8110 matches found
ROS-20251215-7304
Vulnerability in advancecomp related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251203-17
Vulnerabilities in GLPI's computer hardware request, incident, and inventory system are related to insufficient cleansing of user-supplied data. Exploitation of the vulnerability could allow A remote attacker to use malicious code to steal recipient credentials mail...
ROS-20251203-08
The aiohttp HTTP client vulnerability is related to the fact that the final sections of an HTTP request are not analyzed. Exploitation of the vulnerability could allow an attacker acting remotely to perform spoofing attacks on HTTP requests. HTTP requests...
ROS-20251203-12
A vulnerability module in the Perl programming language YAML::Syck is related to the boundary conditions in token.c. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. potentially sensitive information...
ROS-20251203-04
A vulnerability in the cross-platform software development framework Qt is related to the fact that QStringConverter has an invalid pointer passed as a callback. Exploitation of the vulnerability could allow an attacker to bypass the implemented security restrictions...
ROS-20251203-20
A vulnerability in the setupLookaside function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20251124-02
Vulnerability of the software tool for implementing network routing on Unix-like systems FRRouting is related to insufficient validation of OSPF LSA packets in the ospfteparsete function in ospfd/ospfte.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial...
ROS-20251124-10
The Kea open source DHCP server vulnerability is related to the use of a pointer offset outside the range. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...
ROS-20251124-12
A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...
ROS-20251124-14
A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...
ROS-20251117-07
A vulnerability in the recv function of the tls component of the Linux kernel is related to an inaccessible exit condition. exit. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20251113-07
The BIND DNS server vulnerability is related to a pseudo-random number generator PRNG vulnerability. Exploitation exploitation of the vulnerability could allow a remote attacker to compromise the integrity of data in the DNS system A vulnerability in the BIND DNS server is related to the loading ...
ROS-20251112-01
Squid proxy server vulnerability related to data boundary checking errors during encoding processing ASN.1 long SNMP OIDs in asnbuildobjid function in lib/snmplib/asn1.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service Vulnerability of emailerrdata...
ROS-20251111-08
A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...
ROS-20251110-01
FFmpeg multimedia library vulnerability is related to null pointer dereferencing error in HLS playlists parsing. when parsing HLS playlists. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the audioelementobu function of the...
ROS-20251106-08
A vulnerability in the Gstreamer multimedia framework is related to a null pointer dereferencing bug in the SubRip subtitle parser. SubRip subtitle parser. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Gstreamer multimedia framework vulnerability...
ROS-20251106-01
The vulnerability in the Portainer container management platform is related to a vulnerability in the server side, API, registry list output logic, and/or a component that returned fields with secrets. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20251030-05
Vulnerability of Erlang programming language OTP library set is related to incorrect checking of ZIP archives in "zip:unzip/1,2" and "zip:extract/1,2" procedures of Erlang/OTP standard library ZIP archives in the "zip:unzip/1,2" and "zip:extract/1,2" procedures of the Erlang/OTP standard library...
ROS-20251030-06
A vulnerability in the Perl data structure to JSON conversion module Cpanel::JSON::XS is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...
ROS-20251029-04
A plug-in vulnerability in the Grafana-Zabbix web-based data submission tool is related to maximum CPU utilization. Exploitation of the vulnerability could allow an attacker due to a custom request with a regular expression, acting remotely, to cause a denial of service...
ROS-20251028-11
A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...
ROS-20251028-07
A vulnerability in the library commands for Exiv2 media file metadata management is related to the following quadratic algorithm in the ICC profile analysis code in jpegBase::readMetadata can lead to a prolonged Exiv2. Exploitation of the vulnerability could allow an attacker to cause a denial of...
ROS-20251028-09
A vulnerability in the Java library for JSON-lib bean-component conversion is related to improper handling unbalanced comment strings. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20251027-02
A vulnerability in the NVIDIA CUDA GPU parallel computing software toolkit is related to insufficient validation of user input data. Toolkit is related to insufficient verification of user input in the command line tool nvdisasm. Exploitation of the vulnerability could allow an attacker to cause ...
ROS-20251023-02
Vulnerability of ip6makeskb function of net/ipv6/ip6output.c module of Linux kernel IPv6 protocol implementation is related to the use of uninitialized resource. of Linux operating system is related to the use of an uninitialized resource. Exploitation the vulnerability could allow an attacker to...
ROS-20251022-03
ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...
ROS-20251020-05
Vulnerability in the audit subroutine of the enterprise information archiving platforms Vault Enterprise and Vault Community Edition is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending...
ROS-20251020-08
A vulnerability in the JavaScript JSS web application styling tool is related to a memory leak in a non-standard configuration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251017-02
A vulnerability in the LoongArch component of the Linux operating system kernel is related to incorrect locking in the arch/loongarch/include/asm/io.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service Vulnerability of...
ROS-20251016-03
A vulnerability in the FirmwarePerformancePei.c component of the UEFI EDK2 open source development environment is related to the lack of division by zero check. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251014-01
The vulnerability of the Rack module interface of the Ruby programming language interpreter is related to the fact that application does not properly control consumption of internal resources in the function "Rack::QueryParser" function. Exploitation of the vulnerability could allow an attacker...
ROS-20251014-02
A vulnerability in the pamsmauthenticate function of the Yubico pam-u2f PAM module is related to the return of an invalid status code state. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20251006-11
A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...
ROS-20250930-15
Kea open source DHCP server vulnerability is related to availability checking when processing DHCP packets. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250929-10
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20250925-03
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...
ROS-20250925-02
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...
ROS-20250924-09
The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...
ROS-20250912-04
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250911-04
Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...
ROS-20250911-06
Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...
ROS-20250911-07
A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to affect the integrity, availability, and confidentiality of protected information. confidentiality of...
ROS-20250911-02
Vulnerability of the rterawcksummbuf function of the vhost library of the DPDK suite of libraries and drivers for fast packet processing is related to the operation exceeding the memory buffer boundary while processing the len parameter. DPDK packet processing is related to the operation exceedin...
ROS-20250905-04
A vulnerability in the radosgw daemon of the Ceph data storage system is related to insufficient authentication of the when processing JWT tokens. Exploitation of the vulnerability could allow an intruder acting remotely to bypass the authentication procedure...
ROS-20250826-07
Glib library vulnerability is related to an overflow error when processing a long invalid ISO 8601 timestamp using the gdatetimenewfromiso8601 function. ISO 8601 timestamp using the gdatetimenewfromiso8601 function. Exploitation of the vulnerability could allow an an attacker to cause a denial of...
ROS-20250822-16
A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...
ROS-20250818-04
Vulnerability of AmdPspP2CmboxV2 driver in AMD processor firmware is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in AMD processor firmware AmdCpmDisplayFeatureSMM driver is related to insufficient inpu...
ROS-20250814-12
EMACS text editor vulnerability is related to incorrect input validation of the org-babel-execute:latex in ob-latex.el when processing file or directory names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250813-03
Vulnerabilities in the UEFI Firmware component of Intel processor firmware are related to input validation flaws. Exploitation of the vulnerability could allow an attacker to elevate their privileges A vulnerability in the Linux kernel mode driver for certain IntelR Ethernet network controllers a...
ROS-20250813-04
VMware Tools suite vulnerability is related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate privileges...