8110 matches found
ROS-20241015-04
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect resource clearing or release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20241008-08
Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...
ROS-20241004-09
Vulnerability of the matchflags function of the Netfilter subsystem of the Linux kernel is related to the reading of data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of...
ROS-20241004-07
A vulnerability in the iouring component of the Linux operating system kernel is related to the reuse of previously released memory due to competitive access to a resource race condition in the scmfpcopy function in the net/core/scm.c module. Exploitation of the vulnerability could allow an...
ROS-20241002-03
Vulnerability of btrfsgetrootref function in fs/btrfs/disk-io.c module of btrfs file system of Linux kernel is related to reuse of previously freed memory. of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker t...
ROS-20240923-06
Vulnerability of net/http and net/http2 libraries of Go programming language in terms of implementation of the HTTP/2 protocol is related to uncontrolled resource consumption as a result of incorrect determination of the termination of HTTP/2 is related to uncontrolled resource consumption as a...
ROS-20240923-01
The vulnerability of WebKitGTK and WPE WebKit web page display modules is related to memory access after it is memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240916-06
Vulnerability in the Device Handler component of the Xen cross-platform hypervisor of the Linux kernel is related to incorrect placement of a preprocessor directive in the source code. Exploiting the vulnerability could allow an attacker to escalate privileges...
ROS-20240911-06
A vulnerability in the stack protection feature of the GNU Compiler Collection GCC for different programming languages is due to a data protection mechanism violation. Collection GCC is related to a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker...
ROS-20240909-04
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...
ROS-20240906-01
Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...
ROS-20240904-16
A vulnerability in the export.c file in the exporttga function of the libcaca graphics library for converting an image to ASCII ART is related to the operation exceeding memory buffer limits. image to ASCII ART is related to the operation exceeding the buffer boundaries in memory. Exploitation of...
ROS-20240904-06
A vulnerability in the yasmintnumcopy function of the YASM assembler is related to the lack of memory release after the effective lifetime. Exploitation of the vulnerability could allow an attacker to gain access to the sensitive data...
ROS-20240902-15
A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240826-10
Vulnerability of pygments/lexers/smithy.py file of SmithyLexer component of syntax highlighting program Pygments is related to the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240826-18
Vulnerability in the .NET development platform of Microsoft's software development tool Visual Studio is related to the transmission of credentials in unencrypted form. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability in the...
ROS-20240816-03
Vulnerability of HTTP Daemon is related to inconsistent interpreting of HTTP requests when processing 'Content-Length' string values. when processing 'Content-Length' string values. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate their privileges by sending...
ROS-20240812-12
Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary SQL queries...
ROS-20240725-12
A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...
ROS-20240806-15
Vulnerability of PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes and PKCS12newpass of the OpenSSL library are related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240726-07
A vulnerability in the Sign-In component of the Google Chrome browser is related to the ability to bypass navigation restrictions using a specially crafted HTML page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute cross-site scripted attacks...
ROS-20240719-01
A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...
ROS-20240716-01
OpenSearch software package vulnerability related to unintentional access to resources of of users in the Dashboards Reports plugin. Exploitation of the vulnerability could allow an attacker to compromise the integrity of data. impact data integrity OpenSearch software package vulnerability relat...
ROS-20240709-03
Apache Kafka Message Manager vulnerability is related to Apache Kafka cluster migration from ZooKeeper mode to KRaft mode. Exploitation of the vulnerability could allow an attacker acting remotely, impact the confidentiality and integrity of...
ROS-20240703-10
Vulnerability of usbguard-dbus daemon of USBGuard USB device protection software is related to an error of access error of an unprivileged user who could connect USB devices. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, a...
ROS-20240626-07
A vulnerability in the Net::CIDR::Lite module of the Perl programming language interpreter is related to bugs in the handling foreign null characters at the beginning of an IP address string. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access controls...
ROS-20240521-01
Mutt mail client vulnerability is related to pointer dereferencing errors when processing message headers. message headers. Exploitation of the vulnerability could allow an attacker to cause a denial of service Mutt mail client vulnerability is related to null pointer dereferencing. Exploitation ...
ROS-20240503-15
A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...
ROS-2-1643
2.1643 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1485
2.1485 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-962
2.962 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1421
2.1421 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...
ROS-20230915-13
A vulnerability in the symbolic.py component of the Python library for interacting with GitPython git repositories is related to a flaw in the directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected...
ROS-20230911-08
Vulnerability of UnRAR file unzipping tool is related to incorrect link resolution before accessing a file "Jump to link". before accessing the file "Follow link". Exploitation of the vulnerability could allow an attacker acting remotely to extract files outside the destination folder using file...
ROS-2-1565
2.1565 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-974
2.974 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-2-1349
2.1349 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-1174
2.1174 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...
ROS-2-1581
2.1581 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-20230130-02
Vulnerability of the opusfile stream decoder library is related to null pointer dereferencing in the opgetdata and opopen1 functions in opusfile.c in xiph. Exploitation of the vulnerability could allow an attacker, acting remotely, transfer specially crafted data to an application and perform a...
ROS-20220516-10
A vulnerability in the evdevlogmsg function of the libinput library's implementation of the X.Org and Wayland display server protocols is related to the use of uncontrolled format strings. Wayland is related to the use of uncontrolled format strings. Exploitation of the vulnerability could allow ...
ROS-2-1478
2.1478 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1401
2.1401 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1475
2.1475 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-20211223-05
Asterisk computer telephony application vulnerability involves an input validation error. Exploitation The vulnerability could allow a remote attacker to send a packet containing an unsupported multimedia format and perform a denial of service DoS attack. unsupported media format and perform a...
ROS-2-1243
2.1243 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...
ROS-2-1195
2.1195 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...
ROS-2-825
2.825 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...
ROS-2-1635
2.1635 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-1394
2.1394 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...