7149 matches found
ROS-20250619-06
Dante proxy server vulnerability is related to improper access restrictions in certain configurations of sockd.conf that includes socksmethod. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the...
ROS-20250619-04
Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...
ROS-20250619-13
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250616-23
The vulnerability of the Zabbix universal monitoring system web-integrity is related to the failure to take measures to protect the web page structure. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct a cross-site scripting attack b...
ROS-20250616-21
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250619-08
The h11 library vulnerability is related to flaws in HTTP request processing. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information. of protected information...
ROS-20250619-03
A vulnerability in the Microsoft Visual Studio software development tool, the Microsoft.NET software platform, and the Build Tools for Visual Studio toolkit is associated with an incorrect external external vulnerability. Microsoft.NET and Build Tools for Visual Studio toolkit is related to...
ROS-20250619-02
A vulnerability in the Net::IMAP module of the Ruby programming language is related to uncontrolled memory allocation. memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250616-26
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250619-12
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250616-25
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250619-09
The vulnerability in the Golang programming language is related to input validation errors when processing directory traversal sequences in file names. Exploitation of the vulnerability could allow an attacker to perform directory traversal attacks...
ROS-20250619-11
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250619-10
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250619-16
YASM assembler vulnerability is related to NULL pointer dereferencing via the yasmsectionbcsappend function in section.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250619-07
Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to a lack of quota checking for attachments. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in cloud software for creating and...
ROS-20250619-14
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250619-05
A vulnerability in the PostgreSQL PgBouncer connection pooling program is related to the fact that a password can be used after it expires, because authquery does not take into account the value of Postgre's VALID UNTIL. Exploitation of the vulnerability allows an attacker acting remotely to gain...
ROS-20250616-27
The vulnerability of the Zabbix universal monitoring system server is related to unrestricted allocation of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250616-24
The vulnerability of the Zabbix universal monitoring system web-integrity is related to the failure to take measures to protect the web page structure. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct a cross-site scripting attack b...
ROS-20250619-17
Vulnerability of CompressorStreamFactory, TarArchiveInputStream and TarFile classes of Apache Commons archiver Compress is related to uncontrolled resource consumption as a result of insufficient input data validation when processing TAR archive headers. Exploitation of the vulnerability could...
ROS-20250619-15
A software vulnerability in the Grafana monitoring and surveillance platform is related to a vulnerability in the of the XY Chart plugin to DOM XSS. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Grafana monitoring and surveillance platform...
ROS-20250616-28
The vulnerability of the Zabbix universal monitoring system server is related to unrestricted allocation of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250616-06
UPX executable packer vulnerability is related to buffer overflow in PackLinuxElf64::unDTINIT of the src/plxelf.cpp file. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250616-19
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-16
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-12
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-15
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-14
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-09
Vulnerability in adodb library is due to improper escaping of query parameter. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL statements...
ROS-20250616-08
Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird mail client of operating systems Windows is related to insufficient process isolation when processing "javascript:" URI links. Exploitation of the The exploitation of this vulnerability could allow a remote attacker to bypass...
ROS-20250616-11
A vulnerability in the Moodle virtual learning environment is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. information Vulnerability of moodle virtual learning environment is...
ROS-20250616-13
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-03
A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to insufficient insufficient validation of data provided by an attacker in Rack::CommonLogger. Exploitation of the vulnerability could Allow an attacker acting remotely to manipulate data log entr...
ROS-20250616-07
A vulnerability in the Mbed TLS software is related to a bug in the handling of memory allocation during the during the TLS handshake. Exploitation of the vulnerability could allow an attacker to bypass the authentication process Mbed TLS software vulnerability is related to insecure default...
ROS-20250616-10
The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the software saves confidential information in log files when processing incorrect data using the KVv2 plug-in. processing incorrect data using the KVv2 plug-in...
ROS-20250616-20
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-17
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-18
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-05
A vulnerability in the File Handler component of the cross-platform 3D model import library Assimp Open Asset Import Library is related to a buffer overflow in aiString::Set in include/assimp/types.h library. Exploiting the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250616-01
A vulnerability in the parselrc function of the Gstreamer multimedia framework is related to the dereferencing of a null pointer. NULL pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250616-02
A vulnerability in the Poppler PDF mapping library is related to boundary conditions in the function jbig2bitmap :: combine in jbig2stream.cc in libpppler.so. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information...
ROS-20250616-04
Vulnerability of functions xmlSchemaIDCFillNodeTables, xmlSchemaBubbleIDCNodeTables xmlschemas.c of library Libxml2 is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted XML f...
ROS-20250609-01
A vulnerability in the DOMDeserializer component of the FasterXML jackson-databind library is related to an incorrect restriction of XML links to external objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct XXE attacks...
ROS-20250602-01
A vulnerability in the Bluetooth component of the Linux kernel is related to a memory leak in the function hcigetrandomaddress in net/bluetooth/hcisync.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the traceeventshist component of the...
ROS-20250529-01
A vulnerability in the phy component of the Linux kernel is related to the dereferencing of a NULL pointer in the spusbphyphyprobe function in drivers/phy/sunplus/phy-sunplus/phy-sunplus-usb2.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability...
ROS-20250528-01
A vulnerability in the acpi component of the Linux kernel is related to the dereferencing of a NULL pointer in the acpiskipsetwakeupaddress function in drivers/acpi/sleep.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the net...
ROS-20250526-01
A vulnerability in the FSM component of Intel processor firmware is related to the checking of the incorrect conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the RAPL Interface of Intel processor firmware is related to the...
ROS-20250526-06
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the Shamir implementation uses pre-computed table lookups. Exploitation of the vulnerability could allow an attacker to gain access to potentially sensitive information...
ROS-20250526-02
Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file...