8244 matches found
ROS-20241001-05
A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...
ROS-20240927-05
Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...
ROS-20240916-09
The vulnerability of the x86 HVM Hypercall Handler component of the Xen kernel's x86 HVM hypervisor is related to the ability to freely switch between 64-bit and other system modes. Linux kernel hypervisor is related to the ability to freely switch between 64-bit and other system modes...
ROS-20240909-01
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...
ROS-20240826-04
A vulnerability exists in the Apache Derby database management system due to failure to take measures to to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the database. remotely to gain unauthorized access to t...
ROS-20240815-08
Vulnerability in the ANGLE component of Google Chrome browser is related to out-of-bounds recording. Exploitation of the of the vulnerability could allow an attacker acting remotely to exploit the heap corruption with a a specially crafted HTML page V8 JavaScript script handler V8 vulnerability i...
ROS-20240806-03
A vulnerability in the Java Apache Commons BCEL bytecode processing library is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code...
ROS-20240729-15
A vulnerability in the django.utils.text.Truncator.words function of the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240729-01
Vulnerability in Forms Authentication in Application Server Web Application Examples Apache Tomcat exists due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...
ROS-20240725-03
A vulnerability in Google Chrome browser's JavaScript script handler V8 is related to reading outside the boundaries of memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform access outside the outside of the allocated memory space using a specially crafted...
ROS-20240723-03
Vulnerability of Ruby interpreter's Net::FTP class implementation is related to flaws in service data protection using the PASV command. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. remotely, to gain unauthorized...
ROS-20240719-04
A vulnerability in the Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability...
ROS-20240717-05
A vulnerability in the implementation of PKCS1 v1.5, OAEP, and RSASVP standards in the NSS Network Security Services library set is associated with insufficient protection of service data due to time discrepancy. Exploitation of the vulnerability allows an attacker acting remotely to implement th...
ROS-20240709-02
Vulnerability in the tempfile.TemporaryDirectory component of the Python programming language interpreter CPython is related to dereferencing symbolic links while clearing permission-related errors. Exploitation of the vulnerability could allow an attacker to increase their privileges...
ROS-20240702-01
Vulnerabilities in Microsoft Visual Studio software development tool and Microsoft.NET Framework are related to uncontrolled resource consumption. Microsoft.NET Framework is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240626-09
Vulnerability of opj2decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir comman...
ROS-20240625-02
A vulnerability in the lxc-user-nic component of the LXC virtualization system is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the protected information...
ROS-20240611-13
Vulnerability in clone/clonefrom components of Python library for interacting with git repositories GitPython is associated with errors in input processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting a specially crafted URL int...
ROS-20240522-01
A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host system...
ROS-20240514-03
The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240508-01
Vulnerability in the Rack module of the Ruby interpreter is related to incorrect implementation of the Ruby programming language of handling invalid URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240503-04
A vulnerability in the mbedtlsx509setextension function of the Mbed TLS software is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto...
ROS-20240425-07
A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...
ROS-20240425-06
A vulnerability in the util-linux package of the Linux operating system is related to incorrect privilege assignment. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to passwords or change a user's clipboard using the setgid command. access to...
ROS-20240425-02
A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...
ROS-20240412-01
Vulnerability of authfile.c file of memcached data caching software is related to buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service using a specially crafted authentication file...
ROS-20240410-08
A vulnerability in the function bfdmachogetsyntheticsymtab match-o.c of the GNU software development tool Binutils is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service or other impact...
ROS-20240409-08
A vulnerability in the cpStripToTile function tools/tiffcp.c of the LibTIFF library is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240408-17
Vulnerability in Flask-Security-Too security management tool is related to URL redirection to an untrusted site when processing the "next" request parameter. to an untrusted site when processing the "next" request parameter. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240408-16
A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...
ROS-20240408-05
RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...
ROS-20240408-06
A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...
ROS-20240405-02
Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to reveal protected information...
ROS-20240404-10
A vulnerability in the Rack module of the Ruby programming language interpreter is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240403-16
A vulnerability in the TCP modules of the Rsyslog log processing software utility is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240403-12
A vulnerability in the Range header analysis component of the modular interface between web servers and the Rack web applications is related to the creation of input data that could cause the analysis of the Content-Disposition header in Rack to take an unexpected amount of time...
ROS-20240402-11
A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...
ROS-20240329-21
Vulnerability of readSeparateTilesIntoBuffer function of LibTIFF library is related to integer overflow on tiff files processing. overflow when processing tiff files. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the...
ROS-20240328-13
A vulnerability in the mzpathresolve function in zlib-ng minizip-ng is related to a buffer overflow via the created file of the mzpathhasslash function in the mzos.c file. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the...
ROS-20240328-15
A vulnerability in the Web Browser UI of Google Chrome and Microsoft Edge browsers is related to incorrectly implemented security checks for standard elements. implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to conduct...
ROS-2-1372
2.1372 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-972
2.972 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...
ROS-20231115-02
Vulnerability of the GetPacket function of VideoLAN VLC media player program is related to incorrect reading of the offset, which leads to heap buffer overflow in GetPacket function. Exploitation of the vulnerability could allow an attacker acting remotely to corrupt memory A vulnerability in the...
ROS-20231102-01
A buc Traceroute vulnerability related to improper handling of lines of code. Exploitation of the vulnerability could allow an attacker acting locally to execute arbitrary code...
ROS-20231024-01
Vulnerability of exfatgetuninamefromextentry function in fs/exfat/dir.c module of exFAT file system in Linux kernel is related to memory access outside the allocated buffer kernel of the Linux operating system is related to accessing memory outside of the allocated buffer. Exploitation of the...
ROS-20231016-01
Vulnerability of XpmCreateXpmImageFromBuffer function of libXpm image file library is related to a read error call. is related to a read error outside the valid range. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20231013-06
Memory leak vulnerability in the RTPS dissector of the Wireshark computer network traffic analyzer. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service by injecting packets or creating a capture file...
ROS-2-1568
2.1568 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...
ROS-2-1389
2.1389 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...
ROS-2-1199
2.1199 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...