8181 matches found
ROS-20251006-11
A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...
ROS-20251006-12
A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...
ROS-20251006-17
The vulnerability of the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20251006-16
A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...
ROS-20251006-02
A vulnerability in the curl program is related to boundary conditions when reading the cookie path. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...
ROS-20251006-01
A vulnerability in the certtool utility of the GnuTLS transport layer security library is related to an operation exceeding the buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251006-06
A vulnerability in the AbuseFilter extension for MediaWiki is related to the fact that an API caller can map a filter condition with AbuseFilter logs. Exploiting the vulnerability could allow an attacker, acting remotely, to gain access to sensitive information...
ROS-20251006-07
The vulnerability of the pamaccess component of the access.conf file of the Linux-PAM authentication module is related to the flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain access t...
ROS-20251006-08
Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to URL redirection to an untrusted site when the redirect parameter is processed. Exploitation of the vulnerability could Allow a remote attacker to impact the confidentiality and integrity of...
ROS-20251006-15
A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...
ROS-20251006-14
A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...
ROS-20251006-13
A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...
ROS-20251006-04
A vulnerability in the GPAC multimedia platform is related to manipulation of the isoffinprocess function of the file src/filters/isoffinread.c of the MP4Box component. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251006-03
A vulnerability in a set of tools that allow companies to manage software subscriptions Candlepin is related to the ability to create data related to another client/tenant. Exploitation vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20251006-05
The vulnerability of the Cockpit server management system is related to the fact that the application does not control the internal resource consumption properly. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251002-03
A vulnerability in Microsoft's .NET software platform is related to the closing of the HTTP/3 stream while writing code for an application, resulting in a race condition in response. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive informatio...
ROS-20251002-01
A vulnerability in the Privoxy proxy server with advanced web content filtering functions is related to insufficient validation of user data in the "processencryptedrequestheaders" function. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...
ROS-20251002-02
A vulnerability in the Netty networking software is associated with incorrect validation of HTTP/1.1 requests. Exploitation of the vulnerability could allow an attacker acting remotely to perform spoofing attacks against HTTP requests. HTTP requests A vulnerability in the Netty networking softwar...
ROS-20251001-01
VMSVGA virtual graphics adapter vulnerability in Oracle VM virtualization software VirtualBox is related to access control flaws resulting from buffer overruns. VirtualBox is related to access delimitation flaws as a result of an operation exceeding the buffer boundaries in memory. Exploitation o...
ROS-20251001-07
A vulnerability in the Iperf3 network bandwidth measurement tool is related to a fill error on the one. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20251001-04
A vulnerability in the gnutlsrnd function of the Samba networking software package is related to the use of insufficiently random values. insufficiently randomized values. Exploitation of the vulnerability could allow an attacker to gain access to confidential data...
ROS-20250930-15
Kea open source DHCP server vulnerability is related to availability checking when processing DHCP packets. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251001-03
A vulnerability in the jQuery library exists due to insufficient cleansing of user-supplied data when passing elements to jQuery DOM methods. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform cross-site scripting attacks...
ROS-20251001-06
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...
ROS-20251001-02
VMSVGA virtual graphics adapter vulnerability in Oracle VM virtualization software VirtualBox is related to access control flaws resulting from buffer overruns. VirtualBox is related to access delimitation flaws as a result of an operation exceeding the buffer boundaries in memory. Exploitation o...
ROS-20251001-08
Vulnerability of cJSON parser is related to boundary conditions in decodearrayindexfrompointer function in cJSONUtils.c. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information...
ROS-20250930-08
Vulnerability of ImageMagick console graphic editor related to format string error in function "InterpretImageFilename" function. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code on the target system, execute arbitrary code on the target system Vulnerabili...
ROS-20250930-03
The polkit service vulnerability is related to a boundary validation error when processing XML policies with a nesting depth of 32 or more elements. of 32 or more elements. Exploitation of the vulnerability could allow an attacker to compromise a compromised vulnerable system...
ROS-20250930-02
A code vulnerability in the Audio Profile AVRCP component of the Bluetooth protocol stack for Linux BlueZ is related to a buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...
ROS-20250930-01
A vulnerability in the library used to read EPUB files libgepub is related to incorrect processing of file size calculations when opening specially crafted EPUB files. file size calculations when opening specially crafted EPUB files. Exploitation of the vulnerability could Allow an attacker to...
ROS-20250930-04
The Open Asset Import Library Assimp 3D model import library implementation vulnerability is related to manipulation of the skinwidth/skinheight argument. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in Open Asset Import Library Assimp 3D...
ROS-20250930-06
Tianocore EDK2 library vulnerability is related to insecure IDT register handling during SMM login. Exploitation of the vulnerability allows an attacker to escalate privileges in the system...
ROS-20250930-05
The Unbound DNS server vulnerability is related to a logical error in the EDNS client subnet ECS implementation. Exploitation of the vulnerability allows a remote attacker to perform cache poisoning attacks...
ROS-20250930-07
Vulnerability of ImageMagick console graphic editor related to format string error in function "InterpretImageFilename" function. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code on the target system, execute arbitrary code on the target system Vulnerabili...
ROS-20250929-15
Vulnerability of modssl function of Apache HTTP Server web server is related to flaws in the procedure of authentication procedure when processing the SSLEngine optional parameter. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using the TLS...
ROS-20250929-14
Vulnerability of the unixstreamreadgeneric function of the net/unix/afunix.c module of the Linux operating system kernel is related to memory usage after memory freeing. Exploitation of the vulnerability could allow an attacker to escalate privileges, bypass existing security mechanisms, and...
ROS-20250929-13
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to with an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability in JavaScript Engine...
ROS-20250929-01
Vulnerability of the library for working with DICOM DCMTK format is related to the operation exceeding the buffer boundaries. memory buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service using a specially crafted DICOM file A vulnerability in the library f...
ROS-20250929-04
Vulnerability of MultipartStream class of the Commons FileUpload library exists due to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service consumption of computational resources using a long string...
ROS-20250929-02
Vulnerability of SRBRoot::addTag function of the library for working with Unicode ICU is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and cause a crash. an attacker to execute arbitrary...
ROS-20250929-05
A vulnerability in the Libarchive library is related to a data bounds checking error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Windows operating system Libarchive library vulnerability is related to integer overflow. Exploitation of the vulnerability cou...
ROS-20250929-03
A vulnerability in a perl module that provides a convenient way to describe rules for searching files and directories File-Find-Rule is related to incorrect input validation when grep is detected. directories File-Find-Rule is related to incorrect input validation when grep detects a specially...
ROS-20250929-09
AMD processor firmware vulnerability is related to insufficient protection of service data. data. Exploitation of the vulnerability could allow an intruder to disclose protected information AMD processor firmware vulnerability is related to insufficient protection of service data. data...
ROS-20250929-11
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20250929-08
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information A vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is...
ROS-20250929-06
A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...
ROS-20250929-07
A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...
ROS-20250929-10
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...
ROS-20250929-12
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to with an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability in JavaScript Engine...
ROS-20250925-01
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...