8162 matches found
ROS-20251112-08
A vulnerability in the Python Eventlet network concurrency library is related to an incorrect HTTP request validation in the WSGI parser. Exploitation of the vulnerability could allow an attacker acting remotely to perform HTTP spoofing attacks. remotely to perform HTTP request spoofing attacks...
ROS-20251112-05
Vulnerability in the t2.c component of the OpenJPEG image encoding and decoding library is related to an uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely cause a denial of service...
ROS-20251112-06
A vulnerability in the NVIDIA CUDA GPU parallel computing software toolkit is related to boundary conditions in cuobjdump and nvdisasm. Toolkit is related to boundary conditions in cuobjdump and nvdisasm. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251111-03
Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...
ROS-20251111-08
A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...
ROS-20251111-01
A vulnerability in the libxml2 library for manipulating XML and HTML files is related to uncontrolled recursion during the XPath computation in the xmlXPathRunEval function in xpath.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...
ROS-20251111-02
A vulnerability in the NVIDIA CUDA parallel computing software toolkit for NVIDIA CUDA GPUs Toolkit is related to null pointer dereferencing error in cuobjdump and nvdisasm. Exploitation The vulnerability could allow an attacker to cause a denial of service...
ROS-20251111-05
The vulnerability in the Ruby REXML XML toolkit is related to the fact that the application does not properly control the internal resource consumption when analyzing malformed XML code containing multiple XML declarations. Exploitation of the vulnerability could allow an attacker to cause a deni...
ROS-20251111-07
A vulnerability in the Downloads component of the Google Chrome and Microsoft Edge browsers is related to a false representation of critical information by the user interface. presentation of critical information by the user interface. Exploitation of the vulnerability could Allow an attacker...
ROS-20251111-06
A vulnerability in the Glib library is related to boundary conditions in the gettmpfile function in glib/gfileutils.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251111-04
Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...
ROS-20251111-10
Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...
ROS-20251111-11
Vulnerability of function ffaacsearchfortns in component libavcodec/aacenctns.c of multimedia library FFmpeg is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an intruder acting remotely to gain unauthorized access to protected...
ROS-20251111-09
A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...
ROS-20251110-01
FFmpeg multimedia library vulnerability is related to null pointer dereferencing error in HLS playlists parsing. when parsing HLS playlists. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the audioelementobu function of the...
ROS-20251110-05
A vulnerability in the Linux-PAM authentication module is related to insecure storage of sensitive information. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information...
ROS-20251110-02
A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before file access. before accessing a file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code if a user opens a specially crafted ZIP archive. provided the user opens a...
ROS-20251110-04
A vulnerability in the qtdemuxparsetrak function of the Gstreamer multimedia framework is related to a boundary condition in the MOV/MP4 demultiplexer. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to potentially sensitive information A vulnerability in th...
ROS-20251110-03
Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...
ROS-20251106-03
A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to incorrect header processing in "Rack::Sendfile". header processing in "Rack::Sendfile". Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially...
ROS-20251106-01
The vulnerability in the Portainer container management platform is related to a vulnerability in the server side, API, registry list output logic, and/or a component that returned fields with secrets. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20251106-02
A vulnerability in the Netty networking software tool is related to insufficient input validation in the SMTP codec. SMTP codec. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SMTP commands. arbitrary SMTP commands...
ROS-20251106-05
The bfdselfparseehframe function of the GNU Binutils development tool has a vulnerability related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in GNU Binutils software development to...
ROS-20251106-04
Vulnerability of django.utils.archive.extract function of Django web application software platform is related to errors in the relative directory path handling mechanism. Exploitation of the vulnerability could allow a remote attacker to bypass security restrictions. Vulnerability in...
ROS-20251106-06
Vulnerabilities in Asterisk management systems are related to improper management of internal resources of the of the application. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251106-07
A vulnerability in the phpMyAdmin database administration web application is related to an XSS vulnerability in the table validation function. XSS vulnerability for the table validation feature. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code ...
ROS-20251106-09
A vulnerability in the QEMU hardware emulator is related to the incorrect release and use of the irqfd for vector 0 during boot time in QEMU Virtio PCI Bindings hw/virtio/virtio/pci.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251106-08
A vulnerability in the Gstreamer multimedia framework is related to a null pointer dereferencing bug in the SubRip subtitle parser. SubRip subtitle parser. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Gstreamer multimedia framework vulnerability...
ROS-20251105-12
A vulnerability in the usbepget function hw/net/core.c of the QEMU hardware emulator is related to a a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251105-06
The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...
ROS-20251105-03
A vulnerability in the Apache Log4cxx C++ logging framework is related to insufficient cleanup of the user-supplied data when using an ODBC appender to send log messages to a database. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in th...
ROS-20251105-05
Vulnerability of passwordchange.cgi script of Webmin hosting control panel and web-interface for unix-like systems Usermin is related to flaws in error reporting mechanism. unix-like systems Usermin is related to a flaw in the error reporting mechanism. Exploitation of the vulnerability could all...
ROS-20251105-08
Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...
ROS-20251105-04
A vulnerability in the debugtypesamep function of the objdump component of the GNU Binutils development tool is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the elfgcsweep...
ROS-20251105-09
Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...
ROS-20251105-07
The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...
ROS-20251105-11
Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...
ROS-20251105-10
Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...
ROS-20251105-01
A vulnerability in the Apache Log4cxx C++ logging framework is related to the fact that when using the HTMLLayout, logger names are not properly escaped when written to an HTML file. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data A vulnerability...
ROS-20251105-02
A vulnerability in the LibTIFF library is related to a bounds checking bug in the setrow function in tools/thumbnail.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the LibTIFF library is related to a bounds checking b...
ROS-20251031-01
Vulnerability of MongoDB database management system is related to incorrect processing of certain accumulator functions when additional parameters are specified in the $group operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251031-03
A vulnerability in the Apache ActiveMQ software platform is related to the recovery of invalid data in memory data. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by creating an OpenWire class. arbitrary code by creating a class over the OpenWire protoco...
ROS-20251031-02
A vulnerability in the nvJPEG library of the NVIDIA CUDA Toolkit, a software tool for parallel computing on graphics processors, is related to buffer overruns. The NVIDIA CUDA Toolkit GPU parallel computing software nvJPEG library vulnerability is related to writing outside buffer boundaries...
ROS-20251031-04
Vulnerability of cuobjdump file of parallel computing software tool for GPUs NVIDIA CUDA Toolkit is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the cuobjdump file of the NVIDIA CUDA Toolkit GPU parallel...
ROS-20251031-05
A vulnerability in the nvdisasm command line utility of the NVIDIA CUDA Toolkit parallel computing software toolkit is related to reading outside the allowed range. NVIDIA CUDA Toolkit GPUs is related to reading outside the allowed range in memory. memory. Exploitation of the vulnerability could...
ROS-20251030-10
A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...
ROS-20251030-09
A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...
ROS-20251030-01
A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...
ROS-20251030-03
A vulnerability in the MongoDB database management system is related to misconfiguration of the lsid field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251030-02
A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...