8181 matches found
ROS-20240408-11
A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...
ROS-20240408-04
Vulnerability of cttsboxread function of Golang programming language is related to resource release errors. resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the file src/mediatools/avilib.c of the GPAC multimedia platform, is relat...
ROS-20240408-18
A vulnerability in the makeftpcmd component of the ProFTPD FTP server is related to a single-byte read outside the of the allowed range. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240408-23
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20250117-02
Vulnerability of xorg-server package is related to created requests to RRChangeProviderProperty or RRChangeOutputProperty causing integer overflow. RRChangeOutputProperty causing an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive...
ROS-20240408-07
A vulnerability in the Gstreamer module of the LibreOffice office suite exists due to failure to take measures to neutralize special elements. to neutralize special elements. Exploitation of the vulnerability could allow an attacker, acting remotely. remotely to run arbitrary Gstreamer plug-ins...
ROS-20240408-06
A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...
ROS-20240408-02
A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...
ROS-20240408-24
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-03
Vulnerability of derivatespatiallumavectorprediction function of h.265 Libde265 video codec implementation is related to with the ability to write beyond buffer boundaries in memory. Exploiting the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity an...
ROS-20240408-19
A vulnerability in the file include/logging/RightsLogFormatter.php of a software tool for implementing the MediaWiki hypertext environment is related to incorrect input neutralization during the creation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240408-13
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-10
GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...
ROS-20240408-05
RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...
ROS-20240505-13
A vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool is related to the lack of restrictions on the speed of merging elements no. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and...
ROS-20240405-11
Vulnerability of the flushrefsamples function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20240405-04
A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240405-01
A vulnerability in the fs/ntfs.c component of the Grub2 operating system boot loader is related to a buffer overflow in the dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the Trace View panel of the Grafana web data...
ROS-20240405-09
A vulnerability in the gdevprnopenprinterseekable function of the gdevprnopenprinterseekable interpreter of the Ghostscript suite of software for Ghostscript document processing, conversion and generation software set interpreter is related to memory usage after its release. Exploitation of the...
ROS-20240505-03
A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of default credentials when the web user interface is enabled. default credentials when the web user interface is enabled. Exploitation of the vulnerability could allow an attacker, acting remotely, to...
ROS-20240405-10
A vulnerability in the Perl programming language is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code...
ROS-20240405-08
A vulnerability in the SSH dissector of the computer network traffic analyzer Wireshark is related to insufficient cleaning of special elements in the output data used by the input component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by...
ROS-20240405-12
A vulnerability in the Commons FileUpload component of Apache Tomcat application server exists due to incomplete cleanup of temporary or auxiliary resources. clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker , acting remotely, to cause a denia...
ROS-20240405-07
Vulnerability in slicesegmentheader function of Libde265 video codec implementation is related to copying the buffer without checking the input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240405-06
A vulnerability in the GnuTLS transport layer security library is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20240403-14
A vulnerability in the Google Sheets data source of the Grafana monitoring and surveillance platform is related to the failure to handling error messages properly, potentially exposing the Google Sheet API key. Exploitation of the vulnerability could allow an attacker acting remotely to gain acce...
ROS-20240405-05
A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...
ROS-20240405-02
Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to reveal protected information...
ROS-20240404-17
Vulnerability in the SMTP protocol implementation of Exim mail server is related to operation out of buffer boundaries in memory during request processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240404-16
Vulnerability of builtin.c component of Gawk template reformatting component is related to operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information or cause denial of service...
ROS-20240404-19
A vulnerability in the PNG optimization software tool OptiPNG is related to a buffer overflow via the 'buffer' variable in gifread.c. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20240404-12
A vulnerability in the MediaWiki hypertext implementation software tool is related to the ability to to exploit XSS in partial block functions. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform cross-site scripted attacks...
ROS-20240404-14
The vulnerability of the library for controlling input/output to the terminal ncurses is related to the possibility of writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected...
ROS-20240404-02
Vulnerability of aresinetnetpton function of C-ares asynchronous DNS query library is related to violation of the initial buffer boundary. the initial buffer boundary. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, violate its integrity, and cause a...
ROS-20240403-04
Vulnerability of onstreamio and dnsstreamcomplete functions of the subsystem of initialization and management of services Systemd is related to not incrementing the reference count for the DnsStream object. Exploitation of the vulnerability could allow a remote intruder to violate the integrity a...
ROS-20240404-18
Vulnerability in the OpenVAS database management system's OpenVAS scanning and vulnerability management tool MariaDB is associated with uncontrolled resource consumption when connecting to ports 3306 and 4567. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a...
ROS-20240404-01
A vulnerability in the Grafana web-based data submission tool is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to gain full access to a user's account A vulnerability in the Grafana monitoring and surveillance platform is...
ROS-20240403-03
A vulnerability in the libtirpc package is related to the exhaustion of process file descriptors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240404-07
A vulnerability in the ProFTPD FTP server is related to a memory freeing error. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. information...
ROS-20240404-10
A vulnerability in the Rack module of the Ruby programming language interpreter is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240404-08
Vulnerability of GnuTLS transport layer cryptographic library is related to difference of response time when processing RSA ciphertext in ClientKeyExchange message with correct and incorrect addition of PKCS1. PKCS1 padding. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240403-06
A vulnerability in the adodbaddslashes function of the adodb library is related to improper authentication. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication...
ROS-20240404-13
A vulnerability in the 7z file analyzer component of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240404-11
A vulnerability in the libcapstrdup function of the Libcap package is related to an overflow if the input string is close to 4 GB. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240404-20
A vulnerability in the Vorbis-tools package is related to the conversion of wav files to ogg files. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240403-05
Vulnerability of grubfontconstructglyph function of Grub2 operating systems loader is related to the output of the operation outside the memory buffer when processing specially designed fonts in pf2 format. Exploitation of the vulnerability may allow an attacker to execute arbitrary code Grub2...
ROS-20240404-09
A vulnerability in Avahi's local network service discovery system is related to uncontrolled consumption of resources. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20240404-15
A vulnerability in the libwebp library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to write data outside of the buffer boundaries through a crafted HTML page. HTML page...
ROS-20240402-18
A vulnerability in the multiprotocol messaging and streaming broker RabbitMQ is related to a HTTP API's lack of restriction on HTTP request body size, which made it vulnerable to very large messages. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20240403-02
Vulnerability of ntfsnamesfullcollate function of NTFS file system for NTFS-3G FUSE module is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges using a specially crafted NTFS image file The NT...