ROS-20250812-01

A vulnerability in the Guzzle HTTP client library of the PHP programming language interpreter is related to an incorrectly implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability i...

ROS-20250812-08

Apache HTTP Server vulnerability is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to launch an SSRF attack Vulnerability in the modules/proxy/modproxy.c component of the Apache HTTP Server web server is related t...

ROS-20250812-07

A vulnerability in the amazon.aws.ec2instance module of Ansible configuration management is related to an error in the handling of the of the towercallback parameter. Exploitation of the vulnerability allows an attacker acting remotely to gain access sensitive data...

ROS-20250812-05

A vulnerability in the framework that enables the development and deployment of RESTful services and RESTEasy applications is related to the insecure creation of temporary files. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...

ROS-20250812-04

Vulnerability of decodeComponents function of decode-uri-component URI decoder is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

ROS-20250812-03

The MIFF component of the GraphicsMagick cross-platform graphics library is vulnerable to authorization errors. authorization errors. Exploitation of the vulnerability could allow an attacker to compromise the confidentiality, integrity, and availability of protected information. confidentiality,...

ROS-20250808-06

A vulnerability in the Golang programming language is related to the handling of untrusted version control system VCS repositories that contain malicious configuration. Version Control System VCS repositories containing malicious configuration. Exploitation of the vulnerability could allow an...

ROS-20250808-02

A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...

ROS-20250808-01

A vulnerability in the Apache HttpClient client module is related to insufficient input validation. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected data or gain access to modify, add, or delete protected data. access to protected data or ga...

ROS-20250808-04

A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...

ROS-20250808-05

A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...

ROS-20250808-03

A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...

ROS-20250808-07

The vulnerability in the GoBGP border gateway protocol is related to the lack of input data length conformance checking. where all bytes are available for an RTR message. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service A vulnerability in the...

ROS-20250807-03

Libjxl library vulnerability is related to boundary conditions when working with EXIF files. Exploitation The vulnerability could allow a remote attacker to gain access to potentially sensitive information...

ROS-20250807-02

The vulnerability of the Podman OCI container management and launching software tool is related to errors in the in the certificate authentication procedure. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...

ROS-20250807-01

A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...

ROS-20250807-06

Vulnerability in vim text editor is related to input validation errors when processing directory traversal sequences in the tar.vim plugin. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in vim text editor is related to input validation errors wh...

ROS-20250807-05

The vulnerability of the RESTEasy software tool is related to incorrect input data validation, leading to the return of an invalid header that is integrated into the server response. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code A vulnerabilit...

ROS-20250807-04

Git distributed version control system vulnerability in software development tools Microsoft Visual Studio is related to the use of an unreliable search path when spell checking of cloned repositories. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when clonin...

ROS-20250806-07

The libblockdev library vulnerability is related to file system mount and drive management as a result of incorrect access delimitation when accessing the udisks daemon. as a result of incorrect access delimitation when accessing the udisks daemon. Exploitation of the vulnerability could allow an...

ROS-20250806-03

Vulnerability of network traffic analysis software tcpdump is related to boundary conditions in libpcap when reading pcapng. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

ROS-20250806-12

A vulnerability in the mtr network diagnostic tool is related to improper handling of an item specified in the MTRPACKET environment variable. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

ROS-20250806-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of registration data. inadequate protection of login credentials. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to...

ROS-20250806-08

A vulnerability in the MongoDB database management system server is related to excessive iteration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service MongoDB database management system vulnerability is related to the fact that the software stor...

ROS-20250806-04

Vulnerability of the Connector/J subcomponent of the MySQL Connectors driver of the Oracle database management system MySQL is related to insufficient access control. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected data...

ROS-20250806-02

A vulnerability in the modauthopenidc module of the Apache HTTP Server HTTPD web server is related to insufficient user data validation when OIDCPreservePost is enabled in modauthopenidc. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250806-01

Squid proxy server vulnerability is related to buffer overflow in dynamic memory when processing URN headers. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted HTTP requests. arbitrary code by sending specially crafted HTTP...

ROS-20250806-06

Vulnerability in the libxml2 XML file parsing library is related to boundary checking errors in the shell xmllint - shell.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

ROS-20250806-09

A vulnerability in the MongoDB database management system server is related to excessive iteration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service MongoDB database management system vulnerability is related to the fact that the software stor...

ROS-20250806-10

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by using a specially crafted HTML page A vulnerability in the V8...

ROS-20250806-05

A vulnerability in the Job Invocation component of tfm-rubygem-foremanansible is related to data manipulation. Exploitation of the vulnerability could allow an attacker acting remotely to view the job invocation, searching for passwords and other sensitive data...

ROS-20250806-13

Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the crypto-elliptic component of the Golang programming language is related to the...

ROS-20250804-21

A vulnerability in the cURL command line utility interface is related to the allocation of unlimited memory when processing HTTP headers. HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

ROS-20250804-03

Vulnerability of NCompress::NRar5::CDecoder method of RAR5 decoder of 7-Zip archiver is related to possibility of heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability of NArchive::NCom::CHandler::GetStream metho...

ROS-20250804-02

A vulnerability in Apache Kafka Message Manager is related to flaws in the deserialization mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in sasl.oauthbearer.token.endpoint.url and sasl.oauthbearer.jwks.endpoint.url client...

ROS-20250804-04

Vulnerability of the vsockremovesock function of the net/vmwvsock/afvsock.c module of the Linux kernel network functions implementation of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an intruder to affect the...

ROS-20250804-01

A vulnerability in the cURL command line utility interface is related to the allocation of unlimited memory when processing HTTP headers. HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

ROS-20250801-02

Vulnerability of vfiopcidevindenylist function of Linux kernel is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker to affect the integrity and availability of protected information...

ROS-20250801-01

A vulnerability in a set of add-on tools and libraries for the Go language designed to integrate with the OpenTelemetry, OpenTelemetry-Go Contrib is related to unconstrained and unregulated resource allocation when adding net.peer.sock.addr and net.peer.sock.port tags. regulation when adding...

ROS-20250731-02

A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information...

ROS-20250731-01

Vulnerability in the implementation of OAuth request signing logic for Python OAuthLib is due to insufficient user data validation in urivalidate functions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250731-04

A vulnerability in the Alerts & IRM service of the Grafana monitoring and surveillance platform is related to Insufficient protection of service data when connected to a DingDing contact point. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected...

ROS-20250731-05

A vulnerability in the Moby open source container framework is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20250731-03

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

ROS-20250730-01

A vulnerability in the Navigations component of the Google Chrome and Microsoft Edge browsers is related to a flaw in the source validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions with a specially crafted HTML...

ROS-20250729-04

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

ROS-20250729-01

A vulnerability in the django.utils.html.urlize function of the Django web application software platform is related to an incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the Django w...

ROS-20250729-02

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

ROS-20250729-05

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

ROS-20250729-06

A vulnerability in FreeIPA's centralized user identity management system is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges to the level of a domain administrator and impact the domain. remotely, escalate the...