7152 matches found
ROS-20250402-02
A vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the possibility of memory usage after release. Thunderbird is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow a...
ROS-20250402-08
The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the application allows the use of entity aliases mapped to a single resource with the same alias name. Exploitation of the vulnerability could allow an attacker actin...
ROS-20250402-06
Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...
ROS-20250402-07
A vulnerability in the Consul and Consul Enterprise service configuration tool is related to insufficient validation of user input. of user input. Exploitation of the vulnerability could allow an attacker acting remotely to launch an SSRF attack. remotely to launch an SSRF attack Vulnerability in...
ROS-20250402-04
Vulnerability of the GLPI system of requests, incidents and inventory of computer equipment is related to improperly restricting access to the "install/update.php" file. Exploitation of the vulnerability could allow An attacker acting remotely could gain access to confidential information A...
ROS-20250402-01
The vulnerability of the urllib.parse.urlsplit and urlparse functions of the Python programming language interpreter is related to the fact that urllib.parse.urlsplit and urlparse accept domain names with square brackets. Exploiting the vulnerability could allow an attacker to escalate their...
ROS-20250402-03
A vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the possibility of memory usage after release. Thunderbird is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow a...
ROS-20250402-09
The libexpat XML file parsing library vulnerability is related to boundary errors in the processing of XML content. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...
ROS-20250326-10
A vulnerability in the Nextcloud calendar cloud software application for creating and utilizing a Nextcloud data warehouse is related to the failure to clean up line breaks and special characters in the email value in a JSON request. Exploitation of the vulnerability could allow an attacker actin...
ROS-20250326-09
Ruby interpreter vulnerability is related to a hidden time channel Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...
ROS-20250326-03
The vulnerability in the document-oriented database management system MongoDB is related to bugs in the query analysis of some complex self-referential $lookup subconvectors, leading to sending to the server literal values in expressions for encrypted fields as plaintext instead of encrypted text...
ROS-20250326-02
A vulnerability in the document-oriented MongoDB database management system is related to the lack of authorization checks. authorization checks. Exploitation of the vulnerability could allow a remote intruder gain unauthorized access to protected information...
ROS-20250326-11
A vulnerability in the sqlghashsource component of the virtuoso-opensource web application development platform is related to the unconstrained and unregulated resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using special...
ROS-20250326-07
A vulnerability in the snmptrapd daemon of the Zabbix universal monitoring system is related to improper processing of the output data for logs. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface Vulnerability of strbase64encoderfc2047 function...
ROS-20250326-04
A vulnerability in the Ruby Sinatra web application development framework is related to causing an Open Redirect Attack Attack by inserting an arbitrary address into this header. Exploiting the vulnerability allows an attacker, acting remotely, to gain access to sensitive data...
ROS-20250326-06
A vulnerability in the Twisted Web component of the Twisted networking framework is related to insufficient input data validation when processing HTTP headers. data when processing HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250326-08
A vulnerability in the snmptrapd daemon of the Zabbix universal monitoring system is related to improper processing of the output data for logs. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface Vulnerability of strbase64encoderfc2047 function...
ROS-20250326-05
A vulnerability in the sysexec function of MariaDB software is related to insecure permissions. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands with elevated privileges...
ROS-20250326-01
Pidgin instant messaging vulnerability is related to DNS response spoofing and redirecting client connections to a malicious server. redirecting client connections to a malicious server. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service to an...
ROS-20250325-01
A vulnerability in the net component of the Linux kernel is related to a read error outside the allowed range in drivers/net/wwan/wwancore.c. valid range in drivers/net/wwan/wwancore.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the n...
ROS-20250320-01
A vulnerability in the bpf component of the Linux kernel is related to resource management errors in the findequalscalars function in kernel/bpf/verifier.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the htcconnectservice function of...
ROS-20250319-01
A vulnerability in the net component of the Linux operating system kernel is related to a reachability assertion in the inetaccept function in net/ipv4/afinet.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250319-02
A vulnerability in the dm cache component of the Linux operating system kernel is related to a read error outside the bounds in the canresize function in drivers/md/dm-cache-target.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service Vulnerability in the...
ROS-20250318-01
A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...
ROS-20250317-01
Vulnerability of x86androidtabletprobe function in drivers/platform/x86/x86/x86-android-tablets/core.c of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of...
ROS-20250314-02
A vulnerability in the wifi component of the Linux operating system kernel is related to an incorrect lock in the function ilpciresume in drivers/net/wireless/intel/iwlegacy/common.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...
ROS-20250314-01
Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...
ROS-20250312-01
The vulnerability of thejd drm/amd/display component of the Linux kernel is related to incorrect verification of the input data in the calculatettucursor function in the drivers/gpu/drm/amd/display/dc/dml/dcn21/displayrqdlgcalc21.c, in the calculatettucursor function in the...
ROS-20250311-06
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-05
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-02
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-07
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-01
A vulnerability in the f2fs component of the Linux operating system kernel is related to an incorrect lock in the function f2fshandlecriticalerror in fs/f2fs/super.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in rtl2830pidfilter function ...
ROS-20250311-04
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-03
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-08
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250310-01
Vulnerability of the dpaastartxmit function in the drivers/net/ethernet/freescale/dpaa/dpaaeth.c module of the Linux kernel of the Linux kernel is associated with a data leak. Exploitation of the vulnerability could allow an attacker to affect the confidentiality and availability of protected...
ROS-20250307-14
Moodle virtual learning environment vulnerability is related to access control weaknesses. Exploitation The vulnerability could allow a remote attacker to gain unauthorized access to the protected information. protected information A vulnerability in the Moodle virtual learning environment is...
ROS-20250307-06
A vulnerability in the OpenSSL library is related to a temporary side-channel in the ECDSA signature computation. Exploitation of the vulnerability could allow a remote attacker to recover the private key...
ROS-20250307-05
A vulnerability in the OpenSSL library is related to a temporary side-channel in the ECDSA signature computation. Exploitation of the vulnerability could allow a remote attacker to recover the private key...
ROS-20250307-01
A vulnerability in the readline.sh component of the socket forwarding utility from the host machine is related to the use of a predictable temporary file name in readline.sh. the use of a predictable temporary file name in readline.sh. Exploitation of the vulnerability could allow an attacker...
ROS-20250307-03
A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browser exists due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate privileges using a specially crafted HTML...
ROS-20250307-08
The vulnerability of the objdump.c file of the GNU Binutils development tool is related to bounds errors in the disassemblebytes function in binutils/objdump.c in the nm binary. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250307-12
Nomad application orchestrator vulnerability related to customization of wildcard namespace usage. namespace. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL policy by allowing reads from other namespaces. ACL policy by allowing reads from other namespaces...
ROS-20250307-11
A vulnerability in the src/main.c file of the vim text editor is related to manipulation of the -log argument, resulting in memory corruption. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the strtoreg function of the src/main....
ROS-20250307-09
Vulnerability of raptorurinormalizepath in Raptor library is related to integer overflow when processing URIs in PDF files. Exploitation of the vulnerability allows an attacker to gain access to sensitive data...
ROS-20250307-13
A vulnerability in the VerifyHostKeyDNS component of the OpenSSH cryptographic protection tool is related to flaws in error handling during host key verification. in error handling during host key verification. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct...
ROS-20250307-10
Vulnerability in nginx software is related to TLS session resumption when processing client certificate client certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, an attacker could bypass the authentication process...
ROS-20250307-07
A vulnerability in the OVN Open Virtual Network abstraction support system is related to bypassing the output access control lists ACLs in OVN deployments using crafted UDP packets. Exploitation The vulnerability could allow an attacker acting remotely to gain unauthorized access to the Virtual...
ROS-20250307-04
Vulnerability of cleanipv6address and isvalidipv6address functions of Django web application software platform Django is associated with a memory leak due to the use of an incorrect function to free resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service...