ROS-20251124-09

The vulnerability of the MySQL database access library aiomysql is related to the fact that client-side settings are not checked before sending local files to a remote MySQL server. client side settings are not checked before sending local files to a remote MySQL server. Exploitation vulnerabilit...

ROS-20251124-08

A vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is related to a bug in the bounds checking in the vpmaskset function when processing a sparse HVVPSET format. Exploitation of the of the vulnerability could allow an attacker acting remotely to escalate...

ROS-20251124-06

A vulnerability in the 3D model import library Open Asset Import Library Assimp is related to manipulation of the Q3DImporter::InternReadFile function of assimp/code/AssetLib/Q3D/Q3DLoader.cpp file. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...

ROS-20251124-03

A vulnerability in the PHP programming language is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20251124-12

A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...

ROS-20251124-11

A vulnerability in the Libraries component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity...

ROS-20251117-03

Vulnerability of the xdrtrrqmessage function of the protocol.cpp module of the Red Database Management System is related to dereferencing of a null pointer. Data" is related to dereferencing of a null pointer. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a...

ROS-20251117-08

Vulnerability of the ksmbdexpiresession function in the fs/smb/server/mgmt/usersession.c module of the in-core CIFS/SMB3 ksmbd server kernel of the Linux operating system is related to reuse of previously of previously freed memory. Exploitation of the vulnerability could allow an attacker to...

ROS-20251117-07

A vulnerability in the recv function of the tls component of the Linux kernel is related to an inaccessible exit condition. exit. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

ROS-20251117-05

A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...

ROS-20251117-04

A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...

ROS-20251117-02

The vulnerability of the LDAP web-based administration tool phpLDAPAPadmin is related to the lack of neutralization of special elements that can be interpreted as a command when opening a file in a spreadsheet editor. spreadsheet editor. Exploitation of the vulnerability could allow an attacker...

ROS-20251117-01

A vulnerability in the NVIDIA display driver is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Guest driver and Virtual GPU Manager components of the NVIDIA GPU driver is related to pointer...

ROS-20251117-06

A vulnerability in the vfs.c component of the Linux operating system kernel is related to reading outside the allowed boundaries of the of the data buffer. Exploitation of the vulnerability could allow an attacker to impact the integrity of the data integrity...

ROS-20251113-09

A vulnerability in the GNU Binutils software development tool is related to bounds checking errors in the function bfdelfelfgcrecordvtentry in bfd/elflink.c. Exploitation of the vulnerability could allow an attacker to escalate the privileges on the system A vulnerability in the GNU Binutils...

ROS-20251113-04

The MinIO object storage server vulnerability is related to flaws in the authorization mechanism. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

ROS-20251113-03

The MinIO object storage server vulnerability is related to flaws in the authorization mechanism. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

ROS-20251113-07

The BIND DNS server vulnerability is related to a pseudo-random number generator PRNG vulnerability. Exploitation exploitation of the vulnerability could allow a remote attacker to compromise the integrity of data in the DNS system A vulnerability in the BIND DNS server is related to the loading ...

ROS-20251113-08

A vulnerability in the Docker Compose multi-container application management tool is related to an incorrect restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely to overwrite an arbitrary file...

ROS-20251113-05

A vulnerability in the NVIDIA display driver is related to a synchronization issue. Exploitation of the vulnerability could allow an attacker to execute arbitrary code, escalate privileges, cause a denial of service, and disclose sensitive information A vulnerability in the NVIDIA display driver ...

ROS-20251113-06

The BIND DNS server vulnerability is related to a pseudo-random number generator PRNG vulnerability. Exploitation exploitation of the vulnerability could allow a remote attacker to compromise the integrity of data in the DNS system A vulnerability in the BIND DNS server is related to the loading ...

ROS-20251113-02

The Webmin hosting control panel vulnerability involves manipulating the Host header to inject a malicious domain into a password reset email. malicious domain in a password reset link email. Exploitation of the vulnerability could allow an attacker acting remotely to intercept the password reset...

ROS-20251113-01

A vulnerability in the Omnibox component of the Google Chrome and Microsoft Edge browsers is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges A vulnerability in the Safe Browsing compone...

ROS-20251112-08

A vulnerability in the Python Eventlet network concurrency library is related to an incorrect HTTP request validation in the WSGI parser. Exploitation of the vulnerability could allow an attacker acting remotely to perform HTTP spoofing attacks. remotely to perform HTTP request spoofing attacks...

ROS-20251112-05

Vulnerability in the t2.c component of the OpenJPEG image encoding and decoding library is related to an uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely cause a denial of service...

ROS-20251112-04

The FreeIpa server vulnerability is related to the fact that the application does not check the canonical name root@REALM, which can also be used as a realm administrator name. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges from the host level to...

ROS-20251112-10

Vulnerability in the Open Babel expert system for analyzing chemical data is related to a manipulation in the function ChemKinFormat::ReadReactionQualifierLines of the /src/formats/chemkinformat.cpp file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

ROS-20251112-03

A vulnerability in the OpenSSL cryptographic library is related to the use of a non-standard option SSLOPNOTICKET, in which the session cache continues to grow indefinitely. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...

ROS-20251112-09

Vulnerability in the Open Babel expert system for analyzing chemical data is related to a manipulation in the function ChemKinFormat::ReadReactionQualifierLines of the /src/formats/chemkinformat.cpp file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

ROS-20251112-01

Squid proxy server vulnerability related to data boundary checking errors during encoding processing ASN.1 long SNMP OIDs in asnbuildobjid function in lib/snmplib/asn1.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service Vulnerability of emailerrdata...

ROS-20251112-07

Vulnerability in Google Chrome browser's JavaScript script handler V8 is related to information disclosure through inconsistency. Exploitation of the vulnerability could allow an attacker, acting remotely, gain unauthorized access to protected information A vulnerability in the WebRTC component o...

ROS-20251112-02

A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20251112-06

A vulnerability in the NVIDIA CUDA GPU parallel computing software toolkit is related to boundary conditions in cuobjdump and nvdisasm. Toolkit is related to boundary conditions in cuobjdump and nvdisasm. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20251111-08

A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...

ROS-20251111-07

A vulnerability in the Downloads component of the Google Chrome and Microsoft Edge browsers is related to a false representation of critical information by the user interface. presentation of critical information by the user interface. Exploitation of the vulnerability could Allow an attacker...

ROS-20251111-05

The vulnerability in the Ruby REXML XML toolkit is related to the fact that the application does not properly control the internal resource consumption when analyzing malformed XML code containing multiple XML declarations. Exploitation of the vulnerability could allow an attacker to cause a deni...

ROS-20251111-01

A vulnerability in the libxml2 library for manipulating XML and HTML files is related to uncontrolled recursion during the XPath computation in the xmlXPathRunEval function in xpath.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...

ROS-20251111-04

Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...

ROS-20251111-02

A vulnerability in the NVIDIA CUDA parallel computing software toolkit for NVIDIA CUDA GPUs Toolkit is related to null pointer dereferencing error in cuobjdump and nvdisasm. Exploitation The vulnerability could allow an attacker to cause a denial of service...

ROS-20251111-09

A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...

ROS-20251111-06

A vulnerability in the Glib library is related to boundary conditions in the gettmpfile function in glib/gfileutils.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20251111-03

Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...

ROS-20251111-11

Vulnerability of function ffaacsearchfortns in component libavcodec/aacenctns.c of multimedia library FFmpeg is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an intruder acting remotely to gain unauthorized access to protected...

ROS-20251111-10

Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...

ROS-20251110-05

A vulnerability in the Linux-PAM authentication module is related to insecure storage of sensitive information. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information...

ROS-20251110-03

Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...

ROS-20251110-04

A vulnerability in the qtdemuxparsetrak function of the Gstreamer multimedia framework is related to a boundary condition in the MOV/MP4 demultiplexer. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to potentially sensitive information A vulnerability in th...

ROS-20251110-02

A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before file access. before accessing a file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code if a user opens a specially crafted ZIP archive. provided the user opens a...

ROS-20251110-01

FFmpeg multimedia library vulnerability is related to null pointer dereferencing error in HLS playlists parsing. when parsing HLS playlists. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the audioelementobu function of the...

ROS-20251106-08

A vulnerability in the Gstreamer multimedia framework is related to a null pointer dereferencing bug in the SubRip subtitle parser. SubRip subtitle parser. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Gstreamer multimedia framework vulnerability...