7149 matches found
ROS-20251028-02
The vulnerability of the Pgpool-II database connection pooling management utility is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the sensitive data...
ROS-20251028-11
A vulnerability in the NVIDIA Container Toolkit container creation and launch software and the NVIDIA GPU Operator resource management software is associated with synchronization errors. NVIDIA GPU Operator resource management software is associated with synchronization errors when using a shared...
ROS-20251028-08
A vulnerability in the NetworkPkg/IScsiDxe/IScsiProto.c component of the EDK2 development environment for UEFI applications is associated with an with integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the integrity of the component. remotely...
ROS-20251027-01
Vulnerability in the implementation of application protocols that use the UDP protocol is related to the possibility of of spoofing attacks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted packets...
ROS-20251027-02
A vulnerability in the NVIDIA CUDA GPU parallel computing software toolkit is related to insufficient validation of user input data. Toolkit is related to insufficient verification of user input in the command line tool nvdisasm. Exploitation of the vulnerability could allow an attacker to cause ...
ROS-20251023-02
Vulnerability of ip6makeskb function of net/ipv6/ip6output.c module of Linux kernel IPv6 protocol implementation is related to the use of uninitialized resource. of Linux operating system is related to the use of an uninitialized resource. Exploitation the vulnerability could allow an attacker to...
ROS-20251023-01
A vulnerability in the cifscomposemountoptions function of the fs/smb/client/cifsproto.h module of the SMB client support kernel of the Linux operating system is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a...
ROS-20251022-02
Jenkins Automation Server vulnerability is related to a log message injection issue. Exploitation The vulnerability could allow an attacker acting remotely to compromise the target system A vulnerability in the Jenkins Automation Server is related to a vulnerable plugin not checking permissions f...
ROS-20251022-05
Vulnerability of the mtkclksimpleprobe function of the drivers/clk/mediatek/clk-mtk.c module of the drivers/clk/mediatek/clk-mtk.c kernel of the Linux operating system is related to insufficient blocking of the resource. Linux kernel is related to insufficient resource locking. Exploitation of th...
ROS-20251022-04
A vulnerability in the sdhciwritedataport function of the QEMU hardware emulator is related to an overflow of the buffer in the heap via the s-datacount and s-fifobuffer parameters. Exploitation of the vulnerability could allow an an attacker to cause a denial of service...
ROS-20251022-01
Authentication and authorization module for Apache 2.x HTTP server Modauthopenidc vulnerability is related to an information disclosure. Exploitation of the vulnerability allows an attacker acting remotely to disclose protected information...
ROS-20251022-06
Vulnerability of amdgpuhmmregister function in drivers/gpu/drm/amd/amdgpu/amdgpuhmm.c driver module amdgpu of the Linux kernel is related to the reuse of previously freed memory. memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the...
ROS-20251022-03
ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...
ROS-20251021-02
A vulnerability in the btrfs component of the Linux operating system kernel is related to an incorrect lock in the function clearextentuptodate in fs/btrfs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the KVM component of the...
ROS-20251021-01
The vulnerability of the parisc component of the Linux kernel is related to incorrect error handling in the fixupexception function in arch/parisc/mm/fault.c, as well as in emulateldh, emulateldw, emulateldd, emulatesth, emulatestw, and emulatestd in arch/parisc/kernel/unaligned.c. Exploitation o...
ROS-20251020-02
Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...
ROS-20251020-09
Vulnerability of the tcptwskpurge function in the net/ipv4/tcpminisocks.c module of the IPv4 protocol implementation of the kernel of the of the Linux operating system is related to the reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to...
ROS-20251020-01
Vulnerability in open source external resource management software Terraform is associated with an incorrect restriction on the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to download arbitrary files...
ROS-20251020-06
MongoDB database management system upsert operation vulnerability is related to operations on a resource after its expiration date. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20251020-05
Vulnerability in the audit subroutine of the enterprise information archiving platforms Vault Enterprise and Vault Community Edition is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending...
ROS-20251020-10
A vulnerability in the ksmbd component of the Linux operating system kernel is related to reading outside the allowed boundaries of the of the data buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of smb2getdataarealen function in module...
ROS-20251020-04
Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...
ROS-20251020-03
Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...
ROS-20251020-08
A vulnerability in the JavaScript JSS web application styling tool is related to a memory leak in a non-standard configuration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251020-07
The vulnerability of the DNS server responsible for resolving coredns names is related to an error in the TTL function in the plugin/etcd/etcd.go, which converts the 64-bit etcd lease identifier into uint32 type and uses it as TTL. it as TTL, which causes the cache to be fixed for very long perio...
ROS-20251017-01
Vulnerability of mienumattr function of fs/ntfs3 component of Linux kernel is related to buffer copying without input data verification. Exploitation of the vulnerability allows an intruder to gain access to confidential data, violate its integrity, and cause a denial of service. Vulnerability of...
ROS-20251017-02
A vulnerability in the LoongArch component of the Linux operating system kernel is related to incorrect locking in the arch/loongarch/include/asm/io.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service Vulnerability of...
ROS-20251016-03
A vulnerability in the FirmwarePerformancePei.c component of the UEFI EDK2 open source development environment is related to the lack of division by zero check. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251016-01
Vulnerability of the library for working with DICOM format DCMTK is related to manipulation of function dcmimage/include/dcmtk/dcmimage/diybrpxt.h component dcm2img. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20251016-02
Vulnerability of the library for working with DICOM format DCMTK is related to manipulation of function dcmimage/include/dcmtk/dcmimage/diybrpxt.h component dcm2img. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20251016-04
Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...
ROS-20251014-08
A vulnerability in the Podman OCI container management and launching software tool is related to an insecure link following a problem in the Podman Kube Play command. Exploitation of the vulnerability could allow An attacker to cause a denial of service...
ROS-20251014-09
A vulnerability in the SVG component of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an integer overflow. with integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20251014-11
Go programming language vulnerability is related to improper input validation. Exploitation The vulnerability could allow a remote attacker to bypass existing security restrictions. security...
ROS-20251014-03
Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20251014-06
A vulnerability in the jq JSON processor is related to manipulation of the runjqtests function of the jqtest.c component file JSON Parser Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251014-04
A vulnerability in the libvips horizontal topology image processing library is related to the creation of a three-channel HEIF image without an alpha channel and then writing its data into 4 channels. 3-channel HEIF image without alpha channel and then writing its data to 4 channels. Exploitation...
ROS-20251014-01
The vulnerability of the Rack module interface of the Ruby programming language interpreter is related to the fact that application does not properly control consumption of internal resources in the function "Rack::QueryParser" function. Exploitation of the vulnerability could allow an attacker...
ROS-20251014-05
A vulnerability in the interface of the Grafana monitoring and surveillance platform is related to the failure to take measures to protect the web page structure when processing the /swagger endpoint. web page structure when processing the /swagger endpoint. Exploitation of the vulnerability coul...
ROS-20251014-02
A vulnerability in the pamsmauthenticate function of the Yubico pam-u2f PAM module is related to the return of an invalid status code state. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20251014-10
The vulnerability in the Jenkins Automation Server is due to a vulnerable plugin not performing validation of of permissions in the sidebar. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to features that would otherwise be restricted...
ROS-20251014-07
Vulnerability in Perl JSON::XS data structure transformation module is related to integer overflow when parsing JSON data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code on the target system...
ROS-20251013-02
Vulnerability of the fpsimdreleasetask function in the arch/arm64/kernel/fpsimd.c module of the Linux kernel is related to a memory leak. Linux kernel is related to a memory leak. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of...
ROS-20251013-01
A vulnerability in the LoongArch component of the Linux operating system kernel is related to the inability to process a kernel swap request. kernel swap requests. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the sii902xinit function in t...
ROS-20251008-05
A vulnerability in the Kubernetes virtual machine cluster management software tool is related to insufficient validation of user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251008-03
A vulnerability in the Loader component of Google Chrome browsers is related to bypassing the authentication procedure by using an alternate path or channel. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...
ROS-20251008-07
Vulnerabilities The Go programming language vulnerability is related to synchronization errors when using a of a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20251008-10
A vulnerability in the fdindex function of the Udisks storage device query and management program is related to a reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to escalate their privileges and cause a denial of service...
ROS-20251008-04
The dumpisomsaps function file applications/mp4box/filedump.c, line 1743 does not check the pointers to NULL before accessing track structure fields, which allows an attacker to generate an MP4 file with a corrupted track there is no mandatory Sample Description Box - stsd. MP4 file with corrupte...
ROS-20251008-01
The Thunderbird email client vulnerability, Thunderbird ESR is related to insufficient authentication of the data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the data integrity Vulnerability of Address Book URI fields of Thunderbird, Thunderbird ESR mail...