7184 matches found
ROS-20240408-02
A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...
ROS-20240408-10
GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...
ROS-20240505-13
A vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool is related to the lack of restrictions on the speed of merging elements no. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and...
ROS-20240405-07
Vulnerability in slicesegmentheader function of Libde265 video codec implementation is related to copying the buffer without checking the input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240405-10
A vulnerability in the Perl programming language is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code...
ROS-20240405-05
A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...
ROS-20240405-06
A vulnerability in the GnuTLS transport layer security library is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20240405-04
A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240505-03
A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of default credentials when the web user interface is enabled. default credentials when the web user interface is enabled. Exploitation of the vulnerability could allow an attacker, acting remotely, to...
ROS-20240405-09
A vulnerability in the gdevprnopenprinterseekable function of the gdevprnopenprinterseekable interpreter of the Ghostscript suite of software for Ghostscript document processing, conversion and generation software set interpreter is related to memory usage after its release. Exploitation of the...
ROS-20240403-14
A vulnerability in the Google Sheets data source of the Grafana monitoring and surveillance platform is related to the failure to handling error messages properly, potentially exposing the Google Sheet API key. Exploitation of the vulnerability could allow an attacker acting remotely to gain acce...
ROS-20240405-02
Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to reveal protected information...
ROS-20240405-12
A vulnerability in the Commons FileUpload component of Apache Tomcat application server exists due to incomplete cleanup of temporary or auxiliary resources. clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker , acting remotely, to cause a denia...
ROS-20240405-11
Vulnerability of the flushrefsamples function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20240405-08
A vulnerability in the SSH dissector of the computer network traffic analyzer Wireshark is related to insufficient cleaning of special elements in the output data used by the input component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by...
ROS-20240405-01
A vulnerability in the fs/ntfs.c component of the Grub2 operating system boot loader is related to a buffer overflow in the dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the Trace View panel of the Grafana web data...
ROS-20240404-20
A vulnerability in the Vorbis-tools package is related to the conversion of wav files to ogg files. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240404-09
A vulnerability in Avahi's local network service discovery system is related to uncontrolled consumption of resources. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20240403-05
Vulnerability of grubfontconstructglyph function of Grub2 operating systems loader is related to the output of the operation outside the memory buffer when processing specially designed fonts in pf2 format. Exploitation of the vulnerability may allow an attacker to execute arbitrary code Grub2...
ROS-20240403-04
Vulnerability of onstreamio and dnsstreamcomplete functions of the subsystem of initialization and management of services Systemd is related to not incrementing the reference count for the DnsStream object. Exploitation of the vulnerability could allow a remote intruder to violate the integrity a...
ROS-20240404-02
Vulnerability of aresinetnetpton function of C-ares asynchronous DNS query library is related to violation of the initial buffer boundary. the initial buffer boundary. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, violate its integrity, and cause a...
ROS-20240404-18
Vulnerability in the OpenVAS database management system's OpenVAS scanning and vulnerability management tool MariaDB is associated with uncontrolled resource consumption when connecting to ports 3306 and 4567. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a...
ROS-20240404-19
A vulnerability in the PNG optimization software tool OptiPNG is related to a buffer overflow via the 'buffer' variable in gifread.c. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20240404-10
A vulnerability in the Rack module of the Ruby programming language interpreter is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240404-01
A vulnerability in the Grafana web-based data submission tool is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to gain full access to a user's account A vulnerability in the Grafana monitoring and surveillance platform is...
ROS-20240404-07
A vulnerability in the ProFTPD FTP server is related to a memory freeing error. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. information...
ROS-20240404-12
A vulnerability in the MediaWiki hypertext implementation software tool is related to the ability to to exploit XSS in partial block functions. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform cross-site scripted attacks...
ROS-20240404-14
The vulnerability of the library for controlling input/output to the terminal ncurses is related to the possibility of writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected...
ROS-20240404-13
A vulnerability in the 7z file analyzer component of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240403-03
A vulnerability in the libtirpc package is related to the exhaustion of process file descriptors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240404-17
Vulnerability in the SMTP protocol implementation of Exim mail server is related to operation out of buffer boundaries in memory during request processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240404-16
Vulnerability of builtin.c component of Gawk template reformatting component is related to operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information or cause denial of service...
ROS-20240404-15
A vulnerability in the libwebp library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to write data outside of the buffer boundaries through a crafted HTML page. HTML page...
ROS-20240404-11
A vulnerability in the libcapstrdup function of the Libcap package is related to an overflow if the input string is close to 4 GB. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240403-06
A vulnerability in the adodbaddslashes function of the adodb library is related to improper authentication. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication...
ROS-20240404-08
Vulnerability of GnuTLS transport layer cryptographic library is related to difference of response time when processing RSA ciphertext in ClientKeyExchange message with correct and incorrect addition of PKCS1. PKCS1 padding. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240402-21
Vulnerability of the OpenSC smart card software toolkit and libraries is related to a memory vulnerability during card registration using pkcs15-init. memory vulnerabilities during card registration using pkcs15-init. Exploitation of the vulnerability could allow an attacker to affect the...
ROS-20240403-01
A vulnerability in the column.title and cellLinkTooltip components of the Grafana web-based data presentation tool is related to insufficient protection of the web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges A vulnerability in t...
ROS-20240328-18
A vulnerability in Apache Tomcat application server is related to URL redirection to an untrusted site. Exploitation of the vulnerability could allow a remote attacker to redirect a user to an arbitrary URL. arbitrary URL...
ROS-20240402-23
A vulnerability in the --fragment option of OpenVPN software is related to the initiation of division by zero. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in OpenVPN software is related to memory handling errors. Exploitatio...
ROS-20240402-18
A vulnerability in the multiprotocol messaging and streaming broker RabbitMQ is related to a HTTP API's lack of restriction on HTTP request body size, which made it vulnerable to very large messages. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20240403-11
Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information...
ROS-20240402-22
Moodle virtual learning environment vulnerability is related to lack of additional comment cleanup Wiki. Exploitation of the vulnerability could allow an attacker acting remotely to perform a cross-site scripting attacks XSS A vulnerability in the Moodle virtual learning environment is related to...
ROS-20230403-14
The ZeroMQ asynchronous messaging library vulnerability is related to causing a stack buffer overflow on the server by sending specially crafted topic subscription requests and then unsubscribing. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial o...
ROS-20240403-13
Vulnerability of OpenIdAuthenticator class of Eclipse Jetty servlet container is related to flaws in the of the authentication procedure when processing the LoginService parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...
ROS-20240403-12
A vulnerability in the Range header analysis component of the modular interface between web servers and the Rack web applications is related to the creation of input data that could cause the analysis of the Content-Disposition header in Rack to take an unexpected amount of time...
ROS-20240403-09
Vulnerability of the peekforas4capability function of the software tool for implementing network routing on Unix-like systems FRRouting is related to flaws in the use of the assert function. Unix-like systems FRRouting is related to flaws in using assert function. Exploitation The vulnerability...
ROS-20240402-20
A vulnerability in the Cargo package manager of the Rust programming language is associated with incorrect verification of the of the cryptographic signature. Exploitation of the vulnerability could allow an attacker acting remotely, affect the integrity of protected information via SSH protocol...
ROS-20240403-02
Vulnerability of ntfsnamesfullcollate function of NTFS file system for NTFS-3G FUSE module is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges using a specially crafted NTFS image file The NT...
ROS-20240403-16
A vulnerability in the TCP modules of the Rsyslog log processing software utility is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...