8283 matches found
ROS-20260524-73-0050
A vulnerability in the MultiPartParser function of the Django web application software platform is related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260520-73-0051
A vulnerability in the ANGLE component of the Google Chrome web browser is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data using a specially crafted HTML page...
ROS-20250521-01
Vulnerability of drm/v3d components of Linux kernel is related to dereferencing of NULL pointer in the v3dirq and v3dhubirq functions in drivers/gpu/drm/v3d/v3dirq.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the video component of t...
ROS-2-484
2.484 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-20250326-11
A vulnerability in the sqlghashsource component of the virtuoso-opensource web application development platform is related to the unconstrained and unregulated resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using special...
ROS-20241121-01
Vulnerability in Moodle virtual learning environment related to excessive data output by application in Messaging error message. Messaging error message. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to confidential information. remotely, to...
ROS-20241021-08
A vulnerability in the ad4130 component of the Linux operating system kernel is related to incorrect input validation in the ad4130setupintclk function in drivers/iio/adc/ad4130.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service Vulnerability of devlinkin...
ROS-20240911-11
Vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain Unauthorized access to protected information A vulnerability in the libfsimage compone...
ROS-20240828-03
Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the incorrect handling of exceptional conditions with improper handling of exceptional conditions. Exploitation of the vulnerability could allow a remote attacker to use memory after it has been...
ROS-20240826-16
A vulnerability in the Concurrency component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK, and Oracle Java SE software platform is related to insufficient input validation. for JDK and Oracle Java SE software platform is related to insufficient input validation...
ROS-20240806-01
A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop without sufficiently limiting the the number of times it can be executed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service by using specially crafted 7...
ROS-20240729-03
A vulnerability in the GLPI reports plugin of the GLPI reports system is related to incorrect neutralization of input data during web page generation. neutralization of input data during web page generation. Exploitation of the vulnerability could allow a remote attacker to conduct XSS attacks...
ROS-20240726-04
Vulnerability in Moodle virtual learning environment due to a risk in CSV import method XSS. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a cross-site scripting XSS attack. cross-site scripting XSS...
ROS-20240726-03
A vulnerability in the cjson and cmsgpack libraries of the Redis database management system DBMS is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted Lua...
ROS-20240724-01
A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an intruder to execute arbitrary code through a specially crafted HTML page A vulnerability in th...
ROS-20240712-01
Vulnerability in Multiline RFC 2231 component of Exim mail server is related to incorrect analysis of the the multiline RFC 2231 header file name. Exploitation of the vulnerability could allow an attacker, acting remotely, to deliver executable attachments to end-user mailboxes...
ROS-20240627-03
A vulnerability in the QEMU hardware emulator is related to a memory re-release error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by performing a DMA re-entry...
ROS-20240607-01
Vulnerability of bgpcapabilitymsgparse functions of a software tool for implementing network routing on Unix-like FRRouting systems is related to reading outside memory boundaries of the BGP FRRouting daemon. Unix-like systems FRRouting is related to read outside memory boundaries in the BGP...
ROS-20240603-01
A vulnerability in the PSP file parser of the GIMP graphics editor is related to number processing errors. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240425-02
A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...
ROS-20240422-06
A vulnerability in the h.265 Libde265 video codec implementation is related to the size of allocated memory exceeding the the maximum supported size 0x100000000000000. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240410-01
Apache Tomcat application server vulnerability is related to lack of service data protection. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...
ROS-20240408-02
A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...
ROS-20240408-06
A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...
ROS-20240408-16
A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...
ROS-20240408-13
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240405-01
A vulnerability in the fs/ntfs.c component of the Grub2 operating system boot loader is related to a buffer overflow in the dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the Trace View panel of the Grafana web data...
ROS-20240401-03
A vulnerability in the CRI-O container mechanism is related to adding arbitrary lines to /etc/passwd using a a specially crafted environment variable. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of the CRI-O...
ROS-20240329-04
ASP.NET Core software platform vulnerability is due to security configuration errors. Exploitation The exploitation of the vulnerability may allow an intruder to disclose protected information...
ROS-20240328-01
GLPI's asset management and data center management software vulnerability is related to the SQL code injection through administration of dashboards. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries...
ROS-2-933
2.933 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1206
2.1206 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-450
2.450 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...
ROS-2-1261
2.1261 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-440
2.440 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Failure to initialize memory when allocating buffers for pixel maps using the AllocatePixmap call could cause the X client to leak memory contents from the heap when the X...
ROS-20231122-01
A vulnerability in the kubelet utility of the Kubernetes virtual machine cluster management software tool is related to insufficient verification of input data. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges to administrator level...
ROS-20231018-03
The vulnerability of the SetAll method of the D-Bus interprocess communication system of the Red Hat Enterprise Linux is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20230907-01
Ghostscript document processing toolkit vulnerability is related to a buffer overflow error in base / gdevdevn.c: 1973 in devnpcxwriterle. buffer overflow in base / gdevdevn.c: 1973 in devnpcxwriterle. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-2-955
2.955 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-2-881
2.881 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-20230620-07
A vulnerability in the Python library for Redis redis-py is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...
ROS-20230615-03
A vulnerability in the HEIF and AVIF libheif file format decoder is related to a floating point exception in the heif::Fraction::round function in box.cc Exploitation of the vulnerability could allow an attacker, remotely to perform a denial of service attack...
ROS-20221013-03
A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...
ROS-2-712
2.712 Mozilla Thunderbird email client vulnerability CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-20220125-18
A vulnerability in the Xen hypervisor is related to the incorrect configuration of a number of devices and the incorrect data structure release, including I/O page tables. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service and other issues,...
ROS-20220125-12
Vulnerability in the executable environment for running containerd containers is due to incorrect default permissions for the container root directories and some plugins. default permissions for container root directories and some plugins. Exploitation of the vulnerability could allow an attacker...
ROS-20220112-02
Vulnerability of wordexp function of the library that provides system calls and basic glibc functions is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to read arbitrary files...
ROS-2-558
2.558 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-2-898
2.898 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-926
2.926 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...