8181 matches found
ROS-20250808-07
The vulnerability in the GoBGP border gateway protocol is related to the lack of input data length conformance checking. where all bytes are available for an RTR message. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service A vulnerability in the...
ROS-20250808-06
A vulnerability in the Golang programming language is related to the handling of untrusted version control system VCS repositories that contain malicious configuration. Version Control System VCS repositories containing malicious configuration. Exploitation of the vulnerability could allow an...
ROS-20250807-01
A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...
ROS-20250807-02
The vulnerability of the Podman OCI container management and launching software tool is related to errors in the in the certificate authentication procedure. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...
ROS-20250807-05
The vulnerability of the RESTEasy software tool is related to incorrect input data validation, leading to the return of an invalid header that is integrated into the server response. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code A vulnerabilit...
ROS-20250807-03
Libjxl library vulnerability is related to boundary conditions when working with EXIF files. Exploitation The vulnerability could allow a remote attacker to gain access to potentially sensitive information...
ROS-20250807-04
Git distributed version control system vulnerability in software development tools Microsoft Visual Studio is related to the use of an unreliable search path when spell checking of cloned repositories. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when clonin...
ROS-20250807-06
Vulnerability in vim text editor is related to input validation errors when processing directory traversal sequences in the tar.vim plugin. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in vim text editor is related to input validation errors wh...
ROS-20250806-02
A vulnerability in the modauthopenidc module of the Apache HTTP Server HTTPD web server is related to insufficient user data validation when OIDCPreservePost is enabled in modauthopenidc. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250806-01
Squid proxy server vulnerability is related to buffer overflow in dynamic memory when processing URN headers. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted HTTP requests. arbitrary code by sending specially crafted HTTP...
ROS-20250806-12
A vulnerability in the mtr network diagnostic tool is related to improper handling of an item specified in the MTRPACKET environment variable. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20250806-09
A vulnerability in the MongoDB database management system server is related to excessive iteration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service MongoDB database management system vulnerability is related to the fact that the software stor...
ROS-20250806-05
A vulnerability in the Job Invocation component of tfm-rubygem-foremanansible is related to data manipulation. Exploitation of the vulnerability could allow an attacker acting remotely to view the job invocation, searching for passwords and other sensitive data...
ROS-20250806-07
The libblockdev library vulnerability is related to file system mount and drive management as a result of incorrect access delimitation when accessing the udisks daemon. as a result of incorrect access delimitation when accessing the udisks daemon. Exploitation of the vulnerability could allow an...
ROS-20250806-08
A vulnerability in the MongoDB database management system server is related to excessive iteration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service MongoDB database management system vulnerability is related to the fact that the software stor...
ROS-20250806-06
Vulnerability in the libxml2 XML file parsing library is related to boundary checking errors in the shell xmllint - shell.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...
ROS-20250806-03
Vulnerability of network traffic analysis software tcpdump is related to boundary conditions in libpcap when reading pcapng. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20250806-10
A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by using a specially crafted HTML page A vulnerability in the V8...
ROS-20250806-11
A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of registration data. inadequate protection of login credentials. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to...
ROS-20250806-04
Vulnerability of the Connector/J subcomponent of the MySQL Connectors driver of the Oracle database management system MySQL is related to insufficient access control. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected data...
ROS-20250806-13
Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the crypto-elliptic component of the Golang programming language is related to the...
ROS-20250804-02
A vulnerability in Apache Kafka Message Manager is related to flaws in the deserialization mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in sasl.oauthbearer.token.endpoint.url and sasl.oauthbearer.jwks.endpoint.url client...
ROS-20250804-03
Vulnerability of NCompress::NRar5::CDecoder method of RAR5 decoder of 7-Zip archiver is related to possibility of heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability of NArchive::NCom::CHandler::GetStream metho...
ROS-20250804-04
Vulnerability of the vsockremovesock function of the net/vmwvsock/afvsock.c module of the Linux kernel network functions implementation of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an intruder to affect the...
ROS-20250804-01
A vulnerability in the cURL command line utility interface is related to the allocation of unlimited memory when processing HTTP headers. HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20250804-21
A vulnerability in the cURL command line utility interface is related to the allocation of unlimited memory when processing HTTP headers. HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20250801-01
A vulnerability in a set of add-on tools and libraries for the Go language designed to integrate with the OpenTelemetry, OpenTelemetry-Go Contrib is related to unconstrained and unregulated resource allocation when adding net.peer.sock.addr and net.peer.sock.port tags. regulation when adding...
ROS-20250801-02
Vulnerability of vfiopcidevindenylist function of Linux kernel is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker to affect the integrity and availability of protected information...
ROS-20250731-03
A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20250731-04
A vulnerability in the Alerts & IRM service of the Grafana monitoring and surveillance platform is related to Insufficient protection of service data when connected to a DingDing contact point. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected...
ROS-20250731-05
A vulnerability in the Moby open source container framework is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250731-02
A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information...
ROS-20250731-01
Vulnerability in the implementation of OAuth request signing logic for Python OAuthLib is due to insufficient user data validation in urivalidate functions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250730-01
A vulnerability in the Navigations component of the Google Chrome and Microsoft Edge browsers is related to a flaw in the source validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions with a specially crafted HTML...
ROS-20250729-07
A vulnerability in FreeIPA's centralized user identity management system is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges to the level of a domain administrator and impact the domain. remotely, escalate the...
ROS-20250729-01
A vulnerability in the django.utils.html.urlize function of the Django web application software platform is related to an incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the Django w...
ROS-20250729-06
A vulnerability in FreeIPA's centralized user identity management system is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges to the level of a domain administrator and impact the domain. remotely, escalate the...
ROS-20250729-03
A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...
ROS-20250729-04
A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...
ROS-20250729-05
A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...
ROS-20250729-02
A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...
ROS-20250724-02
A vulnerability in the Cockpit server management system is related to the failure to clean data at the at the management level. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
ROS-20250724-03
A vulnerability in the Ansible configuration management system is related to the fact that the application allows the use a hostvars object to reference and execute template content. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security...
ROS-20250724-06
A vulnerability in the Ruby websocket-extensions module that supports the implementation of WebSocket extensions is related to spending quadratic time parsing a header containing an unclosed string parameter value, which is a repeating two-byte sequence of backslash and some of backslash and some...
ROS-20250724-04
The vulnerability of the fstrflocaltime function of the jq functional programming language is related to the use of memory after its release. memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, affect the availability of protected information...
ROS-20250724-10
A vulnerability in the LibSSH client authentication library is related to boundary conditions in the function sftphandle... Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information...
ROS-20250724-05
A vulnerability in the FCGI web server-application interaction library for Perl is related to the inclusion of code from libfcgi/fcgiapp.c that is prone to integer overflow. Exploitation of the vulnerability could Allow a remote attacker to execute arbitrary code on the target system...
ROS-20250724-01
Vulnerability of amdgpucswaitallfences function in drivers/gpu/drm/amd/amdgpu/amdgpucs.c driver module amdgpu of AMD Radeon video cards in the Linux kernel is related to the reuse of previously released memory due to competitive access to the resource race condition. Exploitation of the...
ROS-20250724-08
A vulnerability in the Grafana monitoring and surveillance platform is related to insufficient input validation data when processing panel headers or names. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250724-07
A vulnerability in the Microsoft .NET software platform and Microsoft's software development tool Visual Studio is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...