8050 matches found
ROS-20240823-01
Vulnerability of amdgpurasgetcontext function in drm/amdgpu component of Linux operating system kernel is related to null pointer dereferencing on drmcvtmode failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of brcmfnotifyescancomplete...
ROS-20240425-01
Vulnerability of Apache HTTP Server web server in the part of HTTP/2 protocol implementation is related to uncontrolled resource consumption due to incorrect header termination detection during CONTINUATION frame processing. CONTINUATION frames. Exploitation of the vulnerability could allow an...
ROS-20231107-01
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20221013-01
A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug builds caused by a syntactically invalid type signature with improperly nested brackets and curly braces. Exploitation of the vulnerability could allow an attacker to execute a...
ROS-20220706-02
The Rubygem Rack web application development interface vulnerability is related to incorrect input validation when processing data transmitted through the Rack Lint middleware and CommonLogger middleware. Exploitation of the vulnerability could allow an attacker acting remotely to send specially...
ROS-20220518-01
A vulnerability in the Mozilla Firefox browser is related to improper permission management in the application. Exploitation of the vulnerability could allow an attacker acting remotely to create a web page that Bypasses the existing browser hint and inherits top-level permissions improperly The...
ROS-20220412-03
Vulnerability in Mozilla Thunderbird email client, related to a memory freeing error when processing HTML content after the VR process is destroyed. Exploitation of the vulnerability could allow an attacker, acting remotely, create a specially crafted web page, trick the victim into opening it,...
ROS-20220125-08
The Sendmail mail transfer agent vulnerability is related to a logical error in the TLS implementation when working with different protocols but using compatible certificates such as multi-domain or wildcard certificates. wildcard certificates. Exploitation of the vulnerability could allow an...
ROS-20220112-03
The vsftpd FTP server vulnerability is related to a provenance check error in the TLS implementation when working with different protocols. different protocols. Exploitation of the vulnerability could allow an attacker acting remotely and capable of performing a MitM attack at the TCP/IP level,...
ROS-20240813-03
Vulnerability of the usersdmatxadd function of the Infiniband driver of the Linux kernel is related to a pointer dereferencing error. pointer dereferencing error. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of the i2cputadapter...
ROS-20240403-01
A vulnerability in the column.title and cellLinkTooltip components of the Grafana web-based data presentation tool is related to insufficient protection of the web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges A vulnerability in t...
ROS-20230406-01
A vulnerability in the curl program is related to the incorrect replacement of the tilde character when used as a prefix in the first path element, in addition to its intended use as the first element to specify a path relative to a user's home directory. element to specify a path relative to the...
ROS-20220329-01
A vulnerability in the zlib data compression library is related to incorrect limitation of operations within the memory buffer due to insufficient validation of user input during data compression. memory due to insufficient validation of user-entered data during data compression. Exploitation...
ROS-20220112-01
A vulnerability in the X.Org Server - X Window System server implementation is caused by an out-of-memory write in the SProcScreenSaverSuspend function in the Screen Saver extension. Exploitation of the vulnerability could allow an attacker to send a specially crafted suspend request, initiate an...
ROS-20230627-01
The vulnerability in the Moodle virtual learning environment is related to insufficient cleansing of data submitted by users, in the external Wiki method for listing pages, a user can send a specially crafted query to the affected application and execute limited SQL commands on the application's...
ROS-20250515-03
Vulnerability of flacbuffercopy function of libsndfile library is related to reading data outside the buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information and cause a denial of service. unauthorized acces...
ROS-20221103-06
Apache Tomcat application server vulnerability is related to incorrect implementation of read/write locking. writes. Exploitation of the vulnerability could allow an attacker acting remotely to cause a concurrency error and force client connections to share an instance of Http11Processor...
ROS-20221013-02
The vulnerability in the Moodle course management system is related to the fact that the H5P attempted action report does not group permissions are not taken into account when displaying to non-editing teachers information about attempts/users in groups to which they should not have access. about...
ROS-20220304-01
Vulnerability in snapd's snap packet management daemon, related to insufficient validation of interface snapd content and layout paths. Exploitation of the vulnerability could allow an attacker to enforce arbitrary AppArmor policy rules through a corrupted content interface and layout declaration...
ROS-20220202-01
Vulnerability in the GLPI request and incident handling system, related to insufficient clearing of the of user data in the reset button. Exploitation of the vulnerability could allow an attacker, acting remotely, to force a victim to click on a specially crafted link and execute arbitrary HTML a...
ROS-20220114-01
Vulnerability in Firefox browser, related to incorrect processing of user data. of user data. Exploitation of the vulnerability could allow an attacker acting remotely to mislead, by showing an incorrect origin when requesting to run a program and processing an external URL protocol Firefox brows...
ROS-20250430-13
HAProxy server software vulnerability is related to bounds errors in regsub function in src/sample.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240212-01
A vulnerability in the PKCS11 function of the ssh-agent component of the OpenSSH cryptographic security tool is related to the following the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute...
ROS-20220926-01
A vulnerability in the Vim text editor is related to a boundary error in the utfcptr2len function in mbyte. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a heap buffer overflow, and execute arbitrary code...
ROS-20220128-03
A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...
ROS-20220125-11
A vulnerability in the Http2MultiplexHandler class of the Netty networking software is related to incorrect request processing when converting HTTP/2 stream to HTTP/1.1. The exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity. an attacker acting...
ROS-20220125-13
Vulnerability of PostgreSQL database management system is related to failure to take measures to encrypt protected data of protected data. Exploitation of the vulnerability could allow a remote attacker, realize a man-in-the-middle attack Vulnerability in libpq library of PostgreSQL database...
ROS-2-517
2.517 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...
ROS-20250430-04
A vulnerability in the libsoup library of the GNOME GUI is related to an infinite loop when reading WebSocket data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service GNOME GUI libsoup library vulnerability is related to NULL pointer dereferenci...
ROS-20240924-03
Vulnerability of the ice component of the Linux kernel is related to the NULL pointer dereferencing in the kzalloc. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the arm64/mm component of the Linux kernel is related to incorrect handling o...
ROS-20230203-01
A vulnerability in the GNU Tar archiver is related to the fromheader function in list.c via the V7 archive, in which mtime contains approximately 11 whitespace characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to transmit special data to the application and...
ROS-20220518-02
A vulnerability in Mozilla Thunderbird email client is related to incorrect processing of user input data when processing signed and encrypted attached messages. user input when processing signed and encrypted attached messages. Exploitation exploitation of the vulnerability could allow a remote...
ROS-20220225-02
Vulnerability in the Drupal content management system, related to incorrect access restrictions in the in the quick edit module. Exploitation of the vulnerability could allow an attacker acting remotely, to view content restricted by other means A vulnerability in Drupal's content management...
ROS-20220125-17
A vulnerability in the QEMU hardware emulator is related to a single offset error when emulating a SCSI device in QEMU. Exploitation of the vulnerability could allow an attacker acting remotely, cause QEMU to crash The QEMU hardware emulator vulnerability is related to a memory usage error after ...
ROS-20240402-12
A vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to update any personal or global external storage, making it inaccessible to everyone else. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass existing...
ROS-20231115-04
Visual Studio Coden source code editor vulnerability related to improper control of code generation. code generation. Exploitation of the vulnerability may allow an attacker to execute arbitrary code Visual Studio Code source code editor vulnerability is related to insufficient protection of...
ROS-20230929-01
Vulnerability in the URI component of the Ruby programming language, related to improper handling of invalid URLs containing certain characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the...
ROS-20220322-02
A vulnerability in the libarchive archiving library is related to a symbolic link when extracting files from an archive. Exploitation of the vulnerability could allow an attacker to create a specially crafted symbolic link to a critical file on the system, place it in an archive, and change the...
ROS-20250430-14
The vulnerability of ASP.NET Core software platform and Microsoft's software development tool Visual Studio is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240611-07
A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...
ROS-20240423-01
Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...
ROS-20240402-08
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20250731-01
Vulnerability in the implementation of OAuth request signing logic for Python OAuthLib is due to insufficient user data validation in urivalidate functions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250515-15
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-05
A vulnerability in the Poppler PDF display library is related to a floating-point exception in the PSStack::roll function. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Poppler PDF mapping library is related to improper signature...
ROS-20250505-10
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250430-15
Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...
ROS-20250430-05
Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...
ROS-20241021-09
A vulnerability in the ntfs3 component of the Linux operating system kernel is related to read errors outside the bounds in the ntfslistea function in fs/ntfs3/xattr.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the qedr component of...
ROS-20240411-08
The Jenkins Automation Server vulnerability involves the creation of temporary files with insecure permissions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, or delete files A vulnerability in the args4j library of the Jenkins Git server...