8181 matches found
ROS-20250819-04
Vulnerability of libarchive library for reading and writing archives in different formats is related to null pointer dereferencing in headerpaxextension function in rchivereadsupportformatformattar.c:1844:8. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a...
ROS-20250819-01
Moodle virtual learning environment vulnerability related to IDOR issue in Feedback report. Exploitation The vulnerability could allow an attacker acting remotely to gain unauthorized access to features that would otherwise be restricted. functions that would otherwise be limited to Vulnerability...
ROS-20250819-02
Vulnerability in dfeninorder component of virtuoso-opensource web application development platform is related to creation of special SQL statements. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an attacker to cause a denial of service...
ROS-20250819-03
A vulnerability in the multi-platform database tool dbeaver is related to an improper restriction of a reference to an external XML entity. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...
ROS-20250819-12
Vulnerability of configuration management and remote Salt operations execution system is related to incorrect input data validation in the findfile method of the GitFS class. Exploitation of the vulnerability could allow an attacker to manipulate files and directories Vulnerability in the Salt...
ROS-20250819-13
A vulnerability in Salt's configuration management and remote execution system is related to the overwriting of the of the VirtKey class. Exploitation of the vulnerability could allow an attacker to bypass security restrictions. security Vulnerability in the system of configuration management and...
ROS-20250819-05
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...
ROS-20250818-05
Wireshark computer network traffic analyzer vulnerability related to insufficient validation of user data in GQUIC dissector. of user data in the GQUIC dissector. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a denial of service...
ROS-20250818-06
A vulnerability in the fs/hfs.c file of the hfs component of the Grub2 operating system boot loader is related to writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user using a speciall...
ROS-20250818-01
In the gffilterpidresolvefiletemplateex function file filtercore/filterpid.c, line 9045 there is no check of the pointer to NULL before calling the strncmp function. This allows an attacker to to generate a media file with incorrect metadata containing incorrect URLs or HTML tags, which results i...
ROS-20250818-02
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...
ROS-20250818-03
Vulnerability of phpseclib cryptographic protocol library is related to incorrect processing of RSA PKCS1 signature verification. of RSA PKCS1 signatures. Exploitation of the vulnerability could allow an attacker acting remotely, to compromise the target system. A vulnerability in the phpseclib...
ROS-20250818-04
Vulnerability of AmdPspP2CmboxV2 driver in AMD processor firmware is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in AMD processor firmware AmdCpmDisplayFeatureSMM driver is related to insufficient inpu...
ROS-20250814-01
A vulnerability in the MediaWiki hypertext environment implementation software exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct a cross-site scripting XSS attack...
ROS-20250814-02
Ingress controller vulnerability in Kubernetes ingress-nginx cluster is related to errors in the processing of Ingress object annotations. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...
ROS-20250814-12
EMACS text editor vulnerability is related to incorrect input validation of the org-babel-execute:latex in ob-latex.el when processing file or directory names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250814-11
System Management Mode SMM vulnerability in AMD processor firmware is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250814-10
A vulnerability in the mod-copy module of the ProFTPD FTP server is related to a null pointer dereference error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250814-07
A vulnerability in the libxml2 library is related to a post-release usage error in the function xmlXIncludeAddNode in xinclude.c. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...
ROS-20250814-08
Vulnerability of the createInDir function of the glog library of the Golang programming language is related to errors in reference handling. reference handling errors. Exploitation of the vulnerability may allow an attacker to escalate his privileges and gain unauthorized access to protected...
ROS-20250814-09
A vulnerability in the SMM component of AMD graphics processor firmware is related to a insufficient flow control in AmdCpmOemSmm. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A vulnerability in the SMM component of AMD GPU firmware is associated...
ROS-20250814-06
Vulnerability in Iperf3 network throughput measurement tool is related to incorrect processing of test parameters passed to server in json format. test parameters passed to the server in json format. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20250814-04
Vulnerability in the moddavsvn module of the Subversion centralized version control system is related to a bug in the path-based authorization rule lookup. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20250814-03
PowerDNS Recursor DNS server vulnerability is due to insufficient input validation. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...
ROS-20250814-05
Mozilla Firefox browser vulnerability is related to an unchecked return value. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the NSS application development library set of Firefox web browser and Thunderbird email client...
ROS-20250813-01
A vulnerability in the tarfile module of the Python programming language interpreter CPython is associated with incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250813-05
The cross-platform xen hypervisor vulnerability is related to double unlocking when handling x86 guest x86 interrupts. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250813-02
A firmware vulnerability in the Server Board S2600ST Family server boards exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
ROS-20250813-07
A vulnerability in the Java dnsjava DNS implementation is related to incorrect response checking during processing of DNS queries. Exploitation of the vulnerability could allow a remote attacker to bypass the implemented security restrictions. enforced security restrictions...
ROS-20250813-09
A vulnerability in the Wi-Fi WPA Supplicantt secure access client is related to an uncontrolled element of the search path. search path element. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
ROS-20250813-10
A vulnerability in the Wi-Fi WPA Supplicantt secure access client is related to an uncontrolled element of the search path. search path element. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
ROS-20250813-11
A vulnerability in the SMM component of AMD GPU firmware is related to incorrect processing of some special address ranges with invalid entries in the device table DTE. device table entries DTE. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A...
ROS-20250813-08
A vulnerability in the Java dnsjava DNS implementation is related to incorrect response checking during processing of DNS queries. Exploitation of the vulnerability could allow a remote attacker to bypass the implemented security restrictions. enforced security restrictions...
ROS-20250813-06
A vulnerability in a software wrapper that allows arbitrary traffic to be hidden in an encrypted ssl tunnel Stunnel is related to incorrect client certificate validation when using the parameters redirection and VerifyChain parameters. Exploitation of the vulnerability could allow an attacker...
ROS-20250813-03
Vulnerabilities in the UEFI Firmware component of Intel processor firmware are related to input validation flaws. Exploitation of the vulnerability could allow an attacker to elevate their privileges A vulnerability in the Linux kernel mode driver for certain IntelR Ethernet network controllers a...
ROS-20250813-04
VMware Tools suite vulnerability is related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20250812-04
Vulnerability of decodeComponents function of decode-uri-component URI decoder is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20250812-05
A vulnerability in the framework that enables the development and deployment of RESTful services and RESTEasy applications is related to the insecure creation of temporary files. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...
ROS-20250812-06
Vulnerability of Sofia-SIP user agent library session initiation protocol is related to the the ability to write outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code by sending specially crafted STUN packets The...
ROS-20250812-07
A vulnerability in the amazon.aws.ec2instance module of Ansible configuration management is related to an error in the handling of the of the towercallback parameter. Exploitation of the vulnerability allows an attacker acting remotely to gain access sensitive data...
ROS-20250812-08
Apache HTTP Server vulnerability is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to launch an SSRF attack Vulnerability in the modules/proxy/modproxy.c component of the Apache HTTP Server web server is related t...
ROS-20250812-09
A vulnerability in the encrypted function of the cross-platform software development framework Qt is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250812-02
The Liblouis translator vulnerability is due to a bounds error inside the compilePassOpcode function in the compileTranslationTable.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system Liblouis translator vulnerability is related to a boundar...
ROS-20250812-03
The MIFF component of the GraphicsMagick cross-platform graphics library is vulnerable to authorization errors. authorization errors. Exploitation of the vulnerability could allow an attacker to compromise the confidentiality, integrity, and availability of protected information. confidentiality,...
ROS-20250812-01
A vulnerability in the Guzzle HTTP client library of the PHP programming language interpreter is related to an incorrectly implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability i...
ROS-20250808-04
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250808-02
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250808-03
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250808-01
A vulnerability in the Apache HttpClient client module is related to insufficient input validation. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected data or gain access to modify, add, or delete protected data. access to protected data or ga...
ROS-20250808-05
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...