8110 matches found
ROS-20241203-19
Apache HTTP Server web server kernel vulnerability is related to the inclusion of functions from an invalid controlled area. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code by running local handlers through internal redirection A vulnerability in the...
ROS-20241203-10
Vulnerability in the IPAuthenticationProvider component of a centralized service for maintaining configuration information and providing distributed synchronization and group services. configuration, naming, providing distributed synchronization and provisioning of group services Apache ZooKeeper...
ROS-20240203-05
Apache Tomcat application server vulnerability is related to an unchecked error condition. Exploitation The vulnerability could allow an attacker acting remotely to bypass the authentication process and cause a denial of service Apache Tomcat application server vulnerability is related to...
ROS-20241203-02
A vulnerability in the streamformatter moby package is related to running multiple simultaneous write operations. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The moby package vulnerability is related to running concurrent builds that call...
ROS-20241203-01
The Go programming language vulnerability is related to errors in processing special characters "" in the in the context of CSS. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Parse function of the Golang programming...
ROS-20241203-07
Nextcloud mail client vulnerability is related to incorrect automatic configuration. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality Nextcloud mail client vulnerability is related to insufficient access control. Exploitation of the...
ROS-20241203-03
The HTTP request interpretation vulnerability in HAProxy is related to the ability to access a path that is restricted by an ACL access control list installed on the product. Exploitation of the vulnerability could Allow an attacker acting remotely to obtain sensitive information...
ROS-20241203-04
A vulnerability in the Kubernetes virtual machine cluster management software tool is related to incorrectly restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code outside of the container...
ROS-20241203-23
The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...
ROS-20241203-06
Vulnerability of coretable/dynamic module of Moodle virtual learning environment is related to access control flaws in access control. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...
ROS-20241203-11
A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20241203-32
A vulnerability in the implementation of the HSTS HTTP Strict Transport Security mechanism of the curl command line utility exists due to a bug in the implementation of the HSTS cache. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct a man-in-the-middle attack...
ROS-20241203-17
WSGI server gevent.pywsgi vulnerability in the Python Gevent library is related to insufficient validation of the of executed requests. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity, availability, and confidentiality of protected information...
ROS-20241202-02
Vulnerability of drivers/virt/acrn components of the Linux operating system kernel is related to errors of post-release usage errors in the acrnvmmemsegunmap and acrnvmvmrammap functions in the drivers/virt/acrn/mm.c. Exploitation of the vulnerability could allow an attacker to escalate privilege...
ROS-20241202-01
A vulnerability in the hns3 component of the Linux kernel is related to memory leaks in the function hns3pmuirqregister in drivers/perf/hisilicon/hns3pmu.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the openrisc component of the Linu...
ROS-20241129-01
A vulnerability in the ks8851 component of the Linux operating system kernel is related to improper locking in the ks8851dbgdumpkkt, ks8851rxpkts, and ks8851irq functions in the drivers/net/ethernet/micrel/ks8851common.c. Exploitation of the vulnerability could allow an attacker to cause a denial...
ROS-20241129-02
A vulnerability in the openvswitch component of the Linux operating system kernel is related to incorrect input validation in the parseicmpv6 function in net/openvswitch/flow.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cppccpufr...
ROS-20241127-01
A vulnerability in the bna component of the Linux operating system kernel is related to out-of-bounds read errors in the bnaddebugfswriteregrd and bnaddebugfswriteregwr functions in the drivers/net/ethernet/brocade/bna/bnaddebugfs.c. Exploitation of the vulnerability could allow an attacker to...
ROS-20241127-02
A vulnerability in the virtio component of the Linux kernel is related to memory corruption in the functions virtioi2cpreparereqs, virtioi2ccompletereqs and virtioi2cxfer functions in drivers/i2c/busses/i2c-virtio.c. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20241127-03
A vulnerability in the net/smc components of the Linux operating system kernel is related to information disclosure in the function smcibfindroute in net/smc/smcib.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the e1000e...
ROS-20241126-01
Vulnerability of hcilebigsyncestablishedevt function in net/bluetooth/hcievent.c module of Bluetooth protocol implementation in Linux kernel is related to dereferencing of null pointer. of the Linux kernel Bluetooth protocol is related to null pointer dereferencing. Exploitation of the...
ROS-20241126-02
A vulnerability in the drm/amd/amdkfd component of the Linux operating system kernel is related to incorrect initialization in the stopcpsch function in drivers/gpu/drm/amd/amdkfd/kfddevicequeuemanager.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...
ROS-20241125-02
A vulnerability in the hns3 component of the Linux operating system kernel is related to out-of-bounds read errors in the hns3getcoalinfo function in drivers/net/ethernet/hisilicon/hns3/hns3debugfs.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...
ROS-20241125-01
A vulnerability in the f2fs component of the Linux operating system kernel is related to a memory corruption in the function f2fsinitpagearraycache in f2fs/compress.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the sim...
ROS-20241121-02
A vulnerability in the Access Rule Handler component of the Openstack cloud services platform involves manipulation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system. affect the integrity of the system...
ROS-20241121-04
Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is related to...
ROS-20241121-01
Vulnerability in Moodle virtual learning environment related to excessive data output by application in Messaging error message. Messaging error message. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to confidential information. remotely, to...
ROS-20241121-05
The vulnerability in the Moodle virtual learning environment is related to issues with controlling the visibility of user information in gradebook reports. of user information in gradebook reports. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241121-06
A vulnerability in the Consul service configuration tool is related to the use of URL paths in L7 traffic. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access rules based on HTTP request paths. HTTP request paths The vulnerability in the Consul service...
ROS-20231121-04
Vulnerability in Nextcloud cloud storage creation and utilization software is related to improper access controls. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain access to sensitive information Nextcloud cloud storage creation and utilization software...
ROS-20241120-02
A vulnerability in the locking/wwmutex/test components of the Linux operating system kernel is related to improper locking in the functions listforeachentrysafe, stressonework, and stress in the kernel/locking/test/test-wwmutex.c. Exploitation of the vulnerability could allow an attacker to cause...
ROS-20241120-01
Vulnerability of drm/amd/display components of Linux kernel is related to dereferencing of the NULL pointer in the amdgpudminit function in drivers/gpu/drm/amd/display/amdgpudm/amdgpudm.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in th...
ROS-20241119-01
A vulnerability in the ath11k component of the SUNRPC kernel of the Linux system is related to use-after-use errors release in the rpcclntremovepipedir and rpcsetuppipedir functions in net/sunrpc/clnt.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the syste...
ROS-20241119-02
Vulnerability of cxl/region components of Linux kernel is related to the use of uninitialized resource in the cxlregionattach function in drivers/cxl/core/region.c. Exploitation of the the vulnerability could allow an attacker to cause a denial of service A vulnerability in the tls component of t...
ROS-20241118-02
A vulnerability in the bcmasp component of the Linux kernel is related to a memory leak in the functions umacinit, bcmasptxpoll, bcmaspinittx and bcmaspnetifdeinit functions in drivers/net/ethernet/broadcom/asp2/bcmaspintf.c. Exploitation of the vulnerability could allow an attacker to cause a...
ROS-20241118-01
Vulnerability in the ena component of the Linux kernel is related to resource management errors in the enaunmaptxbuff and enafreetxbufs functions in drivers/net/ethernet/amazon/ena/ena/enanetdev.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...
ROS-20241115-02
A vulnerability in the octeontx2-pf component of the Linux kernel is related to a memory leak in the function otx2qosreadtxschqcfgtl in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...
ROS-20241115-01
A vulnerability in the pinctrl component of the Linux kernel is related to the dereferencing of a NULL pointer in the pcssetmux function in drivers/pinctrl/pinctrl-single.c.. pcssetmux function in drivers/pinctrl/pinctrl-single.c. Exploitation of the vulnerability could allow an attacker to cause...
ROS-20241114-01
Vulnerability of net/rds components of Linux operating system kernel is related to dereferencing of NULL pointer in the rdsrdmamap function in net/rds/rdma.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the nftables component of the...
ROS-20241114-02
The vulnerability of the micrel component of the Linux operating system kernel is related to the NULL pointer dereferencing in lan8814txtstamp, lan8814getsigrx, lan8814matchrxts, lan8814ptpciadjfine functions, lan8814getsigtx, lan8814dequeuetxskb, and lan8814matchskb in drivers/net/phy/micrel.c...
ROS-20241112-05
A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20241112-08
A vulnerability in the Raft Consensus Algorithm of the Raft data distribution algorithm of the Integrated storage Raft storage of HashiCorp Vault and Vault Enterprise platforms for archiving corporate information is associated with unlimited resource consumption as a result of nodes incorrectly...
ROS-20241112-10
A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of https URLs even after certificate validation errors. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data and compromise their integrity. remotely to gain...
ROS-20241112-12
A vulnerability in the drm/vmwgfx components of the Linux operating system kernel is related to memory corruption in the vmwducursormobsize and vmwducursorplanecleanupfb functions in the drivers/gpu/drm/vmwgfx/vmwgfxkms.c. Exploitation of the vulnerability could allow an attacker to elevate the...
ROS-20241112-09
A vulnerability in the Consul service configuration tool is related to input validation errors when processing catalog traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and read arbitrary files on the system...
ROS-20241112-11
A vulnerability in the index.php component of Enterprise Server, a cloud-based software package for creating and using Nextcloud Server data storage is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to modify or delete VCards in the...
ROS-20241113-01
A vulnerability in the sched/debug components of the Linux operating system kernel is related to information disclosure in the updatescheddomaindebugfs function in kernel/sched/debug.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A...
ROS-20241113-02
A vulnerability in the HDMA component of the Linux operating system kernel is related to race conditions in the functions dwhdmav0corewritechunk and dwhdmav0corestart in drivers/dma/dw-edma/dw-hdma-v0-core.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the...
ROS-20241112-02
A vulnerability in the ansible-core component of the Red Hat Ansible configuration management system is related to incorrect processing of output data for logs. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in Red Hat Ansible configurati...
ROS-20241112-04
Vulnerability of http requests of CurlAsyncHTTPClient component of Tornado asynchronous network library is related to improper neutralization of CRLF sequences. Exploitation of the vulnerability could allow an attacker acting remotely to inject arbitrary headers into a request or cause an...