8181 matches found
ROS-20250724-07
A vulnerability in the Microsoft .NET software platform and Microsoft's software development tool Visual Studio is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20250724-09
A vulnerability in the urllib3 module of the Python programming language interpreter is related to incorrect implementation of the Redirect object when processing redirects and retries. implementation of the Redirect object when processing redirects and retries. Exploitation of the vulnerability...
ROS-20250723-01
The vulnerability of the PAM-PKCS11 authentication module of Linux operating systems is related to the fact that the value of the certpolicy defaults to "none". Exploitation of the vulnerability could allow an attacker acting remotely to bypass the authentication process. remotely to bypass the...
ROS-20250722-04
Vulnerability of the glibc system library dlopen function is related to the use of an insecure search path for executable programs when processing the LDLIBRARYPATH variable. executable programs when processing the LDLIBRARYPATH variable. Exploitation of the vulnerability could allow an attacker...
ROS-20250722-01
Vulnerability of the ComposeQueryEngine function UriQuery.c of the URI parsing and processing library uriparser is related to integer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code or cause a denial of service...
ROS-20250722-02
Vulnerabilities in GLPI's asset management and data center software are related to an excessive amount of data output by the application. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially sensitive information...
ROS-20250722-03
A vulnerability in the FreeType font rasterization library is related to reading outside buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending a specially generated file of variant fonts...
ROS-20250721-02
A vulnerability in the assert function of the GNU C Library system library is related to incorrect calculations of the the size of the allocated buffer. Exploitation of the vulnerability could allow an attacker acting remotely, affect the availability of protected information...
ROS-20250721-01
The vulnerability of the iorwinitfile function of the iouring/rw.c module of the asynchronous I/O interface of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...
ROS-20250718-01
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect optimization, where JIT compilation created incorrect code in certain cases. optimization, in which JIT-compilation in certain cases created incorrect code for arguments. arguments. Exploitation...
ROS-20250718-02
The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to the operation exceeding the memory buffer boundaries. memory buffer boundaries. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code or cause a denial of service...
ROS-20250718-03
The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to the operation exceeding the memory buffer boundaries. memory buffer boundaries. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code or cause a denial of service...
ROS-20250717-01
GLPI asset and data center management software vulnerability is related to incorrect access restrictions in the API. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive information...
ROS-20250717-02
Vulnerability of the auxiliary ticket escalation tool in the Escalade GLPI plugin is related to incorrect access controls. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20250717-04
A vulnerability in the Thunderbird email client is related to errors in processing OpenPGP cryptographic signatures. Exploitation of the vulnerability could allow a remote attacker to launch a spoofing attack Vulnerability in the implementation of S/MIME Secure/Multipurpose Internet Mail Extensio...
ROS-20250717-03
A vulnerability in the OpenSC smart card handling library is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250716-02
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise data archiving platforms is related to uncontrolled cancelation of key change and recovery operations by the Vault operator. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250716-01
DNS BIND server vulnerability is related to asymmetric resource consumption. Exploiting the vulnerability Allows a remote attacker to cause a denial of service...
ROS-20250710-12
A vulnerability in the Libexif library for grammar parsing EXIF files is related to an optimization of the compiler optimization that removes buffer overflow protection in libexif. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code on the target...
ROS-20250710-06
The Redis database management system DBMS vulnerability is related to boundary checking errors in parsing file names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250710-04
Tornado asynchronous network library vulnerability is related to excessive logging in parser multipart/form-data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250710-02
Vulnerability in XkbSizeKeySyms function of the Wayland protocol implementation for X.Org XWayland, an implementation of the XWayland Server X Window System X.Org Server is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service or...
ROS-20250710-03
Vulnerability in Update Handler component of Mozilla Firefox, Mozilla Firefox ESR and Mozilla Thunderbird browsers is related to access control flaws. Mozilla Thunderbird is related to access control flaws. Exploitation of the vulnerability could allow An attacker acting remotely could elevate hi...
ROS-20250710-07
YAML LibYAML analysis and creation library vulnerability is related to insufficient validation of user data in the LoadFile method. user data in the LoadFile method. Exploitation of the vulnerability could allow an attacker, acting remotely, to overwrite arbitrary files on the system...
ROS-20250710-09
A vulnerability in the Apache MINA Java network application framework is related to incorrect handling ofjq SSL/TLS closenotify messages, as a result of which the software does not close the connection and keeps the socket open, allowing the client to subsequently receive open socket messages...
ROS-20250710-05
The vulnerability in the Perl programming language is due to the fact that the software uses the function rand as the default entropy source, which is not cryptographically secure. Exploitation of the vulnerability could allow an attacker to bypass the implemented security restrictions...
ROS-20250710-01
Vulnerability in the DoH implementation of the DNS BIND server is related to the allocation of unlimited memory. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250710-11
Vulnerability of PropertyUtilsBean class of Apache Commons Beanutils utility is related to flaws in unbundled access to the class loader. Exploitation of the vulnerability could allow an attacker, acting remotely, execute arbitrary code...
ROS-20250710-08
A vulnerability in the OpenWire command handler of the Apache ActiveMQ software platform is related to a lack of control over user input. control over user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted...
ROS-20250710-13
A vulnerability in the Jackson-databind library of the FasterXML project is related to the recovery of inaccurate data in memory. of invalid data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected...
ROS-20250710-14
Apache Tomcat application server vulnerability is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20250707-03
A vulnerability in the Portainer container management platform is related to the transmission of HTTP headers to the registry. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20250707-04
Vulnerability in FontFaceSet interface of Mozilla Firefox, Firefox ESR browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service WebCompat extension vulnerability in Mozilla Firefox, Firefox ES...
ROS-20250707-02
Vulnerability in the prefix-based ACL policy search mechanism of Nomad application orchestrator is related to incorrect assignment of access control rules. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass existing security mechanisms by creating a job with a...
ROS-20250707-01
A vulnerability in the Konsole terminal emulator of the KDE desktop environment is related to the implementation of an incorrect control flow when processing telnet://, rlogin:// and ssh:// URLs. control flow when handling telnet://, rlogin:// and ssh:// URLs. Exploitation of the vulnerability...
ROS-20250707-06
Vulnerability of the sudo system administration program is related to insufficient implementation of security measures when running sudo with the -h option --host. security measures when sudo is run with the -h --host option. Exploiting the vulnerability could allow an attacker to elevate their...
ROS-20250707-05
A vulnerability in the Google Chrome browser is related to post-release usage errors in Animation in Google Chrome. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system...
ROS-20250703-04
A vulnerability in the cross-platform software development framework Qt is related to the fact that QAbstractOAuth in Qt Network Authorization uses only time to run PRNG Exploitation of this vulnerability could allow an attacker acting remotely to bypass authentication. of the vulnerability could...
ROS-20250703-06
A vulnerability in the mpmathify function of the mpmath library of the Python programming language interpreter is related to the unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ReDos. remotely to cause a deni...
ROS-20250703-03
A vulnerability in the pgAdmin 4 database management tool is related to improper data cleanup, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20250703-05
A vulnerability in the cross-platform software development framework Qt is related to the fact that QAbstractOAuth in Qt Network Authorization uses only time to run PRNG Exploitation of this vulnerability could allow an attacker acting remotely to bypass authentication. of the vulnerability could...
ROS-20250703-12
A vulnerability in the HTTP Requests library of the Python Requests programming language is related to the fact that the library passes .netrc credentials to third parties for certain malicious URLs. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...
ROS-20250703-10
Vulnerability of the Drupal CMS kernel is related to insufficient control over modification of dynamically defined object characteristics. of dynamically defined object characteristics. Exploitation of the vulnerability could allow an attacker, acting remotely. remotely, to execute arbitrary code...
ROS-20250703-11
A vulnerability in the HTTP Requests library of the Python Requests programming language is related to the fact that the library passes .netrc credentials to third parties for certain malicious URLs. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...
ROS-20250703-08
A vulnerability in the Thunderbird email client is related to incorrect processing of the p2-from header. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to...
ROS-20250703-07
A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the libvpx library of the Google Chrome and Microsoft Edge...
ROS-20250703-09
Vulnerability of RoundCube Webmail mail client is related to flaws in deserialization mechanism of from parameter processing. processing the from parameter. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending a specially crafted request...
ROS-20250703-01
Vulnerability in Server Mode LDAP authentication configuration of database management tool pgAdmin 4 is related to incorrect session commit as a result of improper access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the security restrictions...
ROS-20250703-02
A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...
ROS-20250630-09
Vulnerability of net/http, x/net/proxy and x/net/http/httpproxy packages of Go programming language is related to incorrect mapping of hosts to proxy server templates. Exploitation of the vulnerability could allow an intruder to affect confidentiality and availability of protected information A...