7184 matches found
ROS-20240904-15
Vulnerabilities in the implementation of the Kerberos protocol of Windows operating systems are related to flaws in the in access control. Exploitation of the vulnerability could allow a remote attacker, escalate their privileges...
ROS-20240905-02
A vulnerability in the Python programming language interpreter CPython is related to incorrectly enclosing newline characters in quotation marks for email headers when serializing a message. newline quotes for email headers when serializing a message. Exploitation vulnerability could allow an...
ROS-20240905-01
Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...
ROS-20240904-14
A vulnerability in Performance Co-Pilot performance monitoring and visualization software PCP is related to the mixed privilege levels used by systemd services associated with PCP. Exploitation of the vulnerability could allow an attacker to execute a symbolic link attack and break the isolation ...
ROS-20240904-16
A vulnerability in the export.c file in the exporttga function of the libcaca graphics library for converting an image to ASCII ART is related to the operation exceeding memory buffer limits. image to ASCII ART is related to the operation exceeding the buffer boundaries in memory. Exploitation of...
ROS-20240904-04
A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation The vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information by sending specially crafted IPv6 packets. availabilit...
ROS-20240904-01
Vulnerability of the getedge function of the ospfte.c file of the OSPF Daemonr component of the software tool for implementing network routing on Unix-like systems FRRouting is related to resource release errors. network routing on Unix-like systems FRRouting is related to resource release errors...
ROS-20240904-05
Node.js software platform vulnerability is related to improper access control. Exploitation vulnerability could allow an attacker to execute arbitrary code...
ROS-20240904-08
Vulnerability in the MHDcreatepostprocessor function of the HTTP libmicrohttpd web server implementation is related to a improper parsing of the multipart/form-data boundary. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240904-02
Vulnerability of Microsoft .NET software platforms and Microsoft software development tools Visual Studio is related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240904-06
A vulnerability in the yasmintnumcopy function of the YASM assembler is related to the lack of memory release after the effective lifetime. Exploitation of the vulnerability could allow an attacker to gain access to the sensitive data...
ROS-20240904-03
A vulnerability in the Gstreamer multimedia framework is associated with an integer overflow when processing EXIF file metadata. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240904-09
A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...
ROS-20240904-10
A vulnerability in the Clojure dynamic programming language is related to the deserialization of untrusted data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Clojure dynamic programming language is related to the...
ROS-20240904-11
A vulnerability in the implementation of the PEAP Protected Extensible Authentication Protocol protocol of the Wi-Fi WPA Supplicant client is caused by flaws in the authorization procedure. Wi-Fi WPA Supplicant is caused by a flaw in the authorization procedure. Exploitation of the vulnerability...
ROS-20240904-07
A vulnerability in the Python programming language interpreter CPython is related to a loop with an unreachable exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240904-12
A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240902-20
A vulnerability in the KeePass password manager is related to unencrypted storage of critical information. Exploitation of the vulnerability could allow an attacker to obtain passwords in clear form...
ROS-20240902-19
A vulnerability exists in the phpMyAdmin database administration web application due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...
ROS-20240902-21
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240902-15
A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240902-01
A vulnerability in Intel Microcode processor microcode is related to the possibility of unauthorized bug injection. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause a denial of service. Intel Microcode processor...
ROS-20240902-18
A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...
ROS-20240902-13
A vulnerability in the Go Getter library is related to a Git update for an existing maliciously modified Git configuration. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240902-11
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to too soft memory allocation checks in Angle for GLSL shaders. with too soft memory allocation checks in Angle for GLSL shaders. Exploitation of the vulnerability could Allow an attacker acting...
ROS-20240902-02
A vulnerability in the implementation of the INVD processor instruction for virtual machines running on servers with AMD processors is associated with loss or omission of information. AMD processors is associated with information loss or skipping. Exploitation of the vulnerability could allow An...
ROS-20240902-12
The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials...
ROS-20240902-09
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240902-23
A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...
ROS-20240902-08
A vulnerability in the bus lockout regulator mechanism for some Intel processor models is associated with a a security mechanism failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service A firmware vulnerability in Intel Xeon D processors involves an incorrec...
ROS-20240902-03
Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...
ROS-20240902-07
A vulnerability in the cpio binary archiver is related to regression when using the command line parameter --no-absolute-filenames. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240902-06
Vulnerability of swfgetstring function of GPAC multimedia platform, is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the gfdashsetupperio...
ROS-20240902-05
Vulnerability of tgetstr component in tinfo/libtermcap.c library for terminal I/O management ncurses is related to the dereferencing of a NULL pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240902-16
The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials A vulnerability in the net/http module o...
ROS-20240902-14
Vulnerability of HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to incorrect processing of requests coming from unauthorized IP addresses. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20240902-22
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240902-10
GdkPixbuf image loading library vulnerability is related to heap memory corruption in aniloadchunk. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240902-17
A vulnerability in the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays is related to a stack-based buffer overflow. GStreamer ORC data arrays is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an...
ROS-20240902-04
A vulnerability in the xmlattr filter of the Jinja2 templating engine for the Python programming language is related to the failure to take measures to protect the structure of a web page. to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240830-01
Vulnerability of the rndissetresponse function in the rndis component of the Linux kernel is related to the "BufOffset + 8" operation, which can cause an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vrr compone...
ROS-20240829-02
A vulnerability in the hciqca component of the Linux operating system kernel is related to memory usage after a release. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the gso component of the Linux operating system kernel is related to the...
ROS-20240829-01
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to resource release errors. resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the Core component of the Oracle V...
ROS-20240828-05
Vulnerability in the Connector/J component of the MySQL Connectors driver of the Oracle database management system MySQL exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data...
ROS-20240828-04
A vulnerability in OpenVPN software is related to the lack of uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240827-15
A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...
ROS-20240827-10
A vulnerability in the File Name Handler component of the vim text editor exists due to a bug in the use of pointers after memory release in the dialogchanged function. pointers after memory release in dialogchanged function. Exploitation of the vulnerability could allow an an attacker to cause a...
ROS-20240827-11
Vulnerability in the HTTP2 Stream Handler component of Apache Tomcat application server is related to insufficient exceptional state handling. exceptional state handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a...
ROS-20240827-08
Vulnerability in FontForge font editing software exists due to failure to take measures to neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
ROS-20240827-20
The vulnerability in the Ruby interpreter is related to improper neutralization of input data during generation of the of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Ruby...