7179 matches found
ROS-20250505-01
The vulnerability in the Golang programming language SSH server is related to the fact that the application does not control internal resources consumption in the ssh packet when working with clients that are slow or do not perform key exchange at all. or do not perform key exchange at all...
ROS-20250505-32
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250505-11
The Redis database management system DBMS vulnerability is related to improper management of internal resources in the application when processing output buffers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250506-01
Vulnerability of net/ipv6 components of Linux operating system kernel is related to memory leak in function ip6negativeadvice in net/ipv6/route.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the can component of the Linux operating...
ROS-20250505-08
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
ROS-20250505-02
A vulnerability in the Wayland protocol implementation of X.Org XWayland, an implementation of the X Window System X.Org Server Server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise it...
ROS-20250505-05
The vulnerability of the Zabbix universal monitoring system is related to insufficient cleansing of user data passed via the "groupBy" parameter in include/classes/api/CApiService.php. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL queries in the database...
ROS-20250505-12
A vulnerability in the OpenSSH cryptographic security tool is related to the fact that a challenge is only sent if the the combination of username and public key can be valid for logging in. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data. dat...
ROS-20250505-10
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250430-08
A vulnerability in Nomad Application Orchestrator involves the insertion of sensitive information into a log file. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a client's secret client token...
ROS-20250430-06
A vulnerability in the vim text editor function is related to the execution of shell commands via specially crafted tar archives. created tar archives. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the vim text editor function is relate...
ROS-20250430-15
Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...
ROS-20250430-12
The vulnerability in the PHP programming language interpreter is related to a flaw in header processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request Smuggling attac...
ROS-20250430-04
A vulnerability in the libsoup library of the GNOME GUI is related to an infinite loop when reading WebSocket data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service GNOME GUI libsoup library vulnerability is related to NULL pointer dereferenci...
ROS-20250430-02
A vulnerability in the libavformat/westwoodvqa.c component of the FFmpeg multimedia library is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service using a specially crafted VQA file FFmpeg multimedia library...
ROS-20250430-01
A vulnerability in the BusyBox set of command line utilities is related to a post-release usage error in the awk applet. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system The BusyBox command line utility set vulnerability is related to a NUL...
ROS-20250430-14
The vulnerability of ASP.NET Core software platform and Microsoft's software development tool Visual Studio is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250430-13
HAProxy server software vulnerability is related to bounds errors in regsub function in src/sample.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250430-10
The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. hidden HTTP request HTTP Request...
ROS-20250430-09
VBI libzvbi VBI capture and decode library vulnerability is related to an integer overflow in the vbicapturesimloadcaption function in src/io-sim.c. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system VBI capture and decode...
ROS-20250430-07
A vulnerability in the compiler of the html templating tool jinja is related to a sandbox escape via the attr filter format selection method. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20250430-03
A vulnerability in the GPAC multimedia platform is related to a heap buffer overflow in the isomedia/sampledescs.c:1799, in gfisomnewmphadescription in gpac/MP4Box. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the GPAC multimedia platfo...
ROS-20250430-16
The package manager vulnerability for Kubernetes Helm is related to the creation of a diagram file in such a way, that it expands and becomes much larger in uncompressed form. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A package manager...
ROS-20250430-05
Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...
ROS-20250430-11
The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request...
ROS-20250424-03
Vulnerability of the executefilterdelta function of the archivereadsupportformatrar.c component of the Libarchive archiving library is related to reading beyond the allowed data buffer boundaries. of Libarchive archiving library is related to reading outside the allowed data buffer boundaries...
ROS-20250424-09
The vulnerability in Google Chrome and Microsoft Edge browsers is related to the possibility of memory usage after a release. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality,...
ROS-20250424-08
A vulnerability in the containerd container runtime environment is related to an integer overflow when processing a UID:GID that exceeds the maximum 32-bit signed integer. Exploitation of the vulnerability could Allow an attacker to cause a denial of service...
ROS-20250424-01
A vulnerability in the nftsetcommitupdate function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the reuse of previously freed memory. of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability...
ROS-20250424-14
Vulnerability in Apache Tomcat application server's JNDIRealm module implementation is related to flaws in the authentication mechanism. authentication mechanism. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information. Unauthorized...
ROS-20250424-34
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250424-05
Vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to access credentials with HTTP redirection to another resource. access to credentials...
ROS-20250424-06
A vulnerability in the listitemverbose function of the Libarchive library is related to a bounds error in the processing of .tar .tar files in the listitemverbose function in tar/util.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A...
ROS-20250424-33
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250424-10
A vulnerability in the libtar package is related to the initiation of a malloc0 call for the gnulonglink variable. Exploitation The vulnerability could allow a remote attacker to gain access to sensitive information. information The libtar package vulnerability is related to the initiation of a...
ROS-20250424-07
Vulnerability of xmlPatMatch function in pattern.c file of libxml2 library is related to null pointer dereferencing. pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service A vulnerability in the libxml2 library is related...
ROS-20250424-13
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250424-12
A vulnerability in the eval function of the Cloud Deployment and Query Tool modules of the database management tool pgAdmin 4 is related to incorrect code generation control when processing endpoints /sqleditor/querytool/download and /cloud/deploy with querycommitted and highavailability...
ROS-20250424-02
The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20250424-25
The vulnerability of the cURL server communication software tool is related to the fact that the application could leak credentials when requesting to use a .netrc file for credentials and following HTTP redirects. following HTTP redirects. Exploitation of the vulnerability could allow an attacke...
ROS-20250424-11
Vulnerability of CLARRV, DLARRV, SLARRV and ZLARRV functions of the library for numerical calculations of linear algebra LAPACK, linear algebra library OpenBLAS is related to reading beyond buffer limits. LAPACK, OpenBLAS linear algebra library is related to reading outside the allowed boundaries...
ROS-20250424-04
The GPAC multimedia platform vulnerability involves uncontrolled resource consumption. Exploitation The vulnerability could allow an attacker to cause a denial of service A vulnerability in a function in gfm2tsprocesspmt of the GPAC multimedia platform is related to buffer copying without checkin...
ROS-20250422-01
A vulnerability in the Bluetooth driver of the Linux kernel is related to the dereferencing of a null pointer due to competitive resource access race condition in the hciuartttyioctl function between the HCIUARTSETPROTO and HCIUARTGETPROTO commands in the drivers/bluetooth/hcildisc.c module...
ROS-20250421-01
Vulnerability of the vmfaultt vasmmapfault function of the arch/powerpc/platforms/book3s/vas-api.c module of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...
ROS-20250417-03
The Jenkins Automation Server vulnerability is related to the fact that the vulnerable plugin does not edit encrypted secret values when accessing config.xml of agents via REST API or CLI. Exploitation of the vulnerability could Allow an attacker acting remotely to gain access to potentially...
ROS-20250417-02
Vulnerability of /settings/store API endpoint of pgAdmin database management tool is related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform a cross-site scripted attack Server mode...
ROS-20250417-08
A vulnerability in the net/http package of the Go programming language is related to a flaw in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20250417-12
Vulnerability in cgi gem software tool due to insufficient input validation when processing unreliable input using regular expressions in CGI::UtilescapeElement. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the cgi gem...
ROS-20250417-09
Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird email client of operating systems Windows is related to a post-release usage error in XSLTProcessor. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...
ROS-20250417-07
Exim mail server vulnerability is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to escalate his privileges...