7149 matches found
ROS-20250929-12
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to with an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability in JavaScript Engine...
ROS-20250929-14
Vulnerability of the unixstreamreadgeneric function of the net/unix/afunix.c module of the Linux operating system kernel is related to memory usage after memory freeing. Exploitation of the vulnerability could allow an attacker to escalate privileges, bypass existing security mechanisms, and...
ROS-20250929-11
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20250929-15
Vulnerability of modssl function of Apache HTTP Server web server is related to flaws in the procedure of authentication procedure when processing the SSLEngine optional parameter. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using the TLS...
ROS-20250929-02
Vulnerability of SRBRoot::addTag function of the library for working with Unicode ICU is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and cause a crash. an attacker to execute arbitrary...
ROS-20250929-05
A vulnerability in the Libarchive library is related to a data bounds checking error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Windows operating system Libarchive library vulnerability is related to integer overflow. Exploitation of the vulnerability cou...
ROS-20250929-09
AMD processor firmware vulnerability is related to insufficient protection of service data. data. Exploitation of the vulnerability could allow an intruder to disclose protected information AMD processor firmware vulnerability is related to insufficient protection of service data. data...
ROS-20250929-03
A vulnerability in a perl module that provides a convenient way to describe rules for searching files and directories File-Find-Rule is related to incorrect input validation when grep is detected. directories File-Find-Rule is related to incorrect input validation when grep detects a specially...
ROS-20250929-01
Vulnerability of the library for working with DICOM DCMTK format is related to the operation exceeding the buffer boundaries. memory buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service using a specially crafted DICOM file A vulnerability in the library f...
ROS-20250929-10
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20250925-06
The NVIDIA GPU Display Driver virtual graphics processor driver vulnerability is related to incorrect authorization. Exploitation of the vulnerability could allow an attacker to gain elevated privileges on the system A vulnerability in the NVIDIA GPU Display Driver software driver is related to a...
ROS-20250925-03
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...
ROS-20250925-04
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...
ROS-20250925-07
A vulnerability in the NVIDIA GPU Driver virtual graphics processor driver is related to the use of memory after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the NVIDIA Virtual GPU Driver is related to incomplete...
ROS-20250925-02
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...
ROS-20250925-05
A vulnerability in the NVIDIA GPU Display Driver is related to incorrect authorization authorization. Exploitation of the vulnerability could allow an attacker to gain elevated privileges on the system A vulnerability in the NVIDIA GPU Display Driver software driver is related to an operation tha...
ROS-20250925-01
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...
ROS-20250924-07
A vulnerability in the GIMP graphics editor is related to an integer overflow when analyzing ICO files. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...
ROS-20250924-04
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to the following. insufficient validation of input data. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, add, or delete data or cause a denial of...
ROS-20250924-02
A vulnerability in Performance Co-Pilot's performance monitoring and visualization software PCP is related to a symbolic link issue in the pmpost tool, which under certain under certain circumstances. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...
ROS-20250924-06
A vulnerability in the Django web application software platform is related to insufficient cleanup of the user data in FilteredRelation column aliases. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in the database A vulnerability in the...
ROS-20250924-01
The vulnerability of the pip module of the Python programming language is related to the failure to clean data at the control layer. Exploitation of the vulnerability could allow an attacker to change the repository configuration...
ROS-20250924-09
The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...
ROS-20250924-05
The Kea open source DHCP server vulnerability is related to input validation errors in the file path processing. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system Kea open source DHCP server vulnerability is related to incorrect default permissions for...
ROS-20250924-08
A vulnerability in the LZW decoder of the GdkPixbufc image loading library is related to information disclosure. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information GdkPixbufs image loading library vulnerability is related to...
ROS-20250924-03
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to the following. insufficient validation of input data. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, add, or delete data or cause a denial of...
ROS-20250923-17
Vulnerability in Zabbix universal monitoring system is related to incorrect authorization check in the hostprototype.get method in Zabbix API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information. remotely to gain access to...
ROS-20250923-21
A vulnerability in the Golang programming language is related to insufficient validation of the PATH environment variable in the LookPath. Exploitation of the vulnerability could allow a remote attacker to escalate privileges on the system...
ROS-20250923-04
A vulnerability in the Python programming language interpreter CPython is related to insufficient validation of user data in Lib/email/headervalueparser.py. user data in Lib/email/headervalueparser.py. Exploitation of the vulnerability could allow an attacker acting remotely to execute a spoofing...
ROS-20250923-19
A vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible Name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow ...
ROS-20250923-16
Vulnerability in Zabbix universal monitoring system is related to incorrect authorization check in the hostprototype.get method in Zabbix API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information. remotely to gain access to...
ROS-20250923-18
Vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow a...
ROS-20250923-13
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-06
A vulnerability in the Apache Cassandra distributed database management system is related to improper privilege handling. Exploitation of the vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and availability of protected information. impact the...
ROS-20250923-09
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-14
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-03
A vulnerability in the Python programming language interpreter CPython is related to insufficient validation of user data in Lib/email/headervalueparser.py. user data in Lib/email/headervalueparser.py. Exploitation of the vulnerability could allow an attacker acting remotely to execute a spoofing...
ROS-20250923-02
Vulnerability in the setuid module of the Node.js software platform is related to context switching bugs privileges. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20250923-05
A vulnerability in the sqlite3dbconfig function of the sqlite3.c file of the SQLite database management system is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service via the sznBig parameter...
ROS-20250923-23
Vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow a...
ROS-20250923-07
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-11
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-08
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-01
The vulnerability in the Python programming language interpreter CPython is due to the fact that Cpython does not prohibits setting an empty list "" for SSLContext.setnpnprotocols, which is an invalid value for the OpenSSL base API when using NPN. Exploitation of the vulnerability could allow an...
ROS-20250923-42
Vulnerability of the cURL command line utility's implementation of HTTP "chaining" compression mechanisms is related to the following the possibility to perform an infinite number of steps of HTTP server responses decompression, which will lead to uncontrolled memory consumption. uncontrolled...
ROS-20250923-15
Vulnerability of LDAP protocol implementation of Samba networking software package is related to flaws in access control list ACL based access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...
ROS-20250923-12
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-10
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250923-22
A vulnerability in the curl program is related to a state issue with parallel processing of multiple transactions, resulting in ignoring HSTS support. Exploitation of the vulnerability could allow an attacker acting remotely to execute a MitM attack Vulnerability in the implementation of HTTP...
ROS-20250922-02
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect code generation control. code generation control. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability in Mozilla Firefox, Firefox ESR...