8279 matches found
ROS-2-1243
2.1243 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...
ROS-20260526-73-0013
Vulnerability in golang-x-image related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260524-73-0004
A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to...
ROS-20260524-73-0030
Vulnerability in the vim text editor is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to affect the availability of protected information...
ROS-20260524-73-0021
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20260524-73-0011
A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20260524-73-0029
Vulnerability in vim related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0023
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20260524-73-0022
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20260505-73-0014
A vulnerability in the http.cookies library of the Python programming language interpreter CPython is related to improper encoding or escaping of output data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information...
ROS-20260430-73-0001
A vulnerability in valkey is related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260417-73-0030
A vulnerability in the JOSE implementation of the Authlib library for OAuth and OpenID Connect servers is related to improper integrity value checking. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security mechanisms...
ROS-20260310-73-0037
A vulnerability in the Background Fetch API of the Google Chrome browser is related to errors in the implementation of security checks for standard elements. Exploitation of the vulnerability allows an attacker acting remotely to disclose protected information using a specially crafted HTML page...
ROS-20250318-01
A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...
ROS-20250314-01
Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...
ROS-20250310-01
Vulnerability of the dpaastartxmit function in the drivers/net/ethernet/freescale/dpaa/dpaaeth.c module of the Linux kernel of the Linux kernel is associated with a data leak. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and availability of protected...
ROS-20250121-10
Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an intruder, acting remotely, to disclose protected information...
ROS-20250109-04
Vulnerability of the Fields plug-in of the GLPI system of requests, incidents and inventory of computer equipment is related to failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow An attacker acting remotely could execute arbitrary SQL code...
ROS-20241216-06
A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...
ROS-20241216-03
A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...
ROS-20241211-01
The vulnerability of the OpenSC smart card software toolkit and libraries is related to the fact that, that in pkcs15init buffers are partially filled with data, and initialized portions of the buffer can be accessed by bypassing the restrictions. Exploitation of the vulnerability could allow an...
ROS-20241203-23
The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...
ROS-20241202-02
Vulnerability of drivers/virt/acrn components of the Linux operating system kernel is related to errors of post-release usage errors in the acrnvmmemsegunmap and acrnvmvmrammap functions in the drivers/virt/acrn/mm.c. Exploitation of the vulnerability could allow an attacker to escalate privilege...
ROS-20241129-01
A vulnerability in the ks8851 component of the Linux operating system kernel is related to improper locking in the ks8851dbgdumpkkt, ks8851rxpkts, and ks8851irq functions in the drivers/net/ethernet/micrel/ks8851common.c. Exploitation of the vulnerability could allow an attacker to cause a denial...
ROS-20241112-03
Vulnerability of the JWE, JWS, JWT go-jose standards set implementation package for Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service Vulnerability of...
ROS-20241025-02
Vulnerability of usb-audio component of Linux kernel is related to NULL pointer dereferencing in the sndusbsetsampleratev2v3 function in sound/usb/clock.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the target component of the target...
ROS-20241017-11
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-05
A vulnerability in the Redis database management system DBMS is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting a specially crafted lua script Redis database management system DBMS vulnerability is...
ROS-20241015-02
The vulnerability in the Xen hypervisor is related to a logic error caused by branch type confusion when implementing an of early patches. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information and escalate privileges on the system...
ROS-20241001-12
QEMU hardware emulator vulnerability is related to synchronization errors. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241001-04
Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...
ROS-20241001-07
Vulnerability in DecodeConfig component of Golang programming language is related to incorrect normalization of HTTP Location header. HTTP Location header. Exploitation of the vulnerability could allow an attacker acting remotely, redirect the user to a malicious site...
ROS-20240927-06
A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...
ROS-20240919-01
Vulnerability of Microsoft.NET Framework and .NET software platform of Windows operating systems is related to incorrect definition of symbolic links before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20240918-01
A vulnerability in the CGI::Cookie.parse function of the Ruby programming language is related to incorrect processing of security prefixes in cookie names. security prefixes in cookie names. Exploitation of the vulnerability allows an attacker, acting remotely, to affect data integrity...
ROS-20240911-06
A vulnerability in the stack protection feature of the GNU Compiler Collection GCC for different programming languages is due to a data protection mechanism violation. Collection GCC is related to a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker...
ROS-20240902-09
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240902-03
Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...
ROS-20240902-08
A vulnerability in the bus lockout regulator mechanism for some Intel processor models is associated with a a security mechanism failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service A firmware vulnerability in Intel Xeon D processors involves an incorrec...
ROS-20240902-04
A vulnerability in the xmlattr filter of the Jinja2 templating engine for the Python programming language is related to the failure to take measures to protect the structure of a web page. to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240826-13
A vulnerability in the protojson.Unmarshal function of the golang-google-protobuf package of the Golang programming language is related to an infinite loop when anmarshaling certain JSON forms. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ...
ROS-20240816-01
A vulnerability in the Portainer container management platform is related to a difference in authentication user authentication response time. Exploitation of the vulnerability could allow an attacker acting remotely to determine whether a username is valid or invalid. remotely, whether the...
ROS-20240816-08
A vulnerability in the PHP programming language is related to the random number generator's use of a narrower range of values. Exploitation of the vulnerability could allow an attacker acting remotely to gain access sensitive data A vulnerability in the PHP interpreter phardirread function is...
ROS-20240812-08
Node.js software platform vulnerability is related to mismanagement of code generation. Exploitation The vulnerability could allow a remote attacker to activate arbitrary code with elevated privileges when handling CAPNETBINDSERVICE exceptions. elevated privileges when handling CAPNETBINDSERVICE...
ROS-20240725-13
A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...
ROS-20240806-21
Vulnerability of JDBC driver pgjdbc for connecting Java programs to PostgreSQL database is related to Lack of verification of the class implementation of the expected interface. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code through the...
ROS-20240729-05
Vulnerability in the libssh2 library of Libgit2's implementation of Git's C methods is related to validation bugs of cryptographic signatures. Exploitation of the vulnerability could allow an attacker acting remotely, execute a man-in-the-middle attack...
ROS-20240729-19
The 389 Directory Server vulnerability is related to the ability of an unauthenticated user to cause a systematic server crash when submitting a specific advanced search query. query. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240718-01
Vulnerability in Mozilla Firefox and Firefox ESR browsers is related to incorrect event handling as a result of incorrect code generation control. as a result of mismanaged code generation. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and...
ROS-20240704-02
OpenSSH cryptographic protection tool server vulnerability is related to a logic error ObscureKeystrokeTiming. Exploitation of the vulnerability could allow an attacker acting remotely, launch a timing attack...