ROS-20240729-18

Vulnerability of kubelet utility of Kubernetes virtual machine cluster management software for Windows operating systems is related to incorrectly used standard permissions. Windows operating systems is related to incorrectly used standard permissions. Exploitation vulnerability could allow an...

ROS-20240702-07

A vulnerability in the HTTP/3 QUIC module ngxhttpv3module of NGINX Plus and NGINX OSS web servers is related to writing outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service by using specially crafted HTTP/3...

ROS-20240911-02

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

ROS-20240910-02

A vulnerability in the dbussethostname function of the Avahi local area network service discovery system is associated with an achievable assertion. Exploitation of the vulnerability allows an attacker to cause a denial of service A vulnerability in the avahirdataparse function of the Avahi local...

ROS-20240902-05

Vulnerability of tgetstr component in tinfo/libtermcap.c library for terminal I/O management ncurses is related to the dereferencing of a NULL pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20241002-05

A vulnerability in the PWM PWM device driver of the Linux kernel operating system is related to reading memory outside of the allocated buffer. Exploitation of the vulnerability could allow An intruder can affect confidentiality, integrity and availability of protected information Vulnerability o...

ROS-20241028-04

A vulnerability in the tcp component of the Linux operating system kernel is related to excessive output in the function sockprotinuseadd in net/ipv4/inethashtables.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the btrtl...

ROS-20240918-07

A vulnerability in the BlueZ Bluetooth protocol stack for Linux is related to improper index validation of the BlueZ Audio AVRCP of the BlueZ Audio AVRCP array. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

ROS-20240923-05

A vulnerability in the interpreter of the software suite for processing, transforming, and generating Ghostscript documents is related to errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a special...

ROS-20241119-02

Vulnerability of cxl/region components of Linux kernel is related to the use of uninitialized resource in the cxlregionattach function in drivers/cxl/core/region.c. Exploitation of the the vulnerability could allow an attacker to cause a denial of service A vulnerability in the tls component of t...

ROS-20240826-06

A vulnerability in the pdfbasefontalloc function of the Ghostscript document processing, conversion, and generation software suite is related to a buffer overflow resulting from an incorrect buffer overflow. Ghostscript document generation software suite is related to a buffer overflow caused by...

ROS-20241126-02

A vulnerability in the drm/amd/amdkfd component of the Linux operating system kernel is related to incorrect initialization in the stopcpsch function in drivers/gpu/drm/amd/amdkfd/kfddevicequeuemanager.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

ROS-20240927-03

A vulnerability in the Concurrency component of the Oracle Java SE and Oracle GraalVM Enterprise Edition software platforms is related to insufficient input validation. Edition is related to insufficient validation of input data. Exploitation of the vulnerability could allow an attacker acting...

ROS-20241203-12

A vulnerability in the implementation of the HSTS HTTP Strict Transport Security mechanism of the curl command line utility exists due to a bug in the implementation of the HSTS cache. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct a man-in-the-middle attack...

ROS-20241212-03

A vulnerability in the Moby container platform exists due to an error deleting a NULL pointer in the daemon/images/imagehistory.go. Exploitation of the vulnerability could allow an attacker to cause the application to crash. of the application...

ROS-20241211-02

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

ROS-20241212-01

Vulnerability of pcre2jitcompile.c function of PCRE2 regular expression library is related to reading beyond data buffer boundaries. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data and also to access the data. remotely to gain access to...

ROS-20241203-09

A vulnerability in the gsocks4aproxy.c component of the Glib library is associated with an overshoot by one error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20241203-04

A vulnerability in the Kubernetes virtual machine cluster management software tool is related to incorrectly restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code outside of the container...

ROS-20241211-05

CREATE POLICY row-protected table security policy vulnerability of database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands by reusin...

ROS-20241211-13

Vulnerability of vrrpipsethandler function fglobalparser.c of network traffic balancing system Keepalived is related to integer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to impact the confidentiality, integrity, and availability of protected information...

ROS-20241211-06

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

ROS-20240505-13

A vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool is related to the lack of restrictions on the speed of merging elements no. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and...

ROS-20240505-03

A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of default credentials when the web user interface is enabled. default credentials when the web user interface is enabled. Exploitation of the vulnerability could allow an attacker, acting remotely, to...

ROS-20250203-05

Vulnerability of vim text editor is related to buffer overflow in the heap, when switching to other buffers using the :all command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code The vim text editor vulnerability is related to bounds errors when processing...

ROS-20240329-25

Vulnerability of Zabbix universal monitoring system agent is related to incorrect control of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability of the Zabbix Universal Monitoring System agent is relat...

ROS-20250128-07

A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary commands...

ROS-20250203-10

A vulnerability in the SSLselectnextproto function of the OpenSSL TLS and SSL protocols toolkit is related to the information disclosure. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data and cause a denial of service...

ROS-20241220-03

A vulnerability in the xmlparse.c file of the libexpat XML file parsing library is related to an integer overflow for nDefaultAtts on 32-bit platforms. Exploitation of the vulnerability could allow an an attacker to cause a denial of service...

ROS-20250110-06

The vulnerability of the Zabbix universal monitoring system server is related to the use of uncontrolled format strings when processing HttpRequest objects. format strings when processing HttpRequest objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain...

ROS-20241023-11

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

ROS-20250203-11

A vulnerability in the luaupvaluejoin function lapi.c of the Lua script interpreter is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in the luaresume ldo.c component of the Lua...

ROS-20241023-08

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

ROS-20250128-04

Vulnerability of Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in Microsoft .NET...

ROS-20250128-05

Vulnerability of the library for processing XML and HTML Lxml markup is related to pointer dereferencing errors NULL in the iterwalk function. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

ROS-20250203-04

A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding the buffer boundaries in memory as a result of incorrect comparison of file checksums. Exploitation exploitation of the vulnerability could allow a remote intruder to...

ROS-20250121-12

A vulnerability in the qtdemuxparsesvq3stsddata function of the Gstreamer multimedia framework is related to an integer overflow in the MP4/MOV demultiplexer. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the...

ROS-20250114-01

HTTP client aiohttp vulnerability is related to execution of a loop with an unreachable exit condition. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability of HTTP client aiohttp is related to a symbolic link issue in...

ROS-20240816-13

Vulnerability in the ASN1 Parser function GTime2str of the libcurl library is related to reading outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause an octasis in the maintenance...

ROS-20230412-01

Libde265 vulnerability is related to derivecollocatedmotionvectors function in motion.cc . Exploitation of the vulnerability could allow an attacker to overflow the heap buffer. Vulnerability Libde265 is related to decodercontext::processslicesegmentheader function in decctx.cc . Exploitation of...

ROS-20240916-13

A vulnerability in the email module of the Python programming language interpreter is due to insufficient inadequate input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the security mechanism...

ROS-20250114-03

Vulnerability in the Hash Handler component of the 389-ds-basic package is related to insufficient verification of the of password hashes. Exploitation of the vulnerability could allow an intruder to cause a denial of service...

ROS-20240902-23

A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...

ROS-20250110-03

A vulnerability in the XMLResumeParser function of the libexpat XML parsing library is related to improper checking for unusual or exceptional conditions. Exploitation of the vulnerability could allow an attacker to stop/stop a parser that is not running...

ROS-20250114-15

Vulnerability of gfxv943initmicrocode function in drivers/gpu/drm/amd/amdgpu/gfxv943.c module of driver Linux operating system kernel amdgpu is related to memory writes outside of the allocated buffer. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity...

ROS-20230412-03

The Consul server vulnerability is related to allowing an authenticated user to use the service: write permissions to start a workflow. Exploitation of the vulnerability could allow an attacker acting remotely to crash the Consul server and client agents...

ROS-20230412-02

Vim text editor vulnerability related to the classobjectindex vim function in the vim9class.c file. Exploitation of the vulnerability could allow an attacker acting remotely to trick a user into opening a specially crafted file, causing a problem that leads to a problem that leads to a bug. a use...

ROS-20230407-01

The libcurl library vulnerability is related to FTP connection reuse, previously created connections are stored in a connection pool for reuse if they match the current connection pool. connections are stored in the connection pool for reuse if they match the current configuration. configuration...

ROS-20250212-05

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...

ROS-20250212-12

A vulnerability in the hbcairoglyphsfrombuffer function of the Harfbuzz text transformation library is related to the bounds errors in the hbcairoglyphsfrombuffer function in hb-cairo.cc. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the...