8215 matches found
ROS-20260112-7345
A vulnerability in the l2capsockrecvcb function in the net/bluetooth/l2capsock.c module of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...
ROS-20260112-7312
A vulnerability in the qplibfp.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7350
A vulnerability in the ondemand.c component of the Linux operating system kernel is related to improper control of resource identifiers. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7356
A vulnerability in the dcn3clkmgrconstruct function of the drivers/gpu/drm/amd/display/dc/clkmgr/dcn30/dcn30clkmgr.c module of the Linux operating system kernel is related to a lack of return value validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7307
A vulnerability in the smuv130updatepcieparameters function of the drivers/gpu/drm/amd/pm/swsmu/smu13/smuv130.c module, a driver to support the Direct Rendering Infrastructure DRI of AMD graphics cards in the Linux operating system kernel, is related to unchecked array indexing. Exploitation of t...
ROS-20260112-7366
A vulnerability in the f2fs component of the Linux operating system kernel involves improper error handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260112-7326
A vulnerability in the btrfsloadzoneinfo function in the fs/btrfs/zoned.c module of the Linux kernel btrfs file system is related to the reuse of previously freed memory due to competitive access to a resource race condition. Exploitation of the vulnerability may allow an intruder to affect...
ROS-20251223-7319
Vulnerability in jenkins related to unencrypted storage of credentials. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...
ROS-20251219-7305
Vulnerability in mongodb-org related to incorrect input of configuration data. The vulnerability can be exploited remotely...
ROS-20251217-7301
A vulnerability in the isolated container runc tool is associated with a race condition that allows link tracking. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of protected information...
ROS-20251217-7308
A vulnerability in the DOM: Core & HTML component of Mozilla Firefox and Firefox ESR browsers is related to a data protection mechanism violation. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions...
ROS-20251217-7316
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information using a specially crafted HTML pag...
ROS-20251217-7306
A vulnerability in the Omnibox component of the Google Chrome browser is related to the implementation of an incorrect control flow. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information...
ROS-20251215-7314
A vulnerability in the Yelp help system is related to the inclusion of functions from an invalid controlled scope when processing documents using the ghelp schema. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information and execute...
ROS-20251215-7304
Vulnerability in advancecomp related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251203-12
A vulnerability module in the Perl programming language YAML::Syck is related to the boundary conditions in token.c. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. potentially sensitive information...
ROS-20251203-03
A vulnerability in the JMX interface of the Apache Cassandra distributed database management system is related to a flaw in the deserialization mechanism. flaws in the deserialization mechanism. Exploitation of the vulnerability could allow an attacker to implement a man-in-the-middle...
ROS-20251203-04
A vulnerability in the cross-platform software development framework Qt is related to the fact that QStringConverter has an invalid pointer passed as a callback. Exploitation of the vulnerability could allow an attacker to bypass the implemented security restrictions...
ROS-20251203-20
A vulnerability in the setupLookaside function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20251202-07
A vulnerability in the Google Chrome browser's DevTools web development toolkit is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the sandbox...
ROS-20251124-03
A vulnerability in the PHP programming language is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20251124-11
A vulnerability in the Libraries component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity...
ROS-20251113-04
The MinIO object storage server vulnerability is related to flaws in the authorization mechanism. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...
ROS-20251112-04
The FreeIpa server vulnerability is related to the fact that the application does not check the canonical name root@REALM, which can also be used as a realm administrator name. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges from the host level to...
ROS-20251111-01
A vulnerability in the libxml2 library for manipulating XML and HTML files is related to uncontrolled recursion during the XPath computation in the xmlXPathRunEval function in xpath.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...
ROS-20251111-10
Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...
ROS-20251110-01
FFmpeg multimedia library vulnerability is related to null pointer dereferencing error in HLS playlists parsing. when parsing HLS playlists. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the audioelementobu function of the...
ROS-20251105-07
The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...
ROS-20251030-06
A vulnerability in the Perl data structure to JSON conversion module Cpanel::JSON::XS is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...
ROS-20251030-10
A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...
ROS-20251029-01
Gstreamer multimedia framework vulnerability is related to a buffer overflow on the stack. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20251023-01
A vulnerability in the cifscomposemountoptions function of the fs/smb/client/cifsproto.h module of the SMB client support kernel of the Linux operating system is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a...
ROS-20251023-02
Vulnerability of ip6makeskb function of net/ipv6/ip6output.c module of Linux kernel IPv6 protocol implementation is related to the use of uninitialized resource. of Linux operating system is related to the use of an uninitialized resource. Exploitation the vulnerability could allow an attacker to...
ROS-20251014-02
A vulnerability in the pamsmauthenticate function of the Yubico pam-u2f PAM module is related to the return of an invalid status code state. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20251014-05
A vulnerability in the interface of the Grafana monitoring and surveillance platform is related to the failure to take measures to protect the web page structure when processing the /swagger endpoint. web page structure when processing the /swagger endpoint. Exploitation of the vulnerability coul...
ROS-20250929-08
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information A vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is...
ROS-20250925-05
A vulnerability in the NVIDIA GPU Display Driver is related to incorrect authorization authorization. Exploitation of the vulnerability could allow an attacker to gain elevated privileges on the system A vulnerability in the NVIDIA GPU Display Driver software driver is related to an operation tha...
ROS-20250924-06
A vulnerability in the Django web application software platform is related to insufficient cleanup of the user data in FilteredRelation column aliases. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in the database A vulnerability in the...
ROS-20250911-02
Vulnerability of the rterawcksummbuf function of the vhost library of the DPDK suite of libraries and drivers for fast packet processing is related to the operation exceeding the memory buffer boundary while processing the len parameter. DPDK packet processing is related to the operation exceedin...
ROS-20250905-04
A vulnerability in the radosgw daemon of the Ceph data storage system is related to insufficient authentication of the when processing JWT tokens. Exploitation of the vulnerability could allow an intruder acting remotely to bypass the authentication procedure...
ROS-20250822-22
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-09
The vulnerability of the package designed to work with JSON Web Tokens jwt-go is related to incorrect checking of the data when processing data transmitted via m"aud". Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the authentication process...
ROS-20250822-24
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250819-06
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...
ROS-20250813-07
A vulnerability in the Java dnsjava DNS implementation is related to incorrect response checking during processing of DNS queries. Exploitation of the vulnerability could allow a remote attacker to bypass the implemented security restrictions. enforced security restrictions...
ROS-20250808-04
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250808-03
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250808-05
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250807-04
Git distributed version control system vulnerability in software development tools Microsoft Visual Studio is related to the use of an unreliable search path when spell checking of cloned repositories. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when clonin...
ROS-20250806-12
A vulnerability in the mtr network diagnostic tool is related to improper handling of an item specified in the MTRPACKET environment variable. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...