8162 matches found
ROS-20240418-03
A vulnerability in the underlying authentication system of the Grafana web presentation tool is related to flaws in the authorization mechanism when processing the verifyemailenabled parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass email verification...
ROS-20240418-02
Vulnerabilities in Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool are related to security settings errors. Microsoft Visual Studio software development tool is related to errors in security settings. Exploitation vulnerability could allow ...
ROS-20240415-02
Vulnerability of udevListInterfacesByStatus function in module src/interface/interfacebackendudev.c of libvirt library is caused by an off-by-one error. module of the libvirt library has an off-by-one error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240415-01
A vulnerability in the jbig2error function of the jbig2.c file of the Jbig2dec image compression format decoder is related to the SEGV vulnerability. SEGV vulnerability. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240415-04
Wireshark computer network traffic analyzer vulnerability related to memory leak in USB dissector HID. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...
ROS-20240415-03
Vulnerability of aprbase64 function of Apache Portable Runtime APR library is related to the ability to to write outside the buffer, act remotely, execute arbitrary code...
ROS-20240412-03
Atril document viewer vulnerability is related to incorrect path restriction to a restricted directory. Exploitation of the vulnerability could allow an attacker to write arbitrary files anywhere in the file system...
ROS-20240412-02
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240412-06
A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...
ROS-20240412-04
A vulnerability in Salt's configuration management and remote execution system is related to the copying a script along a predictable path. Exploitation of the vulnerability could allow an attacker, acting remotely to run their own script. A vulnerability in the symbolic.py component of the Pytho...
ROS-20240412-05
A vulnerability in the gfisomnewgenericsampledescription function of the GPAC multimedia platform is related to the buffer copying without checking the input size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240412-07
A vulnerability in the tiffreadrgbatileext function of the LibTIFF library is related to writing beyond buffer boundaries in the memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service...
ROS-20240412-01
Vulnerability of authfile.c file of memcached data caching software is related to buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service using a specially crafted authentication file...
ROS-20240411-07
A vulnerability in the UEFI shim bootloader is related to errors in the MZ binary format. Exploitation of the vulnerability could allow an attacker to cause a denial of service The shim UEFI bootloader vulnerability is related to out-of-bounds read errors when attempting to check the SBAT...
ROS-20240411-06
A vulnerability in the xmalloc in function of the openvswitch module is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240411-04
Vulnerability of sessionReadRecord function of ext/session/sqlite3session.c file of database management system SQLite is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availability...
ROS-20240411-11
A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240411-12
A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240411-10
A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240411-03
A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240411-08
The Jenkins Automation Server vulnerability involves the creation of temporary files with insecure permissions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, or delete files A vulnerability in the args4j library of the Jenkins Git server...
ROS-20240411-09
A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240411-01
A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrectly handling requests for non-existent URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240411-05
The vulnerability of the eval function of the ImageMath module of the Pillow image manipulation library is related to incorrect control of code generation when processing the environment parameter. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240411-02
The Etcd configuration parameter store vulnerability is related to sending an authentication request to the etcdserver with a username and password. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...
ROS-20240410-21
A vulnerability in the RPM Package Manager of Red Hat Enterprise Linux operating systems is related to the lack of RPM signature verification of subsection binding before importing them. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges A...
ROS-20240410-25
A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...
ROS-20240410-20
A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...
ROS-20240410-23
A vulnerability in the opencryptoki package is related to the processing of RSA PKCS1 augmented ciphertexts. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...
ROS-20240410-24
A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...
ROS-20240410-02
Vulnerability in the HTTP/3 QUIC module of NGINX Plus, NGINX OSS web servers that allows an attacker to cause a denial of service. denial of service Vulnerability of ngxhttpv3module module of NGINX and NGINX Plus servers is related to memory usage after its release. memory after it has been freed...
ROS-20240410-03
A vulnerability in the Libvirt virtualization management library is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240410-18
The vulnerability of Runc's isolated container launch tool is related to a flaw in the delimitations of the controlled area of the system. Exploitation of the vulnerability could allow an attacker to execute arbitrary code outside the isolated program environment by overwriting executable files...
ROS-20240410-17
The vulnerability of the ImageBuild function of the Moby containerization software tool is related to a flaw in the data source validation mechanism for endpoint processing. is related to a flaw in the data source validation mechanism for endpoint processing. Exploitation of the vulnerability cou...
ROS-20240410-16
A vulnerability in the xmlValidatePopElement function of the XML Reader Interface component of the Libxml2 library is related to the memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a specially...
ROS-20240410-14
A vulnerability in the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240410-13
A vulnerability in the src/libgit2/revparse.c component of the C Libgit2 implementation of Git methods is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240410-01
Apache Tomcat application server vulnerability is related to lack of service data protection. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...
ROS-20240410-04
The vulnerability of the aresreadline function of the C-ares asynchronous DNS query library is related to the operation exceeding the buffer boundaries in memory. beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of servi...
ROS-20240410-09
A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...
ROS-20240410-07
A vulnerability in the Podman OCI container management and startup software tool is related to errors in the in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate their privileges...
ROS-20240410-19
The MinIO object storage server vulnerability is related to flaws in access differentiation based on the UpdateServiceAccountAdminAction policy. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...
ROS-20240410-10
Vulnerability of vmm-sys-util module set is related to the lack of checking if the length, stored in the header matches the length of the flexible array. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240410-05
The vulnerability of the Moby containerization software tool is related to the lack of validation of received requests. no validation of received requests. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain unauthorized access to protected information...
ROS-20240410-11
The vulnerability of the Grub2 operating system boot loader is related to incomplete clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20240410-22
Vulnerability of chroot build environment manager for creating RPM packages Mock is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240410-15
A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240410-12
The vulnerability in the SAML PySAML2 standard is related to the XML signature packaging variant, as it does not validate the SAML document against the XML schema. Exploitation of the vulnerability could allow an attacker, remotely bypass signature validation and gain access to protected informat...
ROS-20240410-06
The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...
ROS-20240410-08
A vulnerability in the function bfdmachogetsyntheticsymtab match-o.c of the GNU software development tool Binutils is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service or other impact...