8181 matches found
ROS-20250619-04
Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...
ROS-20250619-06
Dante proxy server vulnerability is related to improper access restrictions in certain configurations of sockd.conf that includes socksmethod. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the...
ROS-20250619-02
A vulnerability in the Net::IMAP module of the Ruby programming language is related to uncontrolled memory allocation. memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20250619-09
The vulnerability in the Golang programming language is related to input validation errors when processing directory traversal sequences in file names. Exploitation of the vulnerability could allow an attacker to perform directory traversal attacks...
ROS-20250619-07
Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to a lack of quota checking for attachments. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in cloud software for creating and...
ROS-20250619-08
The h11 library vulnerability is related to flaws in HTTP request processing. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information. of protected information...
ROS-20250616-25
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250616-26
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250616-24
The vulnerability of the Zabbix universal monitoring system web-integrity is related to the failure to take measures to protect the web page structure. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct a cross-site scripting attack b...
ROS-20250616-22
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250616-23
The vulnerability of the Zabbix universal monitoring system web-integrity is related to the failure to take measures to protect the web page structure. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct a cross-site scripting attack b...
ROS-20250616-21
A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...
ROS-20250616-10
The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the software saves confidential information in log files when processing incorrect data using the KVv2 plug-in. processing incorrect data using the KVv2 plug-in...
ROS-20250616-11
A vulnerability in the Moodle virtual learning environment is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. information Vulnerability of moodle virtual learning environment is...
ROS-20250616-08
Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird mail client of operating systems Windows is related to insufficient process isolation when processing "javascript:" URI links. Exploitation of the The exploitation of this vulnerability could allow a remote attacker to bypass...
ROS-20250616-09
Vulnerability in adodb library is due to improper escaping of query parameter. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL statements...
ROS-20250616-04
Vulnerability of functions xmlSchemaIDCFillNodeTables, xmlSchemaBubbleIDCNodeTables xmlschemas.c of library Libxml2 is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted XML f...
ROS-20250616-01
A vulnerability in the parselrc function of the Gstreamer multimedia framework is related to the dereferencing of a null pointer. NULL pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250616-05
A vulnerability in the File Handler component of the cross-platform 3D model import library Assimp Open Asset Import Library is related to a buffer overflow in aiString::Set in include/assimp/types.h library. Exploiting the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250616-02
A vulnerability in the Poppler PDF mapping library is related to boundary conditions in the function jbig2bitmap :: combine in jbig2stream.cc in libpppler.so. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information...
ROS-20250616-07
A vulnerability in the Mbed TLS software is related to a bug in the handling of memory allocation during the during the TLS handshake. Exploitation of the vulnerability could allow an attacker to bypass the authentication process Mbed TLS software vulnerability is related to insecure default...
ROS-20250616-15
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-03
A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to insufficient insufficient validation of data provided by an attacker in Rack::CommonLogger. Exploitation of the vulnerability could Allow an attacker acting remotely to manipulate data log entr...
ROS-20250616-06
UPX executable packer vulnerability is related to buffer overflow in PackLinuxElf64::unDTINIT of the src/plxelf.cpp file. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250616-20
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-19
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-18
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-16
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-17
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-14
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-13
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-12
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250609-01
A vulnerability in the DOMDeserializer component of the FasterXML jackson-databind library is related to an incorrect restriction of XML links to external objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct XXE attacks...
ROS-20250602-01
A vulnerability in the Bluetooth component of the Linux kernel is related to a memory leak in the function hcigetrandomaddress in net/bluetooth/hcisync.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the traceeventshist component of the...
ROS-20250529-01
A vulnerability in the phy component of the Linux kernel is related to the dereferencing of a NULL pointer in the spusbphyphyprobe function in drivers/phy/sunplus/phy-sunplus/phy-sunplus-usb2.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability...
ROS-20250528-01
A vulnerability in the acpi component of the Linux kernel is related to the dereferencing of a NULL pointer in the acpiskipsetwakeupaddress function in drivers/acpi/sleep.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the net...
ROS-20250526-03
Nomad application orchestrator vulnerability related to vulnerability to directory path escaping Distributions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20250526-02
Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file...
ROS-20250526-01
A vulnerability in the FSM component of Intel processor firmware is related to the checking of the incorrect conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the RAPL Interface of Intel processor firmware is related to the...
ROS-20250526-08
Vulnerability in the soupheaderparsequalitylist function of the libsoup GUI library GNOME of Linux operating systems is related to a memory leak when parsing a quality list containing elements with all zeros. Exploitation of the vulnerability could allow an attacker acting remotely, gain access t...
ROS-20250526-09
Vulnerability of moodle virtual learning environment is related to flaws in permission checking and user capabilities of the user. Exploitation of the vulnerability could allow an attacker acting remotely to access confidential information A vulnerability in the Multi-Factor Authentication...
ROS-20250526-05
Nomad application orchestrator vulnerability related to the fact that the HTTP search API can expose the names of available CSI plugins. of available CSI plugins. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive information Nomad application...
ROS-20250526-04
Vulnerability in Nomad application orchestrator due to ACL policies not using security labels. security labels. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20250526-07
Google Chrome browser vulnerability involves post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact privacy, integrity and availability of data through the use of a specially crafted HTML page...
ROS-20250526-06
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the Shamir implementation uses pre-computed table lookups. Exploitation of the vulnerability could allow an attacker to gain access to potentially sensitive information...
ROS-20250522-01
Vulnerability in the scsi component of the Linux operating system kernel is related to a use-after release in the scsihexpandernoderemove function in drivers/scsi/mpt3sas/mpt3sasscsih.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the...
ROS-20250521-01
Vulnerability of drm/v3d components of Linux kernel is related to dereferencing of NULL pointer in the v3dirq and v3dhubirq functions in drivers/gpu/drm/v3d/v3dirq.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the video component of t...
ROS-20250520-01
Vulnerability of v3dirq function in drivers/gpu/drm/v3d/v3dirq.c - driver for Direct Rendering Infrastructure DRI support in Linux kernel is related to code errors. Direct Rendering Infrastructure DRI of the Linux kernel is related to bugs in the code. Exploitation of the vulnerability could allo...
ROS-20250515-15
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-08
A vulnerability in the Thunderbird email client is related to the presence of multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, when hovering over any attachment, only the the last link. Exploiting this vulnerability allows remote attackers, perform a...