8283 matches found
ROS-2-531
2.531 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...
ROS-2-1220
2.1220 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...
ROS-2-1408
2.1408 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-2-880
2.880 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...
ROS-2-1775
2.1775 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...
ROS-2-1003
2.1003 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-446
2.446 VLC vulnerability CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...
ROS-2-1462
2.1462 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-961
2.961 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...
ROS-2-1487
2.1487 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1623
2.1623 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-953
2.953 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...
ROS-2-1229
2.1229 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...
ROS-2-611
2.611 Multiple vulnerabilities of libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1177
2.1177 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The...
ROS-2-1195
2.1195 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...
ROS-2-825
2.825 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...
ROS-2-1394
2.1394 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-20260529-73-0023
The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...
ROS-20260527-73-0006
Vulnerability in openbao related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260526-73-0010
Vulnerability in python-relenv related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260526-73-0020
A vulnerability in the libpng library is related to the failure to check for sufficient input pixels when processing the last partial portion in the ARM/AArch64 Neon optimized palette expansion path. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...
ROS-20260524-73-0055
A vulnerability in the Protobuf data serialization protocol involves uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260515-73-0002
Vulnerability in firebird due to lack of service data protection. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
ROS-20260512-73-0033
Vulnerability in ruby related to lack of protection of proprietary data. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20260508-73-0011
A vulnerability in the .NET software platform is related to incorrect handling of a missing special element. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...
ROS-20260119-7391
A vulnerability in the rtlpciprobe driver function drivers/net/wireless/realtek/rtlwifi/pci.c of Linux kernel operating systems is related to the lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251203-10
Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...
ROS-20250528-01
A vulnerability in the acpi component of the Linux kernel is related to the dereferencing of a NULL pointer in the acpiskipsetwakeupaddress function in drivers/acpi/sleep.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the net...
ROS-20250513-02
The RED OS kiosk mode vulnerability is due to improper constraints. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands on the system outside of the imposed restrictions Information about the vulnerability was received from Alexander Starikov - researcher at...
ROS-20250204-01
A vulnerability in the udf component of the Linux operating system kernel is related to the use of an uninitialized resource in the udfrename function in fs/udf/namei.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vmwgfx...
ROS-20250203-12
A vulnerability in the ldebug.c component of the Lua script interpreter involves an integer loss of significance. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250121-04
A vulnerability in the RIB Revalidation component of a software tool that implements network routing on Unix-like FRRouting systems is related to the launch of RIB reanalysis for FRR routers. Unix-like FRRouting systems is related to triggering RIB reanalysis for FRR routers, using RTR, causing...
ROS-20250109-08
The ungetbyte and ungetc methods of StringIO string handler for Ruby programming language are vulnerable to with an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of protected information...
ROS-20241216-10
The Jetty servlet container vulnerability is related to the lack of control over internal resource consumption within DoSFilter. Exploitation of the vulnerability could allow an attacker acting remotely to repeatedly send crafted requests multiple times, cause an OutofMemory error, and finally...
ROS-20241121-02
A vulnerability in the Access Rule Handler component of the Openstack cloud services platform involves manipulation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system. affect the integrity of the system...
ROS-20241120-01
Vulnerability of drm/amd/display components of Linux kernel is related to dereferencing of the NULL pointer in the amdgpudminit function in drivers/gpu/drm/amd/display/amdgpudm/amdgpudm.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in th...
ROS-20241114-02
The vulnerability of the micrel component of the Linux operating system kernel is related to the NULL pointer dereferencing in lan8814txtstamp, lan8814getsigrx, lan8814matchrxts, lan8814ptpciadjfine functions, lan8814getsigtx, lan8814dequeuetxskb, and lan8814matchskb in drivers/net/phy/micrel.c...
ROS-20241112-11
A vulnerability in the index.php component of Enterprise Server, a cloud-based software package for creating and using Nextcloud Server data storage is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to modify or delete VCards in the...
ROS-20241112-10
A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of https URLs even after certificate validation errors. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data and compromise their integrity. remotely to gain...
ROS-20241029-11
A vulnerability in the blockformat function of the Ruby interpreter with the Action Mailer Gem extension is related to the execution of the function for an unexpectedly large amount of time. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241017-01
A vulnerability in the golang package of the Debian GNU/Linux operating system is related to incorrect control of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Golang programming languag...
ROS-20241015-04
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect resource clearing or release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20241008-08
Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...
ROS-20241008-04
A vulnerability in the RSS function of the QEMU hardware emulator is related to setting too large a value, causing an index out-of-bounds problem. values, causing a problem with the index going out of bounds. Exploitation of the vulnerability could allow an attacker acting locally to cause a deni...
ROS-20241004-07
A vulnerability in the iouring component of the Linux operating system kernel is related to the reuse of previously released memory due to competitive access to a resource race condition in the scmfpcopy function in the net/core/scm.c module. Exploitation of the vulnerability could allow an...
ROS-20241004-09
Vulnerability of the matchflags function of the Netfilter subsystem of the Linux kernel is related to the reading of data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of...
ROS-20241002-03
Vulnerability of btrfsgetrootref function in fs/btrfs/disk-io.c module of btrfs file system of Linux kernel is related to reuse of previously freed memory. of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker t...
ROS-20240923-01
The vulnerability of WebKitGTK and WPE WebKit web page display modules is related to memory access after it is memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240923-06
Vulnerability of net/http and net/http2 libraries of Go programming language in terms of implementation of the HTTP/2 protocol is related to uncontrolled resource consumption as a result of incorrect determination of the termination of HTTP/2 is related to uncontrolled resource consumption as a...