8110 matches found
ROS-20260617-73-0020
The vulnerability in ImageMagick is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...
ROS-20260529-73-0024
The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...
ROS-20260529-73-0018
The vulnerability of the sscanf function in the libcurl library, a software tool for interacting with servers via CURL, is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
ROS-20260528-73-0001
The vulnerability of the getdumpable function in the Linux operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
ROS-20260527-73-0005
Vulnerability in openbao related to security token assignment restriction errors. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
ROS-20260526-73-0006
Vulnerability in python-relenv related to improper dynamic memory cleanup. Exploitation of the vulnerability allows a remote attacker to bypass security restrictions and cause a denial of service by sending specially crafted smb2 packets...
ROS-20260526-73-0014
Vulnerability in registry related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow a remote attacker to launch an ssrf attack...
ROS-20260526-73-0009
Vulnerability in python-relenv related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260526-73-0011
Vulnerability in vault related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260524-73-0040
Vulnerability in mariadb11.8 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0006
A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...
ROS-20260524-73-0035
A vulnerability in the vim text editor is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to affect the integrity of protected information...
ROS-20260524-73-0036
A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
ROS-20260524-73-0042
Vulnerability in mariadb10.6 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0017
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20260524-73-0009
A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...
ROS-20260520-73-0034
A vulnerability in the WebGL component of the Google Chrome browser is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0011
A vulnerability in the WebAudio component of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0027
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0032
A vulnerability in the CSS component of the Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0055
A vulnerability in the Navigation function of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260513-73-0001
Vulnerability in rubygem-rack related to errors in processing input length parameters. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20260508-73-0011
A vulnerability in the .NET software platform is related to incorrect handling of a missing special element. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...
ROS-20260327-73-0016
Vulnerability in golang related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20250515-10
A vulnerability in Apache Tomcat software is related to insufficient error handling for certain invalid HTTP priority headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Apache Tomcat software vulnerability is related to insufficient...
ROS-2-557
2.557 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-2
2.2 Notification of the update of the OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-20250424-12
A vulnerability in the eval function of the Cloud Deployment and Query Tool modules of the database management tool pgAdmin 4 is related to incorrect code generation control when processing endpoints /sqleditor/querytool/download and /cloud/deploy with querycommitted and highavailability...
ROS-20250402-04
Vulnerability of the GLPI system of requests, incidents and inventory of computer equipment is related to improperly restricting access to the "install/update.php" file. Exploitation of the vulnerability could allow An attacker acting remotely could gain access to confidential information A...
ROS-20250314-02
A vulnerability in the wifi component of the Linux operating system kernel is related to an incorrect lock in the function ilpciresume in drivers/net/wireless/intel/iwlegacy/common.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...
ROS-20250213-01
A vulnerability in the iavf component of the Linux kernel is related to an incorrect locking in the function iavfinitmodule in drivers/net/ethernet/intel/iavf/iavfmain.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in...
ROS-20250121-05
A vulnerability in the modsql component of the ProFTPD FTP server is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to elevate his privileges to the root user...
ROS-20241220-01
A vulnerability in the password verification function of the PHP programming language is related to insufficient calculation of the password hash. password hash. Exploitation of the vulnerability allows an attacker to affect data integrity...
ROS-20241216-04
A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...
ROS-20241211-12
A vulnerability in the RADIUS authentication protocol implementation is related to bypassing the authentication procedure through capture-replay of intercepted messages. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access by forging an authentication...
ROS-20241203-22
The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...
ROS-20241203-10
Vulnerability in the IPAuthenticationProvider component of a centralized service for maintaining configuration information and providing distributed synchronization and group services. configuration, naming, providing distributed synchronization and provisioning of group services Apache ZooKeeper...
ROS-20231121-04
Vulnerability in Nextcloud cloud storage creation and utilization software is related to improper access controls. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain access to sensitive information Nextcloud cloud storage creation and utilization software...
ROS-20241029-05
A vulnerability in the Podman OCI container management and startup software tool is related to bugs in the option bind-propagation of the Dockerfile RUN --mount instruction. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...
ROS-20241029-09
A vulnerability in the plaintextforblockquotenode function of the Ruby interpreter with the Action Text Gem extension is related to the execution of the function for an unexpectedly large amount of time. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial o...
ROS-20241023-01
A vulnerability in the HAProxy server software is related to the opening of a 0-RTT session with a spoofed IP address. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the the functionality of the allowed/blocked IP address list...
ROS-20241015-15
A vulnerability in the PHP programming language interpreter exists due to a failure to take measures to neutralize the special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
ROS-20241004-02
Vulnerability of the mremap function of Linux kernel operating systems is related to memory usage after its release as a result of a race situation when processing the rmap memory management structure. Exploitation of the vulnerability could allow an attacker to cause a denial of service or eleva...
ROS-20241002-04
A vulnerability in the xenvifgetrequests function in the drivers/net/xen-netback/netback.c module of the cross-platform Xen hypervisor of the Linux kernel is related to the null pointer dereferencing in the function xenvifgetrequests. Exploiting the vulnerability could allow an attacker to cause ...
ROS-20240927-02
A vulnerability in the Google Chrome browser is related to the execution of certain user interface gestures Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed the user interface using a specially crafted HTML page A vulnerability in Google Chrome browse...
ROS-20240924-01
The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, redirect a user to an arbitrary URL using a specially crafted extension The vulnerability in...
ROS-20240916-07
A vulnerability in the fetch function of the Node.js software platform involves uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service DoS...
ROS-20240916-03
A vulnerability in the Node.js software platform is related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to disable the validation of the integrity A vulnerability in the APIgenerateKeys function of the Node.js software platform is...
ROS-20240911-08
The vulnerability of the configobj ini file reader and writer is related to the placement of a malicious value into a server-side configuration file by a developer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240827-11
Vulnerability in the HTTP2 Stream Handler component of Apache Tomcat application server is related to insufficient exceptional state handling. exceptional state handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a...