8110 matches found
ROS-20240703-08
Vulnerability of the parsetagandwiretype function of the protobuf-c.c component of the data serialization protocol in the C programming language Protobuf-c is related to resource release errors. C programming language Protobuf-c protocol is related to errors in resource release. Exploitation of t...
ROS-20240703-09
A vulnerability in the WSGI Werkzeug web application library is related to the fact that the application does not properly control the consumption of internal resources when parsing data from a composite form with a large number of fields. internal resource consumption when parsing data from a...
ROS-20240703-11
A vulnerability in the cloud-init virtual machine configuration package for Linux family operating systems is related to the fact that sensitive data could be exposed in cloud-init logs. Exploitation the vulnerability could allow an attacker to gain unauthorized access to the protected informatio...
ROS-20240702-06
The vulnerability of the libarchive archiving library of Windows operating systems is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240702-01
Vulnerabilities in Microsoft Visual Studio software development tool and Microsoft.NET Framework are related to uncontrolled resource consumption. Microsoft.NET Framework is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240701-03
Vulnerability in Moodle virtual learning environment related to improper validation of allowed event types in the calendar web service. events in the calendar web service. Exploitation of the vulnerability could allow an attacker acting remotely, to create events with types/audience for which the...
ROS-20240701-01
A vulnerability in the GIMP graphical editor is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code GIMP graphical editor vulnerability is related to a buffer overflow on parsing GIMPP PSD files. Exploitation of the vulnerability could...
ROS-20240701-02
A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...
ROS-20240628-01
A vulnerability in the Notes file of the distraction-free note-taking app for Nextcloud is related to the The ability to share a Notes folder with a new user before they are logged in. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive informatio...
ROS-20240627-05
A vulnerability in the updatesctpchecksum function of the QEMU hardware emulator is related to a reachability assertion when attempting to calculate the checksum of a fragmented packet of small size. of reachability when attempting to compute the checksum of a fragmented small packet. Exploitatio...
ROS-20240627-02
A vulnerability in the VPN protocol library using the "IPsec" libreswan is related to a statement of reachability when processing IKEv1 packets without specifying the esp string. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240627-06
A vulnerability in the Calendar component of cloud storage creation and utilization software Nextcloud Server is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the 2FA component...
ROS-20240627-03
A vulnerability in the QEMU hardware emulator is related to a memory re-release error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by performing a DMA re-entry...
ROS-20240627-04
A vulnerability in the ioctl component of the Flatpak application and environment management tool is related to copying text from the virtual console and pasting it into the command buffer, from which the command can be run after exiting the Flatpak application. Exploitation of the vulnerability...
ROS-20240627-01
A vulnerability in the implementation of the CORS mechanism of Microsoft Edge and Google Chrome browsers is related to weaknesses in the access controls. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and disclose protected...
ROS-20240625-06
Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data. Unauthorized access to confidential data...
ROS-20240625-05
A vulnerability in Salt's configuration management and remote execution system is related to the catalog traversal. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Salt configuration management and remote Salt operations...
ROS-20240625-04
A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the registervfs function hw/pci/pciesriov.c of the QEMU hardware emulator is related to a buffer overflo...
ROS-20240626-10
A vulnerability in the getUnpushedChanges function of the dependency manager for PHP Composer is related to the use of the status and reinstall commands. status, reinstall and remove commands. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary command...
ROS-20240626-12
A vulnerability in the Sphinx search engine is related to a path traversal error. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the protected information using the CALL SNIPPETS statement or the loadfile function...
ROS-20240626-08
A vulnerability in the ISO 9660 Image File Handler component of the libcdio library is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240625-01
Vulnerability in tiff.c file of ImageMagick console graphics editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240625-07
Vulnerability in tiff.c file of ImageMagick console graphic editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240626-13
Vulnerability of ExtractImageSection function of LibTIFF library is related to buffer copying without checking the the size of the input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service using a crafted Tiff file...
ROS-20240626-14
Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...
ROS-20240626-15
Vulnerability of avahishostnameresolverstart function of Avahi local network service discovery system is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240620-17
Vulnerability of importmultispectralquantum function of ImageMagick console graphical editor is caused by by a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the ReadTIFFImage function of the ImageMagick...
ROS-20240626-16
A vulnerability in the CRI-O container mechanism is related to the creation of a symbolic link pointing to an arbitrary directory or file on the host through directory traversal. an arbitrary directory or file on the host through directory traversal. Exploitation of the vulnerability could allow ...
ROS-20240620-18
Vulnerability in the ReadTIFFImage function of the ImageMagick console graphical editor related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the importmultispectralquantum function of the...
ROS-20240625-03
A vulnerability in the GlutAddSubMenu function of the MuPDF PDF viewer is related to a memory leak via the MenuEntry variable. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the GlutAddMenuEntry function of the MuPDF PDF...
ROS-20240625-02
A vulnerability in the lxc-user-nic component of the LXC virtualization system is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the protected information...
ROS-20240626-07
A vulnerability in the Net::CIDR::Lite module of the Perl programming language interpreter is related to bugs in the handling foreign null characters at the beginning of an IP address string. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access controls...
ROS-20240626-09
Vulnerability of opj2decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir comman...
ROS-20240619-11
Vulnerability in imgallochelper function of libaom video encoding library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafted data...
ROS-20240619-03
A vulnerability in the userinfo URI subcomponent of the GNU Wget download manager is related to an insecure behavior whereby in which data that should be in the userinfo subcomponent is misinterpreted as being part of the host subcomponent. Exploitation of the vulnerability could allow an attacke...
ROS-20240619-02
Vulnerability of JSON object signing and encryption module for Erlang and Elixir programming languages erlang-jose JOSE for Erlang is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20240619-01
A vulnerability in the OpenSSH ECDSA Key Handler component of the OpenSSH ECDSA Key Handler technology for signing and encrypting JavaScript objects in Python is related to the definition of a blacklist of prefixes for public keys. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240618-01
A vulnerability in the SVG Handler component of the RoundCube email client is related to cross-site scripting attacks. Exploitation of the vulnerability could allow an attacker acting remotely to exploit XSS via the SVG animation attributes. Vulnerability in the User Preferences Handler component...
ROS-20240618-02
Vulnerability in util/gif2rgb.c file of GIFLIB library for working with GIF files is related to memory leakage through a gif file. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...
ROS-20240617-02
A vulnerability in the bgpd/bgpattr.c file of a software tool for implementing network routing on Unix-like FRRouting systems is related to read outside bgpattraigpvalid bounds, as there are no AIGP checks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denia...
ROS-20240617-01
The strongSwan daemon vulnerability is related to certificate validation errors in TLS-based EAP methods. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...
ROS-20240614-01
Vulnerability of UnRAR file unzipping tool is related to incorrect restriction of the path name to the directory with restricted access. Exploitation of the vulnerability could allow a remote attacker, Overwrite arbitrary files using a specially crafted archive...
ROS-20240614-02
The vulnerability in the Python programming language interpreter is related to errors in the conversion of int and str data types. int and str data types. Exploitation of the vulnerability could allow an attacker to cause a denial of service due to the algorithmic complexity...
ROS-20240613-02
The vulnerability of the RelinquishDCMInfo function of the dcm.c component of the ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial ...
ROS-20240613-01
A vulnerability in the tlsnewciphertext function of the iPXE network boot standard is related to manipulation of the padlen argument in the src/net/tls.c file of the TLS component. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive information...
ROS-20240613-04
Vulnerability of RelinquishDCMInfo function of dcm.c component of ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial of service via a...
ROS-20240613-03
Vulnerability in program/lib/Roundcube/rcubestringreplacer.php component of RoundCube mail client Webmail exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...
ROS-20240611-01
Vulnerability in BSON Handler component of PyMongo client library is related to deserialize incorrect BSON. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive information...
ROS-20240611-08
A vulnerability in the PushShortPixel function of a program for reading and editing files of multiple graphic formats, ImageMagick, is related to the passing of a specially created TIFF image file to ImageMagick for editing. of the ImageMagick program for reading and editing files of multiple...
ROS-20240611-17
A vulnerability in the PushShortPixel function of a program for reading and editing files of multiple graphic formats, ImageMagick, is related to the passing of a specially created TIFF image file to ImageMagick for editing. of the ImageMagick program for reading and editing files of multiple...