ROS-20251106-05

The bfdselfparseehframe function of the GNU Binutils development tool has a vulnerability related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in GNU Binutils software development to...

ROS-20251106-03

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to incorrect header processing in "Rack::Sendfile". header processing in "Rack::Sendfile". Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially...

ROS-20251106-01

The vulnerability in the Portainer container management platform is related to a vulnerability in the server side, API, registry list output logic, and/or a component that returned fields with secrets. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

ROS-20251106-09

A vulnerability in the QEMU hardware emulator is related to the incorrect release and use of the irqfd for vector 0 during boot time in QEMU Virtio PCI Bindings hw/virtio/virtio/pci.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...

ROS-20251106-06

Vulnerabilities in Asterisk management systems are related to improper management of internal resources of the of the application. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20251106-02

A vulnerability in the Netty networking software tool is related to insufficient input validation in the SMTP codec. SMTP codec. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SMTP commands. arbitrary SMTP commands...

ROS-20251106-07

A vulnerability in the phpMyAdmin database administration web application is related to an XSS vulnerability in the table validation function. XSS vulnerability for the table validation feature. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code ...

ROS-20251106-04

Vulnerability of django.utils.archive.extract function of Django web application software platform is related to errors in the relative directory path handling mechanism. Exploitation of the vulnerability could allow a remote attacker to bypass security restrictions. Vulnerability in...

ROS-20251105-05

Vulnerability of passwordchange.cgi script of Webmin hosting control panel and web-interface for unix-like systems Usermin is related to flaws in error reporting mechanism. unix-like systems Usermin is related to a flaw in the error reporting mechanism. Exploitation of the vulnerability could all...

ROS-20251105-01

A vulnerability in the Apache Log4cxx C++ logging framework is related to the fact that when using the HTMLLayout, logger names are not properly escaped when written to an HTML file. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data A vulnerability...

ROS-20251105-11

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

ROS-20251105-03

A vulnerability in the Apache Log4cxx C++ logging framework is related to insufficient cleanup of the user-supplied data when using an ODBC appender to send log messages to a database. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in th...

ROS-20251105-04

A vulnerability in the debugtypesamep function of the objdump component of the GNU Binutils development tool is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the elfgcsweep...

ROS-20251105-10

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

ROS-20251105-08

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

ROS-20251105-06

The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...

ROS-20251105-07

The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...

ROS-20251105-12

A vulnerability in the usbepget function hw/net/core.c of the QEMU hardware emulator is related to a a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20251105-09

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

ROS-20251105-02

A vulnerability in the LibTIFF library is related to a bounds checking bug in the setrow function in tools/thumbnail.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the LibTIFF library is related to a bounds checking b...

ROS-20251031-03

A vulnerability in the Apache ActiveMQ software platform is related to the recovery of invalid data in memory data. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by creating an OpenWire class. arbitrary code by creating a class over the OpenWire protoco...

ROS-20251031-04

Vulnerability of cuobjdump file of parallel computing software tool for GPUs NVIDIA CUDA Toolkit is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the cuobjdump file of the NVIDIA CUDA Toolkit GPU parallel...

ROS-20251031-02

A vulnerability in the nvJPEG library of the NVIDIA CUDA Toolkit, a software tool for parallel computing on graphics processors, is related to buffer overruns. The NVIDIA CUDA Toolkit GPU parallel computing software nvJPEG library vulnerability is related to writing outside buffer boundaries...

ROS-20251031-01

Vulnerability of MongoDB database management system is related to incorrect processing of certain accumulator functions when additional parameters are specified in the $group operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20251031-05

A vulnerability in the nvdisasm command line utility of the NVIDIA CUDA Toolkit parallel computing software toolkit is related to reading outside the allowed range. NVIDIA CUDA Toolkit GPUs is related to reading outside the allowed range in memory. memory. Exploitation of the vulnerability could...

ROS-20251030-06

A vulnerability in the Perl data structure to JSON conversion module Cpanel::JSON::XS is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...

ROS-20251030-05

Vulnerability of Erlang programming language OTP library set is related to incorrect checking of ZIP archives in "zip:unzip/1,2" and "zip:extract/1,2" procedures of Erlang/OTP standard library ZIP archives in the "zip:unzip/1,2" and "zip:extract/1,2" procedures of the Erlang/OTP standard library...

ROS-20251030-01

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

ROS-20251030-09

A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...

ROS-20251030-08

The vulnerability of SeekBlob and WriteBlob functions of ImageMagick console graphic editor is related to writing outside of buffer boundaries. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code...

ROS-20251030-03

A vulnerability in the MongoDB database management system is related to misconfiguration of the lsid field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20251030-07

The vulnerability of SeekBlob and WriteBlob functions of ImageMagick console graphic editor is related to writing outside of buffer boundaries. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code...

ROS-20251030-10

A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...

ROS-20251030-04

A vulnerability in the MongoDB database management system is related to misconfiguration of the lsid field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20251030-02

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

ROS-20251029-07

The vulnerability in the Golang programming language is related to the implementation of a function where a string is accumulated via repeated concatenation without effectively managing memory or time complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of servi...

ROS-20251029-02

The vulnerability in the RabbitMQ messaging and streaming broker is due to the fact that the software stores sensitive information in log files. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...

ROS-20251029-01

Gstreamer multimedia framework vulnerability is related to a buffer overflow on the stack. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20251029-03

A vulnerability in the tarfile module of the Python programming language is related to incorrect definition of symbolic links during file access. symbolic links during file access. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of protected...

ROS-20251029-05

The vulnerability in the pgAdmin 4 database management tool is related to a flaw in the mechanism for source validation. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...

ROS-20251029-06

Vulnerability of drm/amdgpu components of Linux kernel is related to dereferencing of pointer NULL. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Redis database management system DBMS is related to integer overflow. Exploitation of t...

ROS-20251029-04

A plug-in vulnerability in the Grafana-Zabbix web-based data submission tool is related to maximum CPU utilization. Exploitation of the vulnerability could allow an attacker due to a custom request with a regular expression, acting remotely, to cause a denial of service...

ROS-20251028-10

A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...

ROS-20251028-03

The vulnerability of the Pgpool-II database connection pooling management utility is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the sensitive data...

ROS-20251028-07

A vulnerability in the library commands for Exiv2 media file metadata management is related to the following quadratic algorithm in the ICC profile analysis code in jpegBase::readMetadata can lead to a prolonged Exiv2. Exploitation of the vulnerability could allow an attacker to cause a denial of...

ROS-20251028-05

The vulnerability of the Pgpool-II database connection pooling management utility is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the sensitive data...

ROS-20251028-01

A vulnerability in the Webmin hosting control panel CGI request handler is associated with errors in processing input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code with root privileges...

ROS-20251028-06

The vulnerability of the Pgpool-II database connection pooling management utility is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the sensitive data...

ROS-20251028-04

The vulnerability of the Pgpool-II database connection pooling management utility is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the sensitive data...

ROS-20251028-09

A vulnerability in the Java library for JSON-lib bean-component conversion is related to improper handling unbalanced comment strings. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...