7149 matches found
ROS-20250922-04
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the null pointer dereferencing. null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information. remotely to...
ROS-20250922-09
The Unbound DNS server vulnerability is related to the fact that the application does not properly control the consumption of internal resources when processing responses with very large resource sets RRsets. internal resources when processing responses with very large resource sets RRsets...
ROS-20250922-07
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding the memory buffer boundaries as a result of an integer overflow. operation out of buffer boundaries in memory as a result of integer overflow. Exploitation of the vulnerability coul...
ROS-20250922-03
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the null pointer dereferencing. null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information. remotely to...
ROS-20250922-10
A vulnerability in the getpeername function of the WSGI server for python Waitress is related to the non-release of a resource after a valid exploitation period has expired. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250922-08
Twisted Web HTTP 1.1 server vulnerability in the twisted.web.http module of the Twisted networking framework is related to the HTTP request processing flaws. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data. remotely to gain access to...
ROS-20250922-06
A vulnerability in the RabbitMQ messaging and streaming broker is related to insufficient cleansing of user-supplied data in an error message in the management interface. Exploitation of the vulnerability could allow an attacker acting remotely to perform cross-site scripting...
ROS-20250922-05
The MinIO object storage server vulnerability is related to a client key trust error if the public key matches the sshPublicKey attribute. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication and gain unauthorized access to the server. remotely to...
ROS-20250922-01
Vulnerability in Mozilla Firefox and Firefox ESR browsers, Thunderbird mail client is related to an operation exceeding the buffer boundaries when processing XPath expressions. operation exceeds buffer boundaries in memory when processing XPath expressions. Exploitation of the vulnerability could...
ROS-20250912-02
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-01
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-05
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-19
Vulnerability in the HTTP2 handler of Apache Tomcat application server is related to incorrect release of a resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250912-18
Vulnerability in the HTTP2 handler of Apache Tomcat application server is related to incorrect release of a resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250912-13
A vulnerability in OpenBao's secret management and encryption system is related to an unexpected normalization in the in the TOTP base library. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data A vulnerability in the OpenBao secret management and encryptio...
ROS-20250912-11
Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...
ROS-20250912-09
Vulnerability in the implementation of the CORS mechanism of the Python PyPi language software product repository is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. remotely to disclose protected...
ROS-20250912-03
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-08
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-07
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-04
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-14
Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...
ROS-20250912-06
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-17
Vulnerability in the HTTP2 handler of Apache Tomcat application server is related to incorrect release of a resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250912-16
Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...
ROS-20250912-15
Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...
ROS-20250912-12
A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the lack of blocking access to the local file specified in the link URL. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to confidential data...
ROS-20250912-10
Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...
ROS-20250911-01
A vulnerability in the DNS load balancer and proxy for DNS traffic DNSdist is related to the assertion of availability when support for inbound DNS over HTTPS is enabled using the nghttp2 provider, and requests are are routed to a TCP-only backend or DNS over TLS. Exploitation of the vulnerabilit...
ROS-20250911-07
A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to affect the integrity, availability, and confidentiality of protected information. confidentiality of...
ROS-20250911-04
Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...
ROS-20250911-06
Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...
ROS-20250911-11
A vulnerability in Cloud-init cloud server configuration tool is related to incorrect assignment of permissions for a critical resource. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the Cloud-Init cloud virtual machine provisioning too...
ROS-20250911-05
Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...
ROS-20250911-10
A vulnerability in the lib/utils/ghash/ghash.cpp component of the Botan cryptographic library is related to the disclosure of information through an inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20250911-02
Vulnerability of the rterawcksummbuf function of the vhost library of the DPDK suite of libraries and drivers for fast packet processing is related to the operation exceeding the memory buffer boundary while processing the len parameter. DPDK packet processing is related to the operation exceedin...
ROS-20250911-12
Vulnerabilities in GLPI's asset management and data center management software are related to improper privilege management. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...
ROS-20250911-09
A vulnerability in the Apache Commons FileUpload library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250911-03
A vulnerability in the GIMP graphical editor is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the GIMP graphical editor is related to an operation exceeding buffer boundaries in memory when...
ROS-20250910-05
Vulnerability of the library for working with DICOM DCMTK format is related to dereferencing of the NULL pointer in the /libsrc/dcrleccd.cc component using a created DICOM file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability ...
ROS-20250910-02
A vulnerability in the Hints::Hints poppler/Hints.cc function of the Poppler PDF display library is related to a resource release error. with resource release errors. Exploitation of the vulnerability allows an attacker acting remotely, to cause a denial of service using a specially crafted PDF...
ROS-20250910-01
A vulnerability in the GNU screen terminal multiplexer's logfilereopen function is related to the execution of an operation before privilege reset. Exploitation of the vulnerability could allow an attacker to write data to an arbitrary file with root privileges. data to an arbitrary file with roo...
ROS-20250910-04
AV3DVirtAnnot vulnerability in Adobe Acrobat Document Cloud PDF viewers and editors. Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat 2024, Adobe Acrobat Reader 2020 is related to the ability to use memory after it has been freed. Exploitation of the vulnerability cou...
ROS-20250910-03
Vulnerability of Poppler PDF rendering library is related to lack of object threads cleanup PDF when cairodebugresetstaticdata is called. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...
ROS-20250908-05
A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...
ROS-20250908-10
A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...
ROS-20250908-08
A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...
ROS-20250908-11
The vulnerability in the Ruby interpreter is related to the fact that the application does not control internal resource consumption when processing DNS packets properly. resources when processing DNS packets properly. Exploitation of the vulnerability could allow an attacker, acting locally to...
ROS-20250908-07
A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...
ROS-20250908-06
A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...