8283 matches found
ROS-20260505-73-0036
A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260327-73-0016
Vulnerability in golang related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20260310-73-0013
A vulnerability in the user interface UI of the Google Chrome browser is related to the lack of a user warning about unsafe actions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...
ROS-20250505-08
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
ROS-20250414-01
A vulnerability in the ocfs2 component of the Linux operating system kernel is related to incorrect input validation in the ocfs2reflinkxattrinline function in fs/ocfs2/xattr.c, in ocfs2reflink function in fs/ocfs2/refcounttree.c. Exploitation of the vulnerability could allow an attacker to cause...
ROS-20250403-03
Vulnerability of SQLite hints and ETRN serialization functions of Exim mail server is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sendi...
ROS-20250318-01
A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...
ROS-20250314-01
Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...
ROS-20250310-01
Vulnerability of the dpaastartxmit function in the drivers/net/ethernet/freescale/dpaa/dpaaeth.c module of the Linux kernel of the Linux kernel is associated with a data leak. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and availability of protected...
ROS-20250307-14
Moodle virtual learning environment vulnerability is related to access control weaknesses. Exploitation The vulnerability could allow a remote attacker to gain unauthorized access to the protected information. protected information A vulnerability in the Moodle virtual learning environment is...
ROS-20250214-04
Vulnerability of the nftsetelemcatchalldeactivate function in the net/netfilter/nftablesapi.c module of the Linux kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...
ROS-20250117-04
Visual Studio Code source code editor vulnerability is related to failure to take measures to neutralize the special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20250113-03
Vulnerability in Intel Ethernet network controllers RDMA driver for Linux is related to access control flaws access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...
ROS-20250110-05
The vulnerability of the Zabbix universal monitoring system server is related to the use of uncontrolled format strings when processing HttpRequest objects. format strings when processing HttpRequest objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain...
ROS-20241203-20
Apache Ivy package manager vulnerability is related to incorrect path name restriction to a directory with a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to the file system Apache Ivy package manager vulnerability is...
ROS-20241129-01
A vulnerability in the ks8851 component of the Linux operating system kernel is related to improper locking in the ks8851dbgdumpkkt, ks8851rxpkts, and ks8851irq functions in the drivers/net/ethernet/micrel/ks8851common.c. Exploitation of the vulnerability could allow an attacker to cause a denial...
ROS-20241127-02
A vulnerability in the virtio component of the Linux kernel is related to memory corruption in the functions virtioi2cpreparereqs, virtioi2ccompletereqs and virtioi2cxfer functions in drivers/i2c/busses/i2c-virtio.c. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20241121-05
The vulnerability in the Moodle virtual learning environment is related to issues with controlling the visibility of user information in gradebook reports. of user information in gradebook reports. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241112-03
Vulnerability of the JWE, JWS, JWT go-jose standards set implementation package for Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service Vulnerability of...
ROS-20241112-02
A vulnerability in the ansible-core component of the Red Hat Ansible configuration management system is related to incorrect processing of output data for logs. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in Red Hat Ansible configurati...
ROS-20241112-07
Eclipse Mosquitto message broker vulnerability is related to a heap buffer overflow when executing a onsubscribe callback. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information The Eclipse Mosquitto message broker vulnerability is relate...
ROS-20241017-09
Vulnerability of the alistadd function of the vim text editor is related to memory usage after its after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary autocommands Vulnerability of instypebuf function of vim text editor is related to buffer...
ROS-20241016-01
Vulnerability of nvmet-tcp component of Linux kernel is related to dereferencing of NULL pointer in the nvmettcpinstallqueue function in drivers/nvme/target/tcp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in iwldeallocucode function in...
ROS-20241015-02
The vulnerability in the Xen hypervisor is related to a logic error caused by branch type confusion when implementing an of early patches. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information and escalate privileges on the system...
ROS-20241015-11
A vulnerability in the PHP programming language interpreter exists due to a failure to neutralize special elements. special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
ROS-20241011-02
Vulnerability of smb2probe function in drivers/power/supply/qcompmi8998charger.c module of power supply driver of Linux kernel is related to pointer dereferencing error. of the Linux kernel power supply driver is related to a pointer dereferencing error. Exploitation the vulnerability could allow...
ROS-20241004-01
Vulnerability of ext4remount function of the Linux kernel is related to memory usage after when processing old CONFIGQUOTA file names. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of protected information. protected information...
ROS-20241001-03
An HTTP server vulnerability for Ruby/Rack application Puma is related to a flaw in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTTP request HTTP Request Smuggling attack The HTTP server...
ROS-20240918-15
A vulnerability in the Mbed TLS software is related to the use of a faulty or risky cryptographic algorithm. Exploitation of the vulnerability could allow an intruder to disclose protected information information...
ROS-20240917-05
Vulnerability in the sysinfo.cgi script implementation of Webmin hosting control panel exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute an arbitrary script...
ROS-20240911-07
Vulnerability of utfcptr2len function of vim text editor is related to operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240909-03
Vulnerability of the opteeregisterdevice function in the drivers/tee/optee/device.c module of the Trusted Execution Environment TEE module of the Linux kernel is related to incorrect processing of the return code. return code. Exploitation of the vulnerability could allow an attacker to cause a...
ROS-20240905-02
A vulnerability in the Python programming language interpreter CPython is related to incorrectly enclosing newline characters in quotation marks for email headers when serializing a message. newline quotes for email headers when serializing a message. Exploitation vulnerability could allow an...
ROS-20240904-14
A vulnerability in Performance Co-Pilot performance monitoring and visualization software PCP is related to the mixed privilege levels used by systemd services associated with PCP. Exploitation of the vulnerability could allow an attacker to execute a symbolic link attack and break the isolation ...
ROS-20240904-05
Node.js software platform vulnerability is related to improper access control. Exploitation vulnerability could allow an attacker to execute arbitrary code...
ROS-20240828-04
A vulnerability in OpenVPN software is related to the lack of uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240826-03
Vulnerability of ID3Support::ID3v2Frame::getFrameValue function of "exempi" utility is related to writing outside the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240816-05
The vulnerability of truetype in ImageFont function of the Pillow image manipulation library is related to the unconstrained and unregulated resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240815-06
Vulnerability in the HTTP/2 protocol implementation of Mozilla Firefox, Firefox ESR and the mail client Thunderbird is related to uncontrolled resource consumption as a result of incorrect limitation on the field block size when processing CONTINUATION frames. field block size when processing...
ROS-20240812-10
Golang programming language's gfdashsetupperiod function vulnerability is related to resource release bugs resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service...
ROS-20240806-05
A vulnerability in the AbstractSessionListener component of the Symfony web application development and management platform is related to an incorrect authorization procedure. Symfony web application development and management platform is related to incorrect authorization procedure. Exploitation...
ROS-20240731-01
A vulnerability in the lib-src/etags.c file of the ctags component of the EMACS text editor is related to improper neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the org-babel-execute:latex function of the...
ROS-20240731-06
A vulnerability in the SHA-3 cryptographic hash function of the eXtended Keccak Code Package XKCP software package is related to errors in block processing of input data and type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code during...
ROS-20240730-10
Mbed TLS software vulnerability is related to errors in encryption processing in DTLS connections DTLS when using a null cipher or RC4 cipher. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240729-13
Vulnerability of cJSONInsertItemInArray function of JSON-C library for JSON-C JSON processing is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240716-03
A vulnerability in the Org-Link-Expand-ABBREV function of the LISP/OL.EL file of the EMACS text editor exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary...
ROS-20210716-02
A vulnerability in the DICOM DCMTK library is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service Vulnerability of the library for working with DICOM DCMTK format is related to allocation of heap memory for parsing the data, b...
ROS-20240701-01
A vulnerability in the GIMP graphical editor is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code GIMP graphical editor vulnerability is related to a buffer overflow on parsing GIMPP PSD files. Exploitation of the vulnerability could...
ROS-20240626-15
Vulnerability of avahishostnameresolverstart function of Avahi local network service discovery system is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240626-13
Vulnerability of ExtractImageSection function of LibTIFF library is related to buffer copying without checking the the size of the input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service using a crafted Tiff file...