8160 matches found
ROS-20240522-05
A vulnerability in the Hotspot component of Java SE software platforms, Oracle GraalVM Enterprise Virtual Machine Edition is related to insufficient input data validation. Exploitation of the vulnerability could allow A remote attacker to create, delete, or modify access to data Vulnerability in...
ROS-20240522-07
A vulnerability in the Firebird database management system is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a long CHAR instruction...
ROS-20240522-01
A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host system...
ROS-20240522-03
A vulnerability in the KUBE-APISERVER component of the virtual machine cluster management software tool Kubernetes is related to the use of containers with a populated envFrom field.Exploitation of the vulnerability could allow an attacker acting remotely to launch containers bypassing the securi...
ROS-20240521-02
Vulnerability in HTTP Digest Authentication handler of Squid proxy server is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other impact. remotely to cause a denial of service or other impact...
ROS-20240521-01
Mutt mail client vulnerability is related to pointer dereferencing errors when processing message headers. message headers. Exploitation of the vulnerability could allow an attacker to cause a denial of service Mutt mail client vulnerability is related to null pointer dereferencing. Exploitation ...
ROS-20240521-06
A vulnerability in the RSA Key Exchange Handler component of the encryption and SSL toolkit for Python m2crypto is related to decryption of captured messages on TLS servers using RSA key exchange. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an intruder to t...
ROS-20240521-05
A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machine Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could Allow a remote attacker to disclose protected information A vulnerability in...
ROS-20240521-09
A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...
ROS-20240521-10
A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...
ROS-20240521-07
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...
ROS-20240521-11
A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...
ROS-20240521-03
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...
ROS-20240521-04
Vulnerability of the lysparsemem function parser and data modeling language toolkit for YANG libyang is related to the lack of a check if the value mod-revision is NULL. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240521-08
A vulnerability in the API interface of the Grafana web-based data representation tool is related to insecure privilege management. privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to restricted functions A vulnerability in...
ROS-20240516-01
Vulnerability of Less, a utility for UNIX-like text terminals, is related to incorrect processing of quotation marks in filename.c file. quotes in the filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
ROS-20240514-08
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-04
A vulnerability in the Netty networking software is associated with the occurrence of an interpretation conflict. Exploitation of the vulnerability could allow an attacker acting remotely to disclose and modify protected information A vulnerability in the Netty networking software is related to...
ROS-20240514-03
The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240514-16
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-14
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...
ROS-20240514-15
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...
ROS-20240514-01
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-09
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-07
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-06
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-13
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...
ROS-20240514-12
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-05
Vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to a buffer overflow on the stack. buffer overflow on the stack. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial...
ROS-20240514-02
A vulnerability in the Apache Maven framework is related to a flaw in the data source validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...
ROS-20240514-10
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240514-11
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240508-01
Vulnerability in the Rack module of the Ruby interpreter is related to incorrect implementation of the Ruby programming language of handling invalid URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240507-09
Vulnerability in the Extensions component of Microsoft Edge and Google Chrome browsers is related to incorrect security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information V8 JavaScript script handler...
ROS-20240507-01
Vulnerability of ANSI Escape Sequence Handler component of WinRAR file archiver is related to errors in input data processing. input data processing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or tamper with screen output...
ROS-20240503-19
A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks...
ROS-20240507-03
A vulnerability in the FileBackedOutputStream feature of the Google Guava Java library suite is related to the use of files and directories accessible to external parties. Exploitation of the vulnerability could allow an attacker to Gain unauthorized access to protected information...
ROS-20240507-07
A vulnerability in the ProcRenderAddGlyphs function of the X Window System Xorg-server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted file Vulnerability of ProcXIPassiveGrabDevi...
ROS-20240507-08
Vulnerability of nghttp2 library in part of HTTP/2 protocol implementation is related to uncontrolled resource consumption as a result of incorrect header termination detection during CONTINUATION frames processing. resources as a result of incorrect header termination detection during CONTINUATI...
ROS-20240503-18
A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks A vulnerability in the Apache Maven framework is...
ROS-20240507-06
A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management tool is related to the injection or modification of arguments. Exploitation of the vulnerability could allow an attacker to to exit an isolated program environment and access files on the...
ROS-20240507-04
A vulnerability in the Temp File Handler component of rc is related to the creation of temporary files. Exploitation The exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...
ROS-20240507-05
Vulnerability of setKey function of minimist command line argument parsing library is related to uncontrolled change of object prototype attributes. Exploitation of the vulnerability could allow an attacker to implement a "prototype pollution" attack...
ROS-20240506-01
A vulnerability in the libexpat XML parser library is related to incorrect restriction of XML references to external objects. XML references to external objects. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting specially crafte...
ROS-20240506-02
A vulnerability in the Glib library is related to GVariant deserialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of Glib library function gbytearraynewtake is related to buffer copying without checking the the size of the input data...
ROS-20240503-02
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20240503-06
Vulnerability in the GLPI request and incident handling system related to incorrect input neutralization during web page creation. during the creation of a web page. Exploitation of the vulnerability could allow an attacker acting remotely, perform an XSS attack...
ROS-20240503-12
Vulnerability in administration console of cross-platform real-time collaboration server Openfire is related to a path traversal capability. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...
ROS-20240503-09
Vulnerability in the IPv6 implementation of the container isolation software tool Moby is related to disclosure of information in an erroneous data area. Exploitation of the vulnerability could allow an attacker to obtain sensitive information...
ROS-20240503-10
Vulnerability of iconv function of glibc system library is related to possibility of writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to potentially execute arbitrary code by injecting a specially crafted PHP file...