8110 matches found
ROS-20250220-01
Vulnerability of tunfreenetdev function of virtual network drivers TUN/TAP of kernel operating systems Linux is related to repeated freeing of previously freed memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service or escalate privileges A vulnerability in...
ROS-20250219-02
A vulnerability in the bsonstrfreev function of the libbson library of the MongoDB database management system driver C Driver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to affect the integrity of protected information...
ROS-20250219-04
A vulnerability in Git's distributed version control system is related to a flaw in the mechanism for encoding or shielding of output data. Exploitation of the vulnerability allows a remote attacker, gain access to sensitive data Vulnerability in the ANSI Escape Sequence Handler component of the...
ROS-20250219-01
A vulnerability in Intel Xeon processors is related to a bug in hardware logic. Exploitation of the vulnerability could allow an attacker to cause a denial of service Intel Xeon processor vulnerability is related to incorrect error handling in Intel SGX. Exploitation exploitation of the...
ROS-20250219-06
A vulnerability in Grafana's web-based data presentation tool is related to excessive data output by the application as part of the Grafana Alerting VictorOps integration. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially sensitive informati...
ROS-20250219-05
A vulnerability in the Core component of Oracle VM VirtualBox is related to a flaw in the authorization mechanism. authorization mechanism. Exploitation of the vulnerability could allow an attacker to gain privileged access to the infrastructure A vulnerability in the Core component of the Oracle...
ROS-20250219-07
The vulnerability in the Apache Commons IO library is due to the fact that the application does not properly control the internal resource consumption when processing unreliable input data passed to the class org.apache.commons.io.input.XmlStreamReader. Exploitation of the vulnerability could all...
ROS-20250219-03
A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information A vulnerability in th...
ROS-20250214-05
Intel Xeon processors vulnerability is related to a data protection mechanism violation. Exploitation of the vulnerability could allow an attacker to escalate privileges Vulnerability in SMI transfer monitor STM hypervisor of Intel processors firmware is related to to an improper workflow...
ROS-20250214-03
The vulnerability in Intel Xeon processors is related to incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX. Intel Xeon processor memory controller configurations when using Intel SGX. Exploitation exploitation of the vulnerability cou...
ROS-20250214-02
A vulnerability in the go-git library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or...
ROS-20250214-01
A vulnerability in the Grafana web-based data submission tool is related to the ability to delete pending pending invitations. Exploitation of the vulnerability could allow an attacker acting remotely, modify arbitrary data...
ROS-20250214-04
Vulnerability of the nftsetelemcatchalldeactivate function in the net/netfilter/nftablesapi.c module of the Linux kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...
ROS-20250214-06
A vulnerability in the iio component of the Linux operating system kernel is related to incorrect input validation in the afe4403readraw function in drivers/iio/health/afe4403.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the netfilte...
ROS-20250212-16
A vulnerability in the Golang programming language is related to the fact that an HTTP client sends an Authorization header to a third-party domain after a chain of redirects in an uncontrolled consumption of resources. Authorization to a third-party domain after a chain of redirects with...
ROS-20250212-11
The Nomad application orchestrator vulnerability is related to improper assignment of privileges in the namespace namespace privileges via unedited workload identification tokens. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive information...
ROS-20250212-10
A vulnerability in the Python Babel library that helps internationalize and localize Python applications is associated with Input validation errors when processing directory traversal sequences in .dat locale files in Babel.Locale. Exploitation of the vulnerability could allow an attacker to...
ROS-20250212-08
A vulnerability in the Python toolkit dnspython is related to insufficient validation of user input in the Tudoor mechanism. user input in the Tudoor mechanism. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250212-07
Vulnerability of JxlEncoderAddJPEGFrame function of JPEG XL decoder of Libjxl library is related to operation outside of memory buffer boundaries. operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20250212-09
A vulnerability in the PHP Smarty templating engine is related to incorrect input validation when processing the attribute "extends-tag" attribute. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary PHP code on the target system. arbitrary PHP code on t...
ROS-20250212-17
A vulnerability in the Mark-of-the-Web protection mechanism of the 7-Zip archiver is related to a breach of the data protection mechanism. data protection mechanism. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user...
ROS-20250212-12
A vulnerability in the hbcairoglyphsfrombuffer function of the Harfbuzz text transformation library is related to the bounds errors in the hbcairoglyphsfrombuffer function in hb-cairo.cc. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the...
ROS-20250212-15
A vulnerability in the diagnosticschannel utility of the Node.js software platform is related to incorrectly set security restrictions on diagnostic data processing. incorrectly set security restrictions when processing diagnostic data. Exploitation of the vulnerability could allow an attacker to...
ROS-20250212-18
A vulnerability in the "Host Monitoring" component of the Zabbix universal monitoring system is related to incorrect code generation control. code generation control. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by injecting it into the ping...
ROS-20250212-14
The vulnerability of the mkdtemp function of the Python programming language interpreter is related to the problem of introducing an argument. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20250212-13
Vulnerability in the ntpd daemon implementation of the NTP time synchronization protocol is related to insufficient validation of user input during NTP packet processing. user input during NTP packet processing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20250213-01
A vulnerability in the iavf component of the Linux kernel is related to an incorrect locking in the function iavfinitmodule in drivers/net/ethernet/intel/iavf/iavfmain.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in...
ROS-20250212-02
Open Asset Import Library Assimp 3D model import library vulnerability is related to heap buffer overflow. heap buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of OpenDDDLParser::parseStructure function of 3D models import...
ROS-20250212-05
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250212-06
A vulnerability in the oggvorbis.c component of the libsndfile audio file reading and writing library is related to a boundary condition violation in the vorbisanalysiswrote function in oggvorbis.c. a boundary condition violation in the vorbisanalysiswrote function in oggvorbis.c. Exploitation of...
ROS-20250212-01
A vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the lack of restrictions on authentication attempts. Exploitation of the vulnerability could allow an attacker acting remotely to implement a brute force attack...
ROS-20250212-04
A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the consumption of internal resources in werkzeug.formparser.MultiPartParser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250212-03
A vulnerability in the cpython module of the Python programming language is related to improper input validation in module venv module when creating a virtual environment. Exploitation of the vulnerability allows an attacker to execute arbitrary code...
ROS-20250211-01
Vulnerability of the qethl2br2devworker function in the drivers/s390/net/qethl2main.c module of the drivers/s390/net/qethl2main.c kernel of the Linux operating system on the s390 platform is related to the reuse of previously released memory of the s390 Linux kernel is related to the reuse of...
ROS-20250210-01
A vulnerability in the spi component of the Linux kernel is related to incorrect error handling in the rockchipspisuspend and rockchipspiresume functions in drivers/spi/spi-rockchip.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...
ROS-20250206-01
A vulnerability in the btrfssubmitchunk function in the fs/btrfs/bio.c module of the btrfs file system of the Linux kernel is related to the reuse of previously freed memory. Linux kernel file system btrfs is related to the reuse of previously freed memory. Exploitation of the vulnerability could...
ROS-20250205-01
A vulnerability in the net/mlx5 components of the Linux operating system kernel is related to errors in accessing statistics of of commands after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the platform/surface...
ROS-20250205-02
A vulnerability in the PCI component of the Linux operating system kernel is related to incorrect input validation in the vpciscanbus and epfntbbind functions in drivers/pci/endpoint/functions/pci-epf-vntb.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of...
ROS-20250204-01
A vulnerability in the udf component of the Linux operating system kernel is related to the use of an uninitialized resource in the udfrename function in fs/udf/namei.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vmwgfx...
ROS-20250203-02
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotelyThe Etcd configuration parameter storage vulnerability of Etcd configuration parameters i...
ROS-20250203-01
A vulnerability in the QSvgFont Qt SVG feature of the Qt cross-platform software development framework is related to catalog traversal. Qt software is related to the ability to bypass a catalog. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250203-05
Vulnerability of vim text editor is related to buffer overflow in the heap, when switching to other buffers using the :all command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code The vim text editor vulnerability is related to bounds errors when processing...
ROS-20250203-06
A vulnerability in the LibreOffice office suite is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to disclose confidential information LibreOffice office suite vulnerability is related to incorrect path name restriction to a...
ROS-20250203-07
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service via a specially crafted...
ROS-20250203-11
A vulnerability in the luaupvaluejoin function lapi.c of the Lua script interpreter is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in the luaresume ldo.c component of the Lua...
ROS-20250203-12
A vulnerability in the ldebug.c component of the Lua script interpreter involves an integer loss of significance. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250203-08
Vulnerability in numexpr library of framework for creating applications based on combining languages and models LangChain is related to incorrect code generation control. LangChain models is related to improper code generation control. Exploitation of the vulnerability could allow an attacker...
ROS-20250203-13
A vulnerability in the Active Record component of the Ruby on Rails software platform is related to the possibility of injecting SQL code through comments. SQL code through comments. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of...
ROS-20250203-14
A vulnerability in the Action Dispatch component of the Ruby on Rails software platform is related to insufficient validation of user input in Action Dispatch. insufficient validation of user input data in Action Dispatch. Exploitation of the vulnerability could allow an attacker acting remotely ...
ROS-20250203-15
Vulnerability in Active Support PostgreSQL component of Ruby interpreter is related to insufficient validation of user input in Active Support in Inflector.underscore. user input data in Active Support in Inflector.underscore. Exploitation of the vulnerability could allow an attacker acting...