7184 matches found
ROS-20240828-02
A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20240827-17
Vulnerability in the /api/v1/alerts file of the Prometheus monitoring system component for processing alerts Alertmanager is related to incorrect neutralization of input data during web page generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240828-03
Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the incorrect handling of exceptional conditions with improper handling of exceptional conditions. Exploitation of the vulnerability could allow a remote attacker to use memory after it has been...
ROS-20240828-08
Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to using uninitialized resource. is related to the use of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in...
ROS-20240827-01
A vulnerability in the modwsgi module of the Apache web server is related to errors in X-Client-IP header processing. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to network services. access to network services...
ROS-20240827-07
Vulnerability in UnlinkedWikibase extension of a software tool for implementing hypertext environments MediaWiki is related to improper input neutralization during web page creation. Exploitation The vulnerability could allow an attacker acting remotely to perform cross-site scripting attacks XSS...
ROS-20240827-03
Vulnerability of the file actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...
ROS-20240827-02
Vulnerability of rfbClientCleanup function of libvncclient component of LibVNCServer cross-platform library is related to a memory leak. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240827-12
A vulnerability in the cfgmarkports function of the Unbound DNS server is related to heap buffer overflow errors. Exploitation of the vulnerability allows an attacker acting remotely to cause denial of service or unauthorized actions on the system. A vulnerability in the ubctxsetfwd function of t...
ROS-20240828-06
A vulnerability in the LibTIFF library is related to null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240828-01
A vulnerability in the koji RPM-based build system is related to improper neutralization of input data during the during web page generation. Exploitation of the vulnerability could allow an attacker to conduct XSS attacks using a specially crafted web interface. using a specially crafted web...
ROS-20240827-16
A vulnerability in the C-ares asynchronous DNS query library is related to uncontrolled resource consumption in the event of misinterpretation of packet length. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a corrupted UDP packet...
ROS-20240827-19
The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...
ROS-20240827-06
The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...
ROS-20240827-05
The Unbound DNS server vulnerability is related to the ability of a process outside of the unbound group to reconfigure the of the unbound execution environment. Exploitation of the vulnerability allows an attacker acting remotely to impact the integrity and availability of the system. Impact the...
ROS-20240827-04
A vulnerability in the CGI component of the Ruby programming language is related to the occurrence of an interpretation conflict when inserting unreliable input data into HTTP response header. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data...
ROS-20240828-07
A vulnerability in the ice component of the Linux operating system kernel is related to the rapid removal and launch of VF Commit. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the kmalloc function in the iouring component of the Linux...
ROS-20240827-18
Vulnerability of the actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb file of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...
ROS-20240827-14
A vulnerability in the Pydantic data validation library involves the use of regular expressions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240827-09
A vulnerability in GLPI's computer hardware requisition, incident, and inventory system is related to external file name or path control. Exploitation of the vulnerability could allow an attacker acting remotely, to upload a malicious PHP script and hijack the plugin loader to execute that...
ROS-20240827-13
A vulnerability in the UltraJSON package of the Python programming language is related to the implementation of an incorrect control flow control flow. Exploitation of the vulnerability could allow an attacker acting remotely to cause impact data integrity...
ROS-20240826-02
Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...
ROS-20240826-05
Vulnerability in FontForge font editing software exists due to failure to take measures to neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...
ROS-20240826-19
Vulnerability in Wheel Python Packaging Authority package installation tools is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240826-21
Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...
ROS-20240826-14
A vulnerability in Graphviz graph visualization application is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted config6a file. a specially crafted config6a file...
ROS-20240826-22
Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...
ROS-20240826-20
Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file Vulnerability of net/http and net/http2 libraries of Go programming language in...
ROS-20240826-24
Vulnerability of pygments/lexers/smithy.py file of SmithyLexer component of syntax highlighting program Pygments is related to the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240826-04
A vulnerability exists in the Apache Derby database management system due to failure to take measures to to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the database. remotely to gain unauthorized access to t...
ROS-20240826-12
Vulnerability of Ruby programming language components rfc2396parser.rb and rfc3986parser.rb is related to incorrect implementation of processing invalid URLs. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability in the URI component of th...
ROS-20240826-09
The vulnerability in the Time library of the Ruby interpreter is related to the use of regular expression c inefficient computational complexity. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the URI component of the Ruby...
ROS-20240826-08
A vulnerability in the source/blender/imbuf/intern/dds/DirectDrawSurface.cpp component of the Blender software suite of the Blender 3D computer graphics software suite is related to an incorrect assumption about the thread size. thread size. Exploitation of the vulnerability allows an attacker...
ROS-20240826-17
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service Vulnerability of...
ROS-20240826-18
Vulnerability in the .NET development platform of Microsoft's software development tool Visual Studio is related to the transmission of credentials in unencrypted form. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability in the...
ROS-20240826-15
A vulnerability in the ODBC library for UNIX UnixODBC is related to pointer offsets outside of allocated memory. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data and cause a denial of service. data, as well as cause a denial of service...
ROS-20240826-06
A vulnerability in the pdfbasefontalloc function of the Ghostscript document processing, conversion, and generation software suite is related to a buffer overflow resulting from an incorrect buffer overflow. Ghostscript document generation software suite is related to a buffer overflow caused by...
ROS-20240826-03
Vulnerability of ID3Support::ID3v2Frame::getFrameValue function of "exempi" utility is related to writing outside the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240826-11
Vulnerability of Connector/J component of MySQL Connectors driver is related to insufficient input data validation. data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality, integrity...
ROS-20240826-23
A vulnerability in the Blender three-dimensional computer graphics software suite is related to the lack of validation for values less than 0. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause a denial of...
ROS-20240826-07
A vulnerability in the SafeList.preserveRelativeLinks parameter of the Java library for analyzing, retrieving, and manipulating data in HTML jsoup documents is related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker to...
ROS-20240826-13
A vulnerability in the protojson.Unmarshal function of the golang-google-protobuf package of the Golang programming language is related to an infinite loop when anmarshaling certain JSON forms. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ...
ROS-20240826-10
Vulnerability of pygments/lexers/smithy.py file of SmithyLexer component of syntax highlighting program Pygments is related to the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240826-16
A vulnerability in the Concurrency component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK, and Oracle Java SE software platform is related to insufficient input validation. for JDK and Oracle Java SE software platform is related to insufficient input validation...
ROS-20240826-27
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...
ROS-20240826-26
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...
ROS-20240826-25
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...
ROS-20240826-01
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20240823-02
A vulnerability in the Host Authorization Middleware Action Pack component of the Ruby on Rails software platform is related to the creation of "X-Forwarded-Host" headers in combination with certain "authorized host" formats. host." Exploitation of the vulnerability could allow an attacker acting...
ROS-20240823-01
Vulnerability of amdgpurasgetcontext function in drm/amdgpu component of Linux operating system kernel is related to null pointer dereferencing on drmcvtmode failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of brcmfnotifyescancomplete...