7184 matches found
ROS-20241023-09
Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...
ROS-20241023-03
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to improper privilege assignment. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate privileges...
ROS-20241021-08
A vulnerability in the ad4130 component of the Linux operating system kernel is related to incorrect input validation in the ad4130setupintclk function in drivers/iio/adc/ad4130.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service Vulnerability of devlinkin...
ROS-20241021-07
Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service or execute arbitrary code...
ROS-20241021-04
A vulnerability in the Dovecot mail server is related to the fact that the application does not control the consumption of internal resources properly when parsing too large email headers. internal resources properly when parsing excessively large email headers. Exploitation of the vulnerability...
ROS-20241021-06
A vulnerability in the ASGI Starlette toolkit for creating asynchronous Python web services is related to the following the ability for a remote unauthenticated user to view files in a web service. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensiti...
ROS-20241021-01
A vulnerability in the XML toolkit for Ruby REXML is related to parsing XML containing a large number of characters. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service The Ruby REXML XML toolkit vulnerability is related to parsing XML containing a...
ROS-20241021-09
A vulnerability in the ntfs3 component of the Linux operating system kernel is related to read errors outside the bounds in the ntfslistea function in fs/ntfs3/xattr.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the qedr component of...
ROS-20241021-03
Vulnerability of the tic4xprintcond function of the opcodes/tic4x-dis.c component of the GNU development tool Binutils is related to memory initialization errors. Exploitation of the vulnerability allows an attacker, acting remotely, to gain access to confidential data...
ROS-20241021-05
Vulnerability in Sentry SDK real-time crash reporting software is related to a leak of sensitive cookie values. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20241021-02
GNOME Project G libgsf structured file library vulnerability is related to heap-based integer overflow during processing of sector allocation table. heap-based integers when processing the sector allocation table. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20241021-10
The vulnerability of the SI library for asynchronous DNS c-ares queries is related to failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive data, compromis...
ROS-20241017-09
Vulnerability of the alistadd function of the vim text editor is related to memory usage after its after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary autocommands Vulnerability of instypebuf function of vim text editor is related to buffer...
ROS-20241017-10
Dovecot mail server vulnerability is related to unrestricted resource allocation. Exploitation The vulnerability could allow an attacker acting remotely to perform a denial of service...
ROS-20241017-11
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-14
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-15
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-16
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-07
Apache Portable Runtime library vulnerability is related to the ability to read named shared memory segments. memory. Exploitation of the vulnerability could allow an attacker for a critical resource to gain access to sensitive information...
ROS-20241017-05
A vulnerability in the Redis database management system DBMS is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting a specially crafted lua script Redis database management system DBMS vulnerability is...
ROS-20241017-04
A vulnerability in the Microsoft .NET software platform involves inefficient algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Microsoft .NET software platform is related to post-release memory...
ROS-20241017-08
Vulnerability in the 'http.cookies' standard library module of the Python programming language interpreter CPython is related to inefficient regular expression complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241017-06
A vulnerability in the PeCoffLoaderRelocateImage function of the Tianocore EDK2 library is related to the invocation of memory corruption memory due to overflow through a contiguous network. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to...
ROS-20241017-02
Vulnerability in the "CONNECT", "DISCONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" components of the message broker Eclipse Mosquitto is related to segmentation errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive...
ROS-20241017-01
A vulnerability in the golang package of the Debian GNU/Linux operating system is related to incorrect control of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Golang programming languag...
ROS-20241017-03
Vulnerability of toremote function scp.c of OpenSSH cryptographic protection tool exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary command...
ROS-20241017-18
Vulnerability in the 'http.cookies' standard library module of the Python programming language interpreter CPython is related to inefficient regular expression complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241016-01
Vulnerability of nvmet-tcp component of Linux kernel is related to dereferencing of NULL pointer in the nvmettcpinstallqueue function in drivers/nvme/target/tcp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in iwldeallocucode function in...
ROS-20241016-02
A vulnerability in the nilfs2 component of the Linux kernel is related to information disclosure in the functions nilfspreparesegmentforrecovery, nilfsrecoverycopyblock, and nilfsrecoverdsyncblocks in the fs/nilfs2/recovery.c. Exploitation of the vulnerability could allow an attacker to gain acce...
ROS-20241015-14
A vulnerability in the PHP programming language interpreter exists due to a failure to take measures to neutralize the special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
ROS-20241015-16
A vulnerability in the Networking component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect authorization. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity ...
ROS-20241015-17
A vulnerability in the Networking component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect authorization. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity ...
ROS-20241015-10
The vulnerability of the checkbyssh.c component of the Nagios-plugins monitoring system plugin set is related to the following failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability could allow an attacker acting remotely to...
ROS-20241015-12
A vulnerability in the tunnels component of the Linux operating system kernel is related to read errors outside the bounds in the iptunnelpmtudbuildicmpv6 function in net/ipv4/iptunnelcore.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...
ROS-20241015-05
Nano text editor vulnerability is related to temporary file handling errors. Exploitation exploitation of the vulnerability could allow an attacker to affect data integrity...
ROS-20241015-01
Vulnerability in the Image Element Handler component of the Haskell library for conversion from markup formats Pandoc is related to the provision of a specially crafted image element as input when creating files using the --extract-media parameter or outputting to PDF. file creation using the...
ROS-20241015-13
A vulnerability in the libceph component of the Linux kernel is related to incorrect input validation of the in the getreply and prepnextsparseread functions in net/ceph/osdclient.c, in the decrypttail and preparereadtailplain in net/ceph/messengerv2.c, in sizeoffooter, readpartialsparsemsgdata,...
ROS-20241015-11
A vulnerability in the PHP programming language interpreter exists due to a failure to neutralize special elements. special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
ROS-20241015-04
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect resource clearing or release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20241015-07
Vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to errors in applying policies related to the converged encryption feature. Exploitation of the of the vulnerability could allow an attacker acting remotely to decrypt arbitrary encrypted...
ROS-20241015-03
Nomad application orchestrator vulnerability related to improper link resolution before accessing a file. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an attacker to execute arbitrary code...
ROS-20241015-15
A vulnerability in the PHP programming language interpreter exists due to a failure to take measures to neutralize the special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
ROS-20241015-08
A vulnerability in the Jenkins Automation Server is related to an issue with item creation constraint bypass. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the restrictions and create a temporary item The Jenkins Automation Server vulnerability exists because...
ROS-20241015-09
A vulnerability in the Golang programming language is related to the lack of value cleanup. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20241015-02
The vulnerability in the Xen hypervisor is related to a logic error caused by branch type confusion when implementing an of early patches. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information and escalate privileges on the system...
ROS-20241015-06
A vulnerability in the OpenJPEG image encoding and decoding library is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20241011-02
Vulnerability of smb2probe function in drivers/power/supply/qcompmi8998charger.c module of power supply driver of Linux kernel is related to pointer dereferencing error. of the Linux kernel power supply driver is related to a pointer dereferencing error. Exploitation the vulnerability could allow...
ROS-20241011-01
A vulnerability in the NFSD component of the Linux operating system kernel is related to a READDIR buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the dbgfs component of the Linux operating system kernel is related to...
ROS-20241009-01
Vulnerability in libcmalloc component of virtuoso-opensource web application development platform is related to incorrect neutralization of special elements used in SQL command. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by using special...
ROS-20241009-02
A vulnerability exists in Firefox ESR and Firefox due to a type error when searching for a property name in the "with" block. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Firefox browser vulnerability, Firefox ESR vulnerability is related to...