ROS-20241009-03

A vulnerability in the ksmbd component of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the vcap component of the Linux operating system kernel is related to memory usage after...

ROS-20241008-09

A vulnerability in the ZFS file system implementation and the OpenZFS open source volume manager is related to replacing the contents of a file with null-valued bytes. Exploitation of the vulnerability could allow an attacker acting remotely to disable security mechanisms...

ROS-20241008-05

A vulnerability in the ProcXkbGetKbdByName function of the xkb/xkb.c component of the Wayland protocol implementation for X.Org XWayland, an implementation of the X Window System X.Org Server is related to incorrect memory freeing before deleting the last link. Exploitation of the vulnerability...

ROS-20241008-07

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. The vulnerability can be exploited by the GLPI system of requests, incidents and inventory of computer equipment. GLPI computer hardware vulnerability is related ...

ROS-20241008-08

Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...

ROS-20241008-10

Vulnerability of u32initknode function in net/sched/clsu32.c module of Linux kernel is related to reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information or elevate their...

ROS-20241008-06

Vulnerability of the XTestSwapFakeInput function of the X Window System X.Org Server implementation, an implementation of the Wayland Wayland protocol for X.Org XWayland is related to writing outside buffer boundaries. Exploitation of the vulnerability allows an attacker acting remotely to gain...

ROS-20241008-01

Vulnerability in the DWARF Object Handler component of the library for providing access to debugging information DWARF libdwarf is associated with a re-release vulnerability. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a memory leak...

ROS-20241008-03

A vulnerability in the TLS protocol implementation of Apache Tomcat application server is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service...

ROS-20241008-04

A vulnerability in the RSS function of the QEMU hardware emulator is related to setting too large a value, causing an index out-of-bounds problem. values, causing a problem with the index going out of bounds. Exploitation of the vulnerability could allow an attacker acting locally to cause a deni...

ROS-20241008-02

A vulnerability in the Portainer container management platform is related to an improperly used algorithm encryption algorithm in the AesEncrypt function. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the confidentiality, integrity, and availability of...

ROS-20241004-06

A vulnerability in the ksmbd component of the Linux operating system kernel is related to a link reset after using the opinfo. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

ROS-20241004-07

A vulnerability in the iouring component of the Linux operating system kernel is related to the reuse of previously released memory due to competitive access to a resource race condition in the scmfpcopy function in the net/core/scm.c module. Exploitation of the vulnerability could allow an...

ROS-20241004-04

The vulnerability of the filemapcachestat function in the mm/filemap.c module of the memory management subsystem of the kernel of Linux operating system is related to memory usage after its release. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

ROS-20241004-03

Vulnerability in the Ceph storage driver net/ceph/messengerv2.c of the kernel of the operating systems Linux kernel is related to operation out of buffer boundaries in memory when processing frame segment length with the parameter cephdecode32. Exploitation of the vulnerability could allow an...

ROS-20241004-05

A vulnerability in the s390/ptrace component of the Linux kernel is related to incorrect processing of the fpc register settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the sc16is7xx component of the Linux kernel is related to...

ROS-20241004-08

A vulnerability in the logitech-hidpp component of the Linux operating system kernel is related to a kernel crash when disconnecting the USB receiver. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

ROS-20241004-09

Vulnerability of the matchflags function of the Netfilter subsystem of the Linux kernel is related to the reading of data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of...

ROS-20241004-01

Vulnerability of ext4remount function of the Linux kernel is related to memory usage after when processing old CONFIGQUOTA file names. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of protected information. protected information...

ROS-20241004-02

Vulnerability of the mremap function of Linux kernel operating systems is related to memory usage after its release as a result of a race situation when processing the rmap memory management structure. Exploitation of the vulnerability could allow an attacker to cause a denial of service or eleva...

ROS-20241003-01

Vulnerability of dmaentryalloccheckleak function of dma-debug component of Linux operating system kernel is related to incorrect locking. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in the vaddr-test component of the Linux operati...

ROS-20241001-11

A vulnerability in the SSL Certifi certificate validation package is related to insufficient validation of the data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to affect the system integrity...

ROS-20241001-29

A vulnerability in the curl program is related to improper certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system...

ROS-20241002-06

A vulnerability in the iommu/arm-smmu-v3 component of the Linux operating system kernel is related to soft locking, caused by armsmmumminvalidaterange. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the erofs component of the Linux...

ROS-20241001-16

The compiler vulnerability for writing Babel JavaScript code is related to the use of plugins that rely on Babel's internal path.evaluate or path.evaluateTruthy methods. Exploitation of the of the vulnerability could allow an attacker to execute arbitrary code...

ROS-20241001-10

A vulnerability in the Parse function of the Go programming language is related to uncontrolled recursion. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. A vulnerability in the Decoder.Decode function of the Go programming language is...

ROS-20241001-09

A vulnerability in the curl program is related to improper certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system...

ROS-20241002-02

Vulnerability of the tcindex indexing filter net/sched/clstcindex.c in the kernel of the of the Linux operating system is related to incorrect filter management, which leads to the repeated freeing previously freed memory. Exploitation of the vulnerability could allow an attacker to elevate...

ROS-20241001-13

A vulnerability in the Botan C++ cryptographic library is related to asymmetric resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the C++ Botan cryptographic library is related to errors in parsing...

ROS-20241001-12

QEMU hardware emulator vulnerability is related to synchronization errors. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20241001-14

A vulnerability in the Nokogiri software library is related to the use of an inefficient regular expression. expression. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of denial of service...

ROS-20241001-15

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Rails Rails Html Sanitizer applications is related to incorrect use of select and style elements when overriding allowed tags. Exploitation of the vulnerability could allow an attacker acting remotely to perfor...

ROS-20241002-01

A vulnerability in the btsdioremove function of the drivers\bluetooth\btsdio.c module of the Bluetooth driver of the kernel of the of the Linux operating system is related to the reuse of previously freed memory due to the state of the race. Exploitation of the vulnerability could allow an attack...

ROS-20241002-04

A vulnerability in the xenvifgetrequests function in the drivers/net/xen-netback/netback.c module of the cross-platform Xen hypervisor of the Linux kernel is related to the null pointer dereferencing in the function xenvifgetrequests. Exploiting the vulnerability could allow an attacker to cause ...

ROS-20241002-03

Vulnerability of btrfsgetrootref function in fs/btrfs/disk-io.c module of btrfs file system of Linux kernel is related to reuse of previously freed memory. of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker t...

ROS-20241002-05

A vulnerability in the PWM PWM device driver of the Linux kernel operating system is related to reading memory outside of the allocated buffer. Exploitation of the vulnerability could allow An intruder can affect confidentiality, integrity and availability of protected information Vulnerability o...

ROS-20241001-06

A vulnerability in the Runc isolated container launch tool is related to race condition, that allows link tracking. Exploitation of the vulnerability could allow an attacker to impact data integrity...

ROS-20241001-02

Vulnerability of html/template package of Golang programming language is related to incorrect handling of &ltscript&gt occurrences of &ltscript&gt, &lt!--&gt and &lt/script&gt in JS literals in &ltscript&gt contexts. Exploitation vulnerability could allow an attacker acting remotely to perform an...

ROS-20241001-05

A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...

ROS-20250203-10

A vulnerability in the SSLselectnextproto function of the OpenSSL TLS and SSL protocols toolkit is related to the information disclosure. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data and cause a denial of service...

ROS-20241001-03

An HTTP server vulnerability for Ruby/Rack application Puma is related to a flaw in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTTP request HTTP Request Smuggling attack The HTTP server...

ROS-20241001-07

Vulnerability in DecodeConfig component of Golang programming language is related to incorrect normalization of HTTP Location header. HTTP Location header. Exploitation of the vulnerability could allow an attacker acting remotely, redirect the user to a malicious site...

ROS-20241001-04

Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...

ROS-20241001-08

Vulnerability of SPRT dissector of Wireshark computer network traffic analyzer related to access to an uninitialized pointer. uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service via packet injection or a specially crafted capture...

ROS-20241001-01

VLC Media Player vulnerability is related to integer overflow, which can be caused by a malicious mms stream. caused by a malicious mms stream. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240927-02

A vulnerability in the Google Chrome browser is related to the execution of certain user interface gestures Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed the user interface using a specially crafted HTML page A vulnerability in Google Chrome browse...

ROS-20240927-06

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

ROS-20240927-14

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

ROS-20240927-04

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

ROS-20240927-15

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...