7152 matches found
ROS-20250212-10
A vulnerability in the Python Babel library that helps internationalize and localize Python applications is associated with Input validation errors when processing directory traversal sequences in .dat locale files in Babel.Locale. Exploitation of the vulnerability could allow an attacker to...
ROS-20250212-08
A vulnerability in the Python toolkit dnspython is related to insufficient validation of user input in the Tudoor mechanism. user input in the Tudoor mechanism. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250212-07
Vulnerability of JxlEncoderAddJPEGFrame function of JPEG XL decoder of Libjxl library is related to operation outside of memory buffer boundaries. operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20250212-13
Vulnerability in the ntpd daemon implementation of the NTP time synchronization protocol is related to insufficient validation of user input during NTP packet processing. user input during NTP packet processing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20250212-06
A vulnerability in the oggvorbis.c component of the libsndfile audio file reading and writing library is related to a boundary condition violation in the vorbisanalysiswrote function in oggvorbis.c. a boundary condition violation in the vorbisanalysiswrote function in oggvorbis.c. Exploitation of...
ROS-20250212-02
Open Asset Import Library Assimp 3D model import library vulnerability is related to heap buffer overflow. heap buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of OpenDDDLParser::parseStructure function of 3D models import...
ROS-20250212-04
A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the consumption of internal resources in werkzeug.formparser.MultiPartParser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250212-01
A vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the lack of restrictions on authentication attempts. Exploitation of the vulnerability could allow an attacker acting remotely to implement a brute force attack...
ROS-20250212-05
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250212-03
A vulnerability in the cpython module of the Python programming language is related to improper input validation in module venv module when creating a virtual environment. Exploitation of the vulnerability allows an attacker to execute arbitrary code...
ROS-20250211-01
Vulnerability of the qethl2br2devworker function in the drivers/s390/net/qethl2main.c module of the drivers/s390/net/qethl2main.c kernel of the Linux operating system on the s390 platform is related to the reuse of previously released memory of the s390 Linux kernel is related to the reuse of...
ROS-20250210-01
A vulnerability in the spi component of the Linux kernel is related to incorrect error handling in the rockchipspisuspend and rockchipspiresume functions in drivers/spi/spi-rockchip.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...
ROS-20250206-01
A vulnerability in the btrfssubmitchunk function in the fs/btrfs/bio.c module of the btrfs file system of the Linux kernel is related to the reuse of previously freed memory. Linux kernel file system btrfs is related to the reuse of previously freed memory. Exploitation of the vulnerability could...
ROS-20250205-01
A vulnerability in the net/mlx5 components of the Linux operating system kernel is related to errors in accessing statistics of of commands after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the platform/surface...
ROS-20250205-02
A vulnerability in the PCI component of the Linux operating system kernel is related to incorrect input validation in the vpciscanbus and epfntbbind functions in drivers/pci/endpoint/functions/pci-epf-vntb.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of...
ROS-20250204-01
A vulnerability in the udf component of the Linux operating system kernel is related to the use of an uninitialized resource in the udfrename function in fs/udf/namei.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vmwgfx...
ROS-20250203-15
Vulnerability in Active Support PostgreSQL component of Ruby interpreter is related to insufficient validation of user input in Active Support in Inflector.underscore. user input data in Active Support in Inflector.underscore. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250203-13
A vulnerability in the Active Record component of the Ruby on Rails software platform is related to the possibility of injecting SQL code through comments. SQL code through comments. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of...
ROS-20250203-08
Vulnerability in numexpr library of framework for creating applications based on combining languages and models LangChain is related to incorrect code generation control. LangChain models is related to improper code generation control. Exploitation of the vulnerability could allow an attacker...
ROS-20250203-11
A vulnerability in the luaupvaluejoin function lapi.c of the Lua script interpreter is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in the luaresume ldo.c component of the Lua...
ROS-20250203-12
A vulnerability in the ldebug.c component of the Lua script interpreter involves an integer loss of significance. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250203-09
Vulnerability of the streaming python-multipart parser is related to insufficient input validation when processing "Content-Type" HTTP header value using regular expressions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250203-07
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service via a specially crafted...
ROS-20250203-05
Vulnerability of vim text editor is related to buffer overflow in the heap, when switching to other buffers using the :all command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code The vim text editor vulnerability is related to bounds errors when processing...
ROS-20250203-04
A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding the buffer boundaries in memory as a result of incorrect comparison of file checksums. Exploitation exploitation of the vulnerability could allow a remote intruder to...
ROS-20250203-02
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotelyThe Etcd configuration parameter storage vulnerability of Etcd configuration parameters i...
ROS-20250203-14
A vulnerability in the Action Dispatch component of the Ruby on Rails software platform is related to insufficient validation of user input in Action Dispatch. insufficient validation of user input data in Action Dispatch. Exploitation of the vulnerability could allow an attacker acting remotely ...
ROS-20250203-06
A vulnerability in the LibreOffice office suite is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to disclose confidential information LibreOffice office suite vulnerability is related to incorrect path name restriction to a...
ROS-20250203-03
A vulnerability in the Microsoft .NET software platform is related to incorrect processing of the search path to DLLs. DLLs. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250203-01
A vulnerability in the QSvgFont Qt SVG feature of the Qt cross-platform software development framework is related to catalog traversal. Qt software is related to the ability to bypass a catalog. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250131-01
A vulnerability in the f2fs component of the Linux operating system kernel is related to improper error handling in the f2fsmarkinodedirtysync function in f2fs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsi component of...
ROS-20250130-03
Vulnerability of ma35d1serialprobe function in drivers/tty/serial/ma35d1serial.c module of Nuvoton driver MA35D1 of the Linux operating system kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...
ROS-20250130-02
Vulnerability of the nftverdictinit function in the net/netfilter/nftablesapi.c module of the operating system kernel Linux is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of...
ROS-20250130-01
Linux operating system kernel vulnerability is linked to security configuration errors. Exploitation exploitation of the vulnerability could allow an attacker to bypass the secure boot mechanism and escalate privileges...
ROS-20250128-02
Hypervisor vlapicerror function vulnerability is related to access delimitation errors. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Xen hypervisor is related to improper locking in the default VGA implementation...
ROS-20250128-11
A vulnerability in the Podman OCI container management and launching software tool is associated with a breakout of a container using --jobs=2 and a race condition when building a malicious Containerfile. Exploitation of the vulnerability could allow a remote attacker to disrupt the availability ...
ROS-20250128-03
A vulnerability in the Go programming language is related to the fact that the application does not properly control the consumption of internal resources in several Parse functions. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250128-06
A vulnerability in the convertfromstr function of the numpy.core component of the NumPy for Python module is related to an incorrect string comparison. Exploitation of the vulnerability could allow an attacker acting remotely to initiate a copy. remotely to initiate data copying using specially...
ROS-20250128-05
Vulnerability of the library for processing XML and HTML Lxml markup is related to pointer dereferencing errors NULL in the iterwalk function. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20250128-09
A vulnerability in the Container Storage Interface CSI component of the Nomad application orchestrator is related to an improper authorization. Exploitation of the vulnerability could allow an attacker acting remotely, Affect the integrity of protected information...
ROS-20250128-04
Vulnerability of Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in Microsoft .NET...
ROS-20250128-08
Vulnerability in the common.c component of the sysstat utility for measuring and analyzing system performance is related to an integer overflow in the checkoverflow function in common.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250128-01
A firmware vulnerability in Intel Core Ultra processors is related to improper isolation of shared resources between trusted and untrusted agents. shared resources between trusted and untrusted agents. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20250128-10
A vulnerability in the Podman OCI container management and launching software tool is associated with a breakout of a container using --jobs=2 and a race condition when building a malicious Containerfile. Exploitation of the vulnerability could allow a remote attacker to disrupt the availability ...
ROS-20250128-07
A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary commands...
ROS-20250127-03
A vulnerability in the drm/lima components of the Linux operating system kernel is related to incorrect calculation in the virtualncidevwrite function in drivers/nfc/virtualncidev.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in an x8...
ROS-20250127-02
A vulnerability in the Phone Book Access component of the Bluetooth protocol stack for Linux BlueZ is related to a buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code Vulnerability in the Bluetooth technology stack for...
ROS-20250127-01
Vulnerability of striptags function of django.utils.html module of Django web application software platform is related to unrestricted resource allocation as a result of incorrect HTML character escaping. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial ...
ROS-20250123-01
Vulnerability of RDMA/restrack components of Linux operating system kernel is related to incorrect verification of the input data in the rdmarestrackinit and type2str functions in drivers/infiniband/core/restrack.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...
ROS-20250122-01
A vulnerability in the SUNRPC component of the Linux operating system kernel is related to an incorrect lock in the xsgetsrcport function in net/sunrpc/xprtsock.c, in rpcsysfsxprtsrcaddrshow function in net/sunrpc/sysfs.c. Exploitation of the vulnerability could allow an attacker to cause a denia...