8181 matches found
ROS-20231024-04
Vulnerability of exfatgetuninamefromextentry function in fs/exfat/dir.c module of exFAT file system in Linux kernel is related to memory access outside the allocated buffer of the Linux kernel is related to accessing memory outside of the allocated buffer. Exploitation of the vulnerability could...
ROS-20231024-03
The OAuth2 token vulnerability of the cloud-based software for creating and utilizing Nextcloud storage Nextcloud data storage software is related to the storage of OAuth2 tokens in plaintext. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server a...
ROS-20231024-01
Vulnerability of exfatgetuninamefromextentry function in fs/exfat/dir.c module of exFAT file system in Linux kernel is related to memory access outside the allocated buffer kernel of the Linux operating system is related to accessing memory outside of the allocated buffer. Exploitation of the...
ROS-20231024-02
A vulnerability in the xrdppainter.c component of the XRDP server is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to protected information information...
ROS-20231020-10
Vulnerability in the GNU C Library glibc iconv utility due to insufficient validation of input data. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by invoking the iconv utility with the "-c" option. by invoking the iconv utility with the "-c" option...
ROS-20231023-01
Vulnerability in libtom function of libtommath library is related to integer overflow. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20231020-01
A vulnerability in the MiniZip component of the zlib library is related to an integer overflow and resulting heap-based buffer overflow in zipOpenNewFileInZip464 via long filename, comment or additional field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20231020-02
A vulnerability in the Nextcloud calendar application for cloud-based software for creating and Nextcloud data storage software is related to the server's lack of pre-checks for strings of any length as an email address. of any length as an e-mail address. Exploitation of the vulnerability could...
ROS-20231018-05
A vulnerability in the SQLite database management system API library is related to unchecked array indexing. array indexing. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or execute arbitrary code during the processing of a long sequence of o...
ROS-20231020-03
The ps utility vulnerability is related to out-of-field writes. Exploitation of the vulnerability could allow an attacker acting remotely to write unlimited amounts of unfiltered data to the heap of the process...
ROS-20231018-02
The libXpm image file library vulnerability is related to a read error call outside of memory boundaries. outside of memory boundaries. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...
ROS-20231019-01
Vulnerability in Nextcloud cloud storage creation and utilization software is related to lack of protection and allows password mining in WebDAV API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...
ROS-20231018-01
Vulnerability in the QDecCoordOnUnitSphere function of the GPAC multimedia platform is related to integer . overflow . Exploitation of the vulnerability could allow an intruder to gain unauthorized access to the protected information...
ROS-20231018-04
Vulnerability in the XCreateImage function of the libX11 library is related to integer overflow. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges PutSubImage vulnerability in libX11 library is related to execution of a loop...
ROS-20231018-03
The vulnerability of the SetAll method of the D-Bus interprocess communication system of the Red Hat Enterprise Linux is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20231016-06
Squid proxy server vulnerability is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Squid proxy vulnerability is related to insufficient input validation. Exploitation exploitation of the vulnerability could allow...
ROS-20231016-04
A vulnerability in the VP8 encoding function of the libvpx library in Google Chrome browser is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker, remotely execute arbitrary code when a user opens a speciall...
ROS-20231016-05
A vulnerability in the curl program line utility is related to a copy of the hostname in the buffer instead of the allowed address. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the libcurl library is related to...
ROS-20231016-03
A vulnerability in the tiff.c file of the ImageMagick console graphics editor is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to force a user to open a specially crafted file, resulting in application crash and denial of servi...
ROS-20231016-02
Vulnerability of libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special format video data. when processing certain special-format video data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20231016-01
Vulnerability of XpmCreateXpmImageFromBuffer function of libXpm image file library is related to a read error call. is related to a read error outside the valid range. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20231016-07
A vulnerability in the tiff.c file of the ImageMagick console graphics editor is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to force a user to open a specially crafted file, resulting in application crash and denial of servi...
ROS-20231016-25
A vulnerability in the curl program line utility is related to a copy of the hostname in the buffer instead of the allowed address. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the libcurl library is related to...
ROS-20231013-02
Vulnerability of the convertstrings function of the tinfo/readentry.c component of the Ncurses I/O control library is related to reading beyond the allowed data buffer boundaries. terminal Ncurses is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability...
ROS-20231011-01
A vulnerability in the HTTP API of the pgAdmin 4 database management tool is related to insufficient input data validation. verification of input data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary commands on the server...
ROS-20231013-05
Vulnerability of prfunctiontype function in prdbg.c file of GNU Binutils development tool is related to a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the parsestabstructfields function of the GNU development tool...
ROS-20231013-06
Memory leak vulnerability in the RTPS dissector of the Wireshark computer network traffic analyzer. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service by injecting packets or creating a capture file...
ROS-20231013-04
A vulnerability in the bfdelfslurpversiontables method of the GNU Binutils software development tool is related with a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the binutils-gdb/bfd/libbfd.c...
ROS-20231013-03
A vulnerability in the xmlUnlinkNode function in the tree.c file of the libxml2 library is related to a failure of a specific allocated memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20231009-01
PostgreSQL database management system vulnerability is related to the possibility of SQL injection in extensions, that use quoting constructs @extowner@, @extschema@, or @extschema:...@ inside parentheses dollar quoting, '', or "". Exploitation of the vulnerability could allow an attacker acting...
ROS-20230416-10
A vulnerability in the qdiscgraft function net/sched/schapi.c of the traffic control subsystem of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20231009-03
PostgreSQL database management system vulnerability is related to the possibility of SQL injection in extensions, that use quoting constructs @extowner@, @extschema@, or @extschema:...@ inside parentheses dollar quoting, '', or "". Exploitation of the vulnerability could allow an attacker acting...
ROS-20231009-02
Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...
ROS-20231009-04
Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...
ROS-20230929-01
Vulnerability in the URI component of the Ruby programming language, related to improper handling of invalid URLs containing certain characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the...
ROS-20230928-01
A vulnerability in the Logstash log management system is related to a flaw in TLS certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to launch a man-in-the-middle attack on Logstash monitoring data. "man-in-the-middle" attack on Logstash monitoring d...
ROS-20230926-01
Vulnerability of the gfbifsflushcommandlist function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to pass arbitrary...
ROS-20230922-01
Vulnerability in the StringSubstitutor component of the Apache Common Text library is related to mismanagement of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20230919-02
Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...
ROS-20230919-01
Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...
ROS-20230920-03
A vulnerability in the WebP image display module of the Google Chrome browser is related to reading outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20230919-04
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the lack of a warning when opening Diagcab files. Exploitation of the vulnerability could allow an attacker to perform a spoofing attack. a spoofing attack. The vulnerability in Mozilla Thunderbi...
ROS-20230918-03
GPAC multimedia platform vulnerability is related to stack overflow in gfbtcheckline scenemanager/loaderbt.c:408. Exploitation of the vulnerability could allow an attacker to cause the application to crash of the application. GPAC multimedia platform vulnerability is related to an inaccessible re...
ROS-20230918-04
A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...
ROS-20230918-01
GIFLIB GIF handling library vulnerability is related to a bug in the DumpScreen2RGB function in the gif2rgb.c:298:45. Exploitation of the vulnerability could allow an attacker acting remotely to cause a a heap buffer overflow. A vulnerability in the GIF library for handling GIF files GIFLIB is...
ROS-20230918-02
A vulnerability in the OpenSSL cryptographic library is related to insufficient validation of user input data in the POLY1305 MAC message authentication code implementation. data in the POLY1305 MAC message authentication code implementation. Exploitation of the vulnerability could allow an...
ROS-20230915-14
Vulnerability in the AES-SIV encryption algorithm of the OpenSSL library is related to flaws in the procedure of authentication procedure. Exploitation of the vulnerability could allow a remote attacker to bypass the authentication process. the authentication process...
ROS-20230915-10
A vulnerability in the Linux kernel memory management system is related to the lack of randomization of the exception handling stacks. of the exception handling stack. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. Vulnerability of...
ROS-20230915-09
A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information and escalate privileges. protected information and...
ROS-20230912-01
The vulnerability of Wireshark traffic analysis software is related to insufficient verification of user input data in the CBOR protocol dissector. data entered by the user in the CBOR protocol dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, pass specially...