8110 matches found
ROS-20260529-73-0019
The vulnerability of the software for interacting with servers via CURL is related to the storage of dangerous files. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...
ROS-20260526-73-0004
A vulnerability in the libexpat XML file parsing library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260525-73-0003
Vulnerability in awscli2 related to the use of an invalid referenced name. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0038
A vulnerability in the crc32combine64 and crc32combinegen64 functions of the open source lossless data compression library zlib is related to the fact that the x2nmodp function can perform right shifts in a loop without a termination condition. Exploitation of the vulnerability could allow an...
ROS-20260524-73-0037
Vulnerability in vim text editor is related to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
ROS-20260524-73-0046
Vulnerability in nextcloud related to authorization bypass through the use of a user-controlled key. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
ROS-20260520-73-0028
A vulnerability in the Skia graphics library of Google Chrome and Microsoft Edge browsers involves reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity and availability of protected...
ROS-20260520-73-0017
A vulnerability in the JavaScript script handler V8 of Google Chrome and Microsoft Edge browsers is related to writing outside buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0054
A vulnerability in the PDF component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted PDF file...
ROS-20260520-73-0047
A vulnerability in the WebCodecs component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0058
A vulnerability in the Compositing component of the Google Chrome browser is related to memory usage after release. Exploiting the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service...
ROS-20260520-73-0053
A vulnerability in the WebGL component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260515-73-0042
A vulnerability in the Picture In Picture technology of Google Chrome browser is associated with incorrect restriction of visualized user interface layers. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of protected information using a specially...
ROS-20260515-73-0028
A vulnerability in the JavaScript script handler V8 of the Google Chrome and Microsoft Edge browsers is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260513-73-0017
Vulnerability in python2-requests related to insecure temporary files. Exploitation of the vulnerability could allow an attacker to overwrite arbitrary files...
ROS-20260513-73-0005
An interpretation conflict vulnerability in rubygem-rack. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260512-73-0008
A vulnerability in the escapebytestring function of the gio/gfileattribute.c component of the GLib library set is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260512-73-0023
A vulnerability in the Core component of the Oracle VM VirtualBox virtual machine is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to gain full control over the application...
ROS-20260512-73-0025
A vulnerability in the kernel of the Oracle VM VirtualBox virtualization software tool is related to a flaw in the data protection mechanism. Exploitation of the vulnerability may allow an attacker to bypass existing security mechanisms...
ROS-20260508-73-0013
Vulnerability in nodejs-minimatch related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260506-73-0033
Vulnerability in tomcat11 related to insufficient protection of registration data. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...
ROS-20260505-73-0065
A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...
ROS-20260401-73-0011
A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...
ROS-20260324-73-0018
A vulnerability in the Linux operating system kernel is related to insufficient blocking. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260324-73-0010
A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260324-73-0006
A vulnerability in the ipv6 component of the Linux operating system kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an attacker acting remotely to affect confidentiality, integrity and availability of protected information...
ROS-20260324-73-0013
A vulnerability in the xilinx component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260313-73-0025
A vulnerability in the kvmvmioctlcreatevcpu function of the Linux operating system kernel is caused by a race condition. Exploitation of the vulnerability may allow an attacker to cause a denial of service...
ROS-20251203-11
Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...
ROS-20251029-07
The vulnerability in the Golang programming language is related to the implementation of a function where a string is accumulated via repeated concatenation without effectively managing memory or time complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of servi...
ROS-20250619-04
Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...
ROS-2-178
2.178 Notification on update of the RID OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...
ROS-20250505-31
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250505-32
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250430-10
The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. hidden HTTP request HTTP Request...
ROS-20250430-12
The vulnerability in the PHP programming language interpreter is related to a flaw in header processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request Smuggling attac...
ROS-20250422-01
A vulnerability in the Bluetooth driver of the Linux kernel is related to the dereferencing of a null pointer due to competitive resource access race condition in the hciuartttyioctl function between the HCIUARTSETPROTO and HCIUARTGETPROTO commands in the drivers/bluetooth/hcildisc.c module...
ROS-20250402-07
A vulnerability in the Consul and Consul Enterprise service configuration tool is related to insufficient validation of user input. of user input. Exploitation of the vulnerability could allow an attacker acting remotely to launch an SSRF attack. remotely to launch an SSRF attack Vulnerability in...
ROS-20250326-05
A vulnerability in the sysexec function of MariaDB software is related to insecure permissions. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands with elevated privileges...
ROS-20250326-01
Pidgin instant messaging vulnerability is related to DNS response spoofing and redirecting client connections to a malicious server. redirecting client connections to a malicious server. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service to an...
ROS-20250325-01
A vulnerability in the net component of the Linux kernel is related to a read error outside the allowed range in drivers/net/wwan/wwancore.c. valid range in drivers/net/wwan/wwancore.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the n...
ROS-20250307-06
A vulnerability in the OpenSSL library is related to a temporary side-channel in the ECDSA signature computation. Exploitation of the vulnerability could allow a remote attacker to recover the private key...
ROS-20250219-02
A vulnerability in the bsonstrfreev function of the libbson library of the MongoDB database management system driver C Driver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to affect the integrity of protected information...
ROS-20250203-07
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service via a specially crafted...
ROS-20250203-09
Vulnerability of the streaming python-multipart parser is related to insufficient input validation when processing "Content-Type" HTTP header value using regular expressions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250127-01
Vulnerability of striptags function of django.utils.html module of Django web application software platform is related to unrestricted resource allocation as a result of incorrect HTML character escaping. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial ...
ROS-20250121-09
Vulnerability of the compiler of the html-template tool jinja is related to the failure to neutralize the special controls when processing f-lines. Exploitation of the vulnerability could allow an attacker to bypass the sandbox protection mechanism, execute arbitrary code, or cause a denial of...
ROS-20250113-01
A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20250110-10
A vulnerability in the asyncio.SelectorSocketTransport.writelines function of the Python programming language is associated with an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...
ROS-20241211-08
CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...