7184 matches found
ROS-20240725-11
A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...
ROS-20240807-01
Vulnerability in the implementation of ColladaParser::ExtractDataObjectFromChannel function of the Open Asset Import Library Assimp 3D models Open Asset Import Library Assimp is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to gai...
ROS-20240806-15
Vulnerability of PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes and PKCS12newpass of the OpenSSL library are related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240806-07
A vulnerability in the Fake Authentication Result Handler component of OpenDKIM DKIM filter software is related to the lack of sequence number verification when deleting fake fields. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity...
ROS-20240806-13
Vulnerability in the implementation of the bcrypt hashing algorithm of the Prometheus system file export library Exporter Toolkit is related to authentication bypass during web.yml file processing. Exploitation of the vulnerability could allow an attacker to bypass security restrictions and gain...
ROS-20240806-12
Vulnerability of CPAN.pm component of Perl programming language is related to errors in the procedure of TLS certificate authentication. of TLS certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to confidential data, compromise its...
ROS-20240806-09
Gstreamer multimedia framework vulnerability is related to stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to execute arbitrary code using specially crafted H265 encoded files. specially crafted H265 encoded files Gstreamer multimedia framework vulnerability ...
ROS-20240806-16
Vulnerability in glXGetDrawableScreen neutral dispatch layer function for OpenGL API calls libglvnd is related to a segmentation violation. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240806-02
A vulnerability in the XML Handler component of the cross-platform messenger for the Jabber Gajim protocol is related to the the creation of XML strophs, allowing messages that were not sent by other users. Exploitation of the vulnerability could allow an attacker acting remotely to have an Impac...
ROS-20240806-20
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...
ROS-20240806-19
The CUPS print server vulnerability is related to incorrectly defining symbolic links before accessing a file. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data by running a cupsd server with the Listen configuration element...
ROS-20240806-05
A vulnerability in the AbstractSessionListener component of the Symfony web application development and management platform is related to an incorrect authorization procedure. Symfony web application development and management platform is related to incorrect authorization procedure. Exploitation...
ROS-20240806-22
A vulnerability in the Active Record adaptor of the Ruby on Rails software platform is related to flaws in the validation of values. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240806-14
A vulnerability in the Gstreamer multimedia framework is related to reading outside of the allowed buffer boundaries data buffer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240806-11
A vulnerability in the client software for interacting with the RabbitMQ Java message broker client is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240806-08
A vulnerability in the libnbd library's nbdgetsize function is related to the responses received by the server, a block of larger than 2^63. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240806-04
Vulnerability of the allocatestructures function of the utility for measuring and analyzing system performance sysstat is related to insufficient bounds checking before arithmetic multiplication, which allows an overflow of the size allocated for the buffer representing system actions. overflow o...
ROS-20240806-03
A vulnerability in the Java Apache Commons BCEL bytecode processing library is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code...
ROS-20240806-01
A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop without sufficiently limiting the the number of times it can be executed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service by using specially crafted 7...
ROS-20240806-17
The 389 Directory Server vulnerability is related to the creation of a special LDAP query, that has the potential to cause a failure on the directory server. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...
ROS-20240806-10
A vulnerability in the HTTP2 handler component of the Apache HTTP Server web server is related to the ability to The vulnerability in the HTTP2 handler component of Apache HTTP Server is related to the ability to generate a stream of requests within an established network connection, without...
ROS-20240806-21
Vulnerability of JDBC driver pgjdbc for connecting Java programs to PostgreSQL database is related to Lack of verification of the class implementation of the expected interface. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code through the...
ROS-20240806-18
A vulnerability in the 389 Directory Server is related to the ability of an authenticated user to cause a server crash by changing the userPassword using incorrect input. user to cause a server crash by changing userPassword using incorrect input. Exploitation of the vulnerability could allow an...
ROS-20240806-06
Vulnerability of ruby-find-library-file function of EMACS text editor is related to incorrect neutralization of special elements. neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the lib-src/etags.c file of th...
ROS-20240805-07
Vulnerability of oghttp codec in the part of HTTP/2 protocol implementation of Envoy proxy server is related to the bug request reset when header size limits are exceeded as a result of missing ENDHEADERS flag when processing CONTINUATION frames. Exploitation of the vulnerability could allow an...
ROS-20240805-06
An Envoy proxy vulnerability is related to incorrect validation of an erroneous pointer value. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to crash. application crash...
ROS-20240805-05
Vulnerability in kube-apiserver component of virtual machine cluster management software tool Kubernetes is related to redirection to malicious resources during proxied update requests. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...
ROS-20240805-01
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20240805-02
A vulnerability in the implementation of the application program interface of the Rust programming language interpreter for Windows operating systems is related to the introduction or modification of arguments. Windows operating systems is related to the introduction or modification of arguments...
ROS-20240805-08
A vulnerability in the golang package of the Debian GNU/Linux operating system is related to a lack of protection for service data. data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A vulnerability in the golang package of the...
ROS-20240805-04
Vulnerability in HashiCorp Vault and Vault Enterprise enterprise information archiving platforms is related to errors in the certificate authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the authentication process Vulnerability in the...
ROS-20240805-03
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20240801-01
A vulnerability in the modrewrite function of Apache HTTP Server is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240801-02
A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could Allow a remote attacker to cause a denial of service A vulnerability in the CORBA...
ROS-20240801-05
A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...
ROS-20240801-03
A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...
ROS-20240801-04
A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...
ROS-20240731-04
The vulnerability of the corosync/pacemaker PCS program configuration utility is related to flaws in the procedure of of authentication. Exploitation of the vulnerability could allow an attacker acting remotely to increase their privileges...
ROS-20240731-01
A vulnerability in the lib-src/etags.c file of the ctags component of the EMACS text editor is related to improper neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the org-babel-execute:latex function of the...
ROS-20240731-03
A vulnerability in the MXF file parser of the Gstreamer multimedia framework is related to an operation exceeding the boundaries of a buffer in memory. buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240731-02
A vulnerability in the application programming interface of the libcue library is related to an operation exceeding the boundaries of the of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by downloading a control table from ...
ROS-20240731-06
A vulnerability in the SHA-3 cryptographic hash function of the eXtended Keccak Code Package XKCP software package is related to errors in block processing of input data and type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code during...
ROS-20240731-05
A vulnerability in the SHA-3 cryptographic hash function of the eXtended Keccak Code Package XKCP software package is related to errors in block processing of input data and type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code during...
ROS-20240730-12
Vulnerability in Django web application software platform is related to unrestricted resource allocation. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service DoS. denial of service DoS...
ROS-20240730-08
Eclipse Jetty servlet container vulnerability is related to errors in processing input data length parameters. data length parameters. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "HTTP request smuggling" attack The Eclipse Jetty servlet container...
ROS-20240730-06
A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...
ROS-20240730-05
Vulnerability of search filter ldbmsearch.c of 389 Directory Server is related to access delimitation flaws. Exploitation of the vulnerability could allow an intruder acting remotely to gain unauthorized access to protected information...
ROS-20240730-04
A vulnerability in the document processing, conversion and generation software suite Ghostscript is related to the introduction of a specially crafted pipe command. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code...
ROS-20240730-01
A vulnerability in the freempimage function of the free media player Mplayer is related to writing outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in free mpgetbits function of Mplayer media player is relate...
ROS-20240730-13
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...