8244 matches found
ROS-20260112-7320
A vulnerability in the drivers/media/i2c/et8ek8/et8ek8 component of the Linux kernel is associated with a resource leak. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and cause a denial of service...
ROS-20260112-7319
A vulnerability in the ax25addrax25dev function of module net/ax25/ax25dev.c of the Linux operating system kernel is related to resource leakage. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7314
A vulnerability in the dmirrordeviceevictchunk function of the lib/testhmm.c module of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7305
A vulnerability in the genradixiterpeek function of the include/linux/generic-radix-tree.h module of the Linux operating system kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251226-7306
A vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to information disclosure. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...
ROS-20251226-7302
A vulnerability in the Twisted network framework is related to the failure to take measures to protect the structure of a web page. Exploitation of the vulnerability allows a remote attacker to gain access to sensitive data and compromise its integrity...
ROS-20251226-7303
A vulnerability in the twisted.web.util.redirectTo function of the Twisted networking framework is related to the failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its...
ROS-20251223-7314
A vulnerability in the Snapshot/Restore commands of the AdminServer component of the centralized service for maintaining configuration information, naming, providing distributed synchronization, and provisioning Apache ZooKeeper group services is related to incorrect handling of insufficient...
ROS-20251223-7313
Vulnerability in iputils related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251223-7307
Vulnerability in python3 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251223-7309
Vulnerability in python3.11 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251223-7301
Vulnerability in ImageMagick related to memory re-release bug. Exploitation of the vulnerability may allow an attacker to cause a denial of service...
ROS-20251223-7320
Vulnerability in jenkins related to unencrypted storage of credentials. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...
ROS-20251223-7318
Vulnerability in jenkins related to a flaw in the authorization procedure. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20251223-7323
A vulnerability in the urllib.parse.urlsplit and urlparse functions of the Python programming language interpreter is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity...
ROS-20251219-7304
Vulnerability in mongodb-org related to flaws in authorization procedure. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20251219-7302
Vulnerability in chromium is related to speculative race conditions that can lead to access to already freed memory areas in case of incorrect prediction of code branches by the processor. Exploitation of the vulnerability could allow an attacker to access protected memory from a program without...
ROS-20251217-7312
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20251217-7310
A vulnerability in Mozilla Firefox and Firefox ESR browsers is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...
ROS-20251216-7358
A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browsers is related to flaws in the implementation of security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...
ROS-20251216-7335
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain full control over the application...
ROS-20251216-7320
Vulnerability in virtualbox-guest-additions related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20251216-7360
A vulnerability in the V8 JavaScript script handler of Google Chrome and Microsoft Edge browsers is related to errors in the implementation of security checks for standard elements. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20251216-7362
A vulnerability in the Omnibox component of Google Chrome and Microsoft Edge browsers is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface using a specially crafted HTML page...
ROS-20251215-7305
A vulnerability in the net component of the Go programming language is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251215-7302
A vulnerability in the net/sched/schhfsc.c component of the Linux kernel is associated with the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of servi...
ROS-20251203-06
A vulnerability in Varnish web content caching software is related to incorrect HTTP/1 requests HTTP/1 request validation. Exploitation of the vulnerability could allow a remote attacker, Perform HTTP request spoofing attacks...
ROS-20251203-17
Vulnerabilities in GLPI's computer hardware request, incident, and inventory system are related to insufficient cleansing of user-supplied data. Exploitation of the vulnerability could allow A remote attacker to use malicious code to steal recipient credentials mail...
ROS-20251203-08
The aiohttp HTTP client vulnerability is related to the fact that the final sections of an HTTP request are not analyzed. Exploitation of the vulnerability could allow an attacker acting remotely to perform spoofing attacks on HTTP requests. HTTP requests...
ROS-20251202-09
A vulnerability in the Fullscreen component of the Google Chrome browser is related to presentation errors in the user interface in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely, spoof the user interface using a specially crafted HTML page...
ROS-20251202-06
A vulnerability in the Autofill component of the Google Chrome browser is related to presentation errors in the user interface user interface. Exploitation of the vulnerability could allow an attacker acting remotely, spoof the user interface using a specially crafted HTML page...
ROS-20251124-02
Vulnerability of the software tool for implementing network routing on Unix-like systems FRRouting is related to insufficient validation of OSPF LSA packets in the ospfteparsete function in ospfd/ospfte.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial...
ROS-20251124-10
The Kea open source DHCP server vulnerability is related to the use of a pointer offset outside the range. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...
ROS-20251124-14
A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...
ROS-20251124-12
A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...
ROS-20251117-07
A vulnerability in the recv function of the tls component of the Linux kernel is related to an inaccessible exit condition. exit. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20251113-07
The BIND DNS server vulnerability is related to a pseudo-random number generator PRNG vulnerability. Exploitation exploitation of the vulnerability could allow a remote attacker to compromise the integrity of data in the DNS system A vulnerability in the BIND DNS server is related to the loading ...
ROS-20251112-01
Squid proxy server vulnerability related to data boundary checking errors during encoding processing ASN.1 long SNMP OIDs in asnbuildobjid function in lib/snmplib/asn1.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service Vulnerability of emailerrdata...
ROS-20251111-08
A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...
ROS-20251110-02
A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before file access. before accessing a file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code if a user opens a specially crafted ZIP archive. provided the user opens a...
ROS-20251106-01
The vulnerability in the Portainer container management platform is related to a vulnerability in the server side, API, registry list output logic, and/or a component that returned fields with secrets. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20251106-08
A vulnerability in the Gstreamer multimedia framework is related to a null pointer dereferencing bug in the SubRip subtitle parser. SubRip subtitle parser. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Gstreamer multimedia framework vulnerability...
ROS-20251030-05
Vulnerability of Erlang programming language OTP library set is related to incorrect checking of ZIP archives in "zip:unzip/1,2" and "zip:extract/1,2" procedures of Erlang/OTP standard library ZIP archives in the "zip:unzip/1,2" and "zip:extract/1,2" procedures of the Erlang/OTP standard library...
ROS-20251029-04
A plug-in vulnerability in the Grafana-Zabbix web-based data submission tool is related to maximum CPU utilization. Exploitation of the vulnerability could allow an attacker due to a custom request with a regular expression, acting remotely, to cause a denial of service...
ROS-20251029-02
The vulnerability in the RabbitMQ messaging and streaming broker is due to the fact that the software stores sensitive information in log files. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...
ROS-20251028-07
A vulnerability in the library commands for Exiv2 media file metadata management is related to the following quadratic algorithm in the ICC profile analysis code in jpegBase::readMetadata can lead to a prolonged Exiv2. Exploitation of the vulnerability could allow an attacker to cause a denial of...
ROS-20251028-11
A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...
ROS-20251028-09
A vulnerability in the Java library for JSON-lib bean-component conversion is related to improper handling unbalanced comment strings. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20251027-02
A vulnerability in the NVIDIA CUDA GPU parallel computing software toolkit is related to insufficient validation of user input data. Toolkit is related to insufficient verification of user input in the command line tool nvdisasm. Exploitation of the vulnerability could allow an attacker to cause ...
ROS-20251022-03
ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...