow an attacker...
ROS-20240806-04
Vulnerability of the allocatestructures function of the utility for measuring and analyzing system performance sysstat is related to insufficient bounds checking before arithmetic multiplication, which allows an overflow of the size allocated for the buffer representing system actions. overflow o...
ROS-20241001-09
A vulnerability in the curl program is related to improper certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system...
ROS-20241015-05
Nano text editor vulnerability is related to temporary file handling errors. Exploitation exploitation of the vulnerability could allow an attacker to affect data integrity...
ROS-20241017-04
A vulnerability in the Microsoft .NET software platform involves inefficient algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Microsoft .NET software platform is related to post-release memory...
ROS-20240829-10
A vulnerability in the xmlparse.c file of the libexpat XML file parsing library is related to an integer overflow for nDefaultAtts on 32-bit platforms. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the xmlparse.c file of the libexpat...
ROS-20240826-14
A vulnerability in Graphviz graph visualization application is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted config6a file. a specially crafted config6a file...
ROS-20241017-07
Apache Portable Runtime library vulnerability is related to the ability to read named shared memory segments. memory. Exploitation of the vulnerability could allow an attacker for a critical resource to gain access to sensitive information...
ROS-20241021-02
GNOME Project G libgsf structured file library vulnerability is related to heap-based integer overflow during processing of sector allocation table. heap-based integers when processing the sector allocation table. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240730-03
A vulnerability in the dstring.c component of the Debian GNU/Linux operating system cpio package is caused by an integer overflow. overflow. Exploitation of the vulnerability could allow an attacker to cause a stack overflow via a generated file...
ROS-20240827-01
A vulnerability in the modwsgi module of the Apache web server is related to errors in X-Client-IP header processing. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to network services. access to network services...
ROS-20240826-15
A vulnerability in the ODBC library for UNIX UnixODBC is related to pointer offsets outside of allocated memory. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data and cause a denial of service. data, as well as cause a denial of service...
ROS-20241001-06
A vulnerability in the Runc isolated container launch tool is related to race condition, that allows link tracking. Exploitation of the vulnerability could allow an attacker to impact data integrity...
ROS-20240910-03
A vulnerability in the libexpat XML parsing library is related to incorrectly restricting the reference to the XML external entity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240910-01
A vulnerability in the HAProxy server software is related to entering an infinite loop when given certain input data. of certain inputs. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240718-04
A vulnerability in the vpximgalloc function of the libvpx video encoding/decoding library is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by transmitting specially crafted data A vulnerability in the libvpx video...
ROS-20240918-08
A vulnerability in FreeIPA's centralized user identity management system is associated with insufficient password hash calculation. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate their privileges by brute-forcing possible values for a user's password...