8162 matches found
ROS-20240409-05
Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...
ROS-20240409-08
A vulnerability in the cpStripToTile function tools/tiffcp.c of the LibTIFF library is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240409-06
A vulnerability in SaltStack Salt's configuration management and remote operations execution system is related to receiving multiple bad packets to the server equal to the number of worker threads, Salt will stop responding back requests before restarting. Exploitation of the vulnerability could...
ROS-20240409-14
A vulnerability in the protectdir pamnamespace.so function of the Linux-PAM authentication module is related to incorrect cleanup or release of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240409-09
Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...
ROS-20240409-11
Vulnerability in the WatchAnalytics extension of the hypertext environment implementation software tool MediaWiki is related to XSS exploitation using the Special:PageStatistics page parameter. Exploitation The exploitation of the vulnerability could allow a remote attacker to perform cross-site...
ROS-20240409-12
A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Eclipse Jetty servlet container vulnerability is related to errors in processi...
ROS-20240409-19
Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...
ROS-20240409-03
Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...
ROS-20240409-18
Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...
ROS-20240409-02
Vulnerability of the hmac.comparedigest function of the Lib/hmac.py library of the programming language interpreter Python is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker acting remotely to escalate thei...
ROS-20240409-16
MariaDB spiderdbmbase::printwarnings function vulnerability is related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability allows a remote intruder to cause a denial of service. service...
ROS-20240409-17
Vulnerability of linebytessplit function src/split.c of GNU Core Utilities GNU Coreutils is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240409-15
Vulnerability of the GnuTLS transport layer cryptographic library is related to errors in verification of the of cryptographic signatures. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...
ROS-20240409-13
A vulnerability in the python-eventlet library of the OpenStack Platform cloud building platform is related to incorrect resource sweeping or freeing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240409-07
A vulnerability in the shadow-utils package is related to requesting the password twice and not clearing the memory buffer. Exploitation of the vulnerability could allow an attacker to gain access to the device...
ROS-20240409-10
A vulnerability in IEEE 1609.2 plug-in dissector of Wireshark computer network traffic analyzer is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in GVCP dissector of Wireshark computer...
ROS-20240409-04
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240409-01
A vulnerability in the urllib.parse component of the Python programming language interpreter is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass URL blocking starting with empty characters A vulnerability in the Python...
ROS-20240408-22
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-14
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-05
RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...
ROS-20240408-12
Vulnerability in src/gif.imageio/gifinput.cpp file of OpenImageIO image processing library is related to the ability to write beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240408-08
Vulnerability of xorg-x11-server package is related to memory usage after it is freed when processing Button Action objects. Button Action objects. Exploitation of the vulnerability could allow an attacker to elevate his privileges and execute arbitrary code in root context The xorg-server packag...
ROS-20240408-10
GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...
ROS-20240408-09
GdkPixbuf image loading library vulnerability is related to writing beyond buffer boundaries. Exploitation exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service via a specially crafted GIF file. A...
ROS-20240408-16
A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...
ROS-20240408-15
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-01
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the...
ROS-20240408-21
A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...
ROS-20240408-17
Vulnerability in Flask-Security-Too security management tool is related to URL redirection to an untrusted site when processing the "next" request parameter. to an untrusted site when processing the "next" request parameter. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240408-25
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-20
A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...
ROS-20240408-11
A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...
ROS-20240408-03
Vulnerability of derivatespatiallumavectorprediction function of h.265 Libde265 video codec implementation is related to with the ability to write beyond buffer boundaries in memory. Exploiting the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity an...
ROS-20240408-07
A vulnerability in the Gstreamer module of the LibreOffice office suite exists due to failure to take measures to neutralize special elements. to neutralize special elements. Exploitation of the vulnerability could allow an attacker, acting remotely. remotely to run arbitrary Gstreamer plug-ins...
ROS-20240408-06
A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...
ROS-20240408-13
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-24
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-04
Vulnerability of cttsboxread function of Golang programming language is related to resource release errors. resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the file src/mediatools/avilib.c of the GPAC multimedia platform, is relat...
ROS-20240408-18
A vulnerability in the makeftpcmd component of the ProFTPD FTP server is related to a single-byte read outside the of the allowed range. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240408-19
A vulnerability in the file include/logging/RightsLogFormatter.php of a software tool for implementing the MediaWiki hypertext environment is related to incorrect input neutralization during the creation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240408-23
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-02
A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...
ROS-20250117-02
Vulnerability of xorg-server package is related to created requests to RRChangeProviderProperty or RRChangeOutputProperty causing integer overflow. RRChangeOutputProperty causing an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive...
ROS-20240505-13
A vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool is related to the lack of restrictions on the speed of merging elements no. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and...
ROS-20240405-11
Vulnerability of the flushrefsamples function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20240405-04
A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240405-01
A vulnerability in the fs/ntfs.c component of the Grub2 operating system boot loader is related to a buffer overflow in the dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the Trace View panel of the Grafana web data...
ROS-20240405-05
A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...