ROS-20240815-16

Vulnerability in authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

ROS-20240815-15

A vulnerability in the Apache Commons FileUpload library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240815-12

The JSON aeson analysis and encoding library vulnerability is related to the creation of a hash collision in the unordered-containers base library by sending specially crafted JSON data. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240815-11

Vulnerability of JDBC driver pgjdbc for connecting Java programs to PostgreSQL database is related to the creation of arbitrary files. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the integrity and confidentiality of the system. remotely to affect the...

ROS-20240815-10

Vulnerability of the nsVacmAccessTable function in the OID Handler component of the Net-SNMP software suite of the Linux operating system is related to dereferencing of the NULL pointer. of Linux operating system is related to dereferencing of NULL pointer. Exploitation of the vulnerability could...

ROS-20240815-01

A vulnerability in the glibc library of the Aurora operating system is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the iconv utility of the GNU C Library glibc syst...

ROS-20240814-03

A vulnerability in the i40e component of the Linux operating system kernel is related to the incorrect release of a client instance, and subsequent removal of the i40e module. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the RDMA/srp...

ROS-20240814-02

Vulnerability of the Linux kernel NCI protocol implementation is related to the null pointer dereferencing. pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the dbgfstargetidswrite function in the dbgfs component of the Linux...

ROS-20240814-06

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of hidden side channels. exploitation of hidden side channels. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected information...

ROS-20240814-05

A vulnerability in the "Save As" function of Mozilla Firefox, Firefox ESR and Thunderbird email client on Windows operating systems is related to insufficient input data validation. Thunderbird email client of Windows operating systems is related to insufficient input data validation. Exploitatio...

ROS-20240814-01

Vulnerability of the nftablesnewtable function of Linux kernel operating systems is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

ROS-20240814-04

A vulnerability in the ofxudmadevget function in the dmaengine component of the Linux operating system kernel is related to a a leakage bug in ofxudmadevget. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the scmidomainreset...

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...

ROS-20240813-02

Vulnerability of nvmettcpbuildpduiovec function in drivers/nvme/target/tcp.c module of NVMe driver of Linux kernel is related to null pointer dereference. of Linux operating system is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denia...

ROS-20240813-03

Vulnerability of the usersdmatxadd function of the Infiniband driver of the Linux kernel is related to a pointer dereferencing error. pointer dereferencing error. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of the i2cputadapter...

ROS-20240813-04

Vulnerability of the phy-pendingskb function in the st21nfca component of the Linux kernel is related to memory leak during device check and remote memory allocation by phy-pendingskb function during device check. device check. Exploitation of the vulnerability could allow an attacker to cause a...

ROS-20240812-14

Vulnerability of the utf8asn1str function of the ASN1 parser of the cURL command line utility is related to the release of previously unallocated memory when processing the ASN1 UTF-8 string. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240812-11

The GLPI Agent universal control agent vulnerability involves modifying GLPI-Agent code or allows a DLL to be used to modify the agent's logic. Exploitation of the vulnerability could allow an attacker to privilege escalation...

ROS-20240812-12

Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary SQL queries...

ROS-20240812-08

Node.js software platform vulnerability is related to mismanagement of code generation. Exploitation The vulnerability could allow a remote attacker to activate arbitrary code with elevated privileges when handling CAPNETBINDSERVICE exceptions. elevated privileges when handling CAPNETBINDSERVICE...

ROS-20240812-05

Squid proxy server followxforwardedfor function vulnerability is related to uncontrolled recursion when processing X-Forwarded-For HTTP request headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240812-13

A vulnerability in GLPI's asset and data center management software involves server-side request forgery. Exploitation of the vulnerability could allow an attacker acting remotely to perform an SSRF-based attack using the creation of an arbitrary object. remotely to execute an SSRF-based attack...

ROS-20240812-09

A vulnerability in the HttpStateData function of the Chunked decoder of the Squid proxy server is related to a buffer overflow on the stack as a result of uncontrolled recursion while processing HTTP messages. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

ROS-20240812-07

Squid proxy server vulnerability is related to uncontrolled resource consumption as a result of filtering and data reduction to an unsafe value when processing HTTP header length. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service by...

ROS-20240812-06

A vulnerability in GLPI's asset management and data center software is related to the The introduction of a malicious link by an unauthenticated user. Exploitation of the vulnerability could allow an attacker acting remotely to conduct an XSS attack Vulnerability in GLPI's request, incident and...

ROS-20240812-15

Apache HTTP Server kernel vulnerability is related to ignoring outdated configuration of the of handlers by the "AddType" function. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. remotely to disclose protected information Vulnerability...

ROS-20240812-10

Golang programming language's gfdashsetupperiod function vulnerability is related to resource release bugs resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

ROS-20240812-03

The vulnerability in GLPI's asset and data center management software is related to the the injection of commands into a specific workflow that an agent would run with the privileges it uses privileges. Exploitation of the vulnerability could allow an attacker acting remotely to escalate its...

ROS-20240812-02

A vulnerability in the GLPI plugin that allows the creation of custom Formcreator forms is related to the the use of FULLFORM for rendering. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary javascript code...

ROS-20240812-34

A vulnerability in the utf8asn1str function of the ASN1 parser of the cURL command line utility is related to the release of previously unallocated memory when processing the ASN1 UTF-8 string. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240812-01

The vulnerability in the Kerberos 5 Heimdal implementation is due to bugs in the Heimdal PKI certificate checks, affecting KDC via PKINIT and kinit via PKINIT, as well as any third-party applications, that utilize libhx509 Heimdal. Exploitation of the vulnerability could allow an attacker acting...

ROS-20240812-16

Vulnerability of the dovccioctl function in the net/atm/ioctl.c module of the ATM Asynchronous Transfer Mode network protocol implementation of the Linux kernel is related to the reuse of a previously exploited ATM protocol. Asynchronous Transfer Mode kernel of the Linux operating system is relat...

ROS-20240812-04

A vulnerability in the Collapsed Forwarding Handler component of the Squid proxy server is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the Squid proxy server component is...

ROS-20240808-04

A vulnerability in the phpCAS::setUrl function of the phpCAS authentication library is related to the use of HTTP headers to determine the URL of a service used to validate tickets. HTTP to determine the URL of the service used to validate tickets, allowing the control of the host header and use ...

ROS-20240808-02

Vulnerability in Kerberos 5 Heimdal implementation is related to null pointer dereferencing. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

ROS-20240808-01

A vulnerability in the gfm2tsprocesssdt function of the GPAC multimedia platform is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the gffwrite component of the GPAC Multimedia Platform is...

ROS-20240808-03

A vulnerability in the HTTP server of the Node.js software platform is related to uncontrolled resource consumption as a result of reading an unlimited number of bytes from a single connection while processing HTTP requests. as a result of reading an unlimited number of bytes from a single...

ROS-20240807-09

A vulnerability in the V8 JavaScript script handler of the Google Chrome browser is related to an improperly implemented security checks for the standard. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform a sandbox exit using a specially crafted HTML page A...

ROS-20240725-10

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

ROS-20240807-05

A vulnerability in the PostPolicyBucket component of the MinIO object storage server is related to errors in privilege management. privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by sending specially crafted HTTP...

ROS-20240807-04

MuPDF PDF viewer's fznewpixmapfromfloatdata function vulnerability is related to the division by zero. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in bmpdecompressrle4 function of MuPDF PDF viewer is related to division by...

ROS-20240807-10

BIND DNS server vulnerability is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending multiple DNS messages over TCP The BIND DNS server vulnerability involves sending a large number of clie...

ROS-20240725-13

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

ROS-20240725-12

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

ROS-20240807-03

The vulnerability of PJSIPHEADER function of Asterisk and Certified Asterisk IP telephony management systems is related to with operation exceeding the buffer boundaries in memory when processing the update argument. Exploitation of the vulnerability could allow an attacker acting remotely to cau...

ROS-20240807-02

Vulnerability of CountVowelPosition function of Espeak compact free software speech synthesizer is related to stack buffer overflow. with a stack buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service SetUpPhonemeTable compact free software speech...

ROS-20240725-09

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

ROS-20240725-08

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to writing outside of memory boundaries. Exploitation of the vulnerability could allow an attacker to elevate privileges, disclose sensitive information, or spoof data A vulnerability in the NVIDIA GPU Display...

ROS-20240807-07

Vulnerability in implementation of PreparedStatement.setText or PreparedStatement.setBytea methods of JDBC driver PgJDBC methods for connecting Java programs to a PostgreSQL database is related to unsafe temporary files. Exploitation of the vulnerability could allow an attacker to disclose...

ROS-20240807-06

Vulnerability in the gfavcchangevui function of the GPAC multimedia platform, related to the failure to take measures to to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in the av1uvlc function...