ROS-20240403-15

Vulnerability of alloca and strdup functions of Systemd service initialization and management subsystem is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in systemd-tmpfiles of the Systemd...

ROS-20240402-19

A vulnerability in the VMware Tools suite for Windows operating systems is related to a flaw in the authorization procedure. of authorization. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges VMware Tools s utility suite vulnerability is relate...

ROS-20240402-13

Vulnerability in picparameterset::dump function of h.265 Libde265 video codec implementation is related to multiple buffer overflows via numtilecolumns and numtilerow parameters. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240402-03

A vulnerability in the Redis database management system DBMS involves integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20240402-08

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

ROS-20240402-15

A vulnerability in the virtuoso-opensource web application development platform is related to the invocation of a denial of Denial of Service DoS using specially crafted SQL statements. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

ROS-20240402-06

Vulnerability in the password protection mechanism of the Grub2 boot loader is related to the bypass of authentication by spoofing. Exploitation of the vulnerability could allow an attacker to bypass established access control...

ROS-20240402-04

A vulnerability in the MemIOCallback.cpp file of the C++ libebml library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240402-12

A vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to update any personal or global external storage, making it inaccessible to everyone else. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass existing...

ROS-20240402-11

A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...

ROS-20240402-10

A vulnerability in the NetScreen file parser of Wireshark, a computer network traffic analyzer, is related to an operation exceeding buffer boundaries. operation out of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerabilit...

ROS-20240402-14

Vulnerability of a VPN packet based on IPSec strongSwan protocol is caused by a bug in the charon-tkm process with the key exchange IKE protocol implementation based on TKMv2 Trusted Key Manager. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20240402-09

A vulnerability in the loginpassword component of the FreeIpa server is related to sending user requests, that can perform actions on behalf of the user. Exploitation of the vulnerability could allow An attacker acting remotely to cause a loss of system confidentiality and integrity...

ROS-20240402-05

Vulnerability of TiXmlDeclaration::Parse function in tinyxmlparser.cpp component of TinyXML XML-parser is related to the use of assert operator when processing 0 character after space. using assert operator when processing 0 character after a space. Exploitation vulnerability could allow an...

ROS-20240402-01

A vulnerability in the PMIx process control interface is related to the execution of library code with UID 0. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

ROS-20240402-02

A vulnerability in the CRI-O container mechanism is related to experimental annotation, causing the the container becomes unrestricted. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20240402-16

Vulnerability of loadpempkcs7certificates and loadderpkcs7certificates package cryptography functions is related to NULL pointer dereferencing and segment failure. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240402-07

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

ROS-20240402-17

A vulnerability in the net/http package of the Go programming language is related to information disclosure. vulnerability could allow a remote attacker to disclose protected information. A vulnerability in the cmd-go component of the Go programming language is related to public data transmission...

ROS-20240401-02

A vulnerability in the DHgeneratekey function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow a remote attacker, cause a denial of service...

ROS-20240401-05

A vulnerability in the NVIDIA Tegra XUSB Pad driver of the Linux kernel is related to pointer dereferencing errors. in pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

ROS-20240401-04

HAProxy server software vulnerability is related to forwarding empty headers Content-Length. Exploitation of the vulnerability could allow an attacker acting remotely to perform an HTTP request smuggling attack. an HTTP request smuggling attack...

ROS-20240401-03

A vulnerability in the CRI-O container mechanism is related to adding arbitrary lines to /etc/passwd using a a specially crafted environment variable. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of the CRI-O...

ROS-20240401-01

Vulnerability of idedmacb function of QEMU hardware emulator is related to synchronization errors when processing the DRQSTAT parameter. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, or delete data or cause a denial of service Vulnerability in the...

ROS-20240329-06

The vulnerability in the WebAudio component of Google Chrome and Microsoft Edge browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using a specially crafted HTML page A vulnerability in the...

ROS-20240329-17

A vulnerability in the sdhci.c component of the QEMU hardware emulator is related to a single offset. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240329-15

A vulnerability in the lsi53c895a.c component of the QEMU hardware emulator is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsidiskreset function hw/scsi/scsi-disk.c of the...

ROS-20240329-24

Vulnerability in Google Chrome browser's JavaScript script handler V8 is related to type mixing errors data types. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20240329-05

Vulnerability in the vim text editor is related to the use of an insecure search path. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the vimregsubboth function of the vim text editor is caused by a buffer overflow in dynamic...

ROS-20240329-25

Vulnerability of Zabbix universal monitoring system agent is related to incorrect control of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability of the Zabbix Universal Monitoring System agent is relat...

ROS-20240329-20

Vulnerability in the virNWFilterObjListNumOfNWFilters method of the Libvirt virtualization management library is due to with insufficient blocking. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service Vulnerability in virStoragePoolLookupByTargetPath API...

ROS-20240329-18

The vulnerability of the pkiverifydatasignature function of the LibSSH client authentication library is related to the flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely bypass security restrictions and gain unauthorized access to...

ROS-20240329-02

A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240329-08

The Engrampa archive manager vulnerability is related to the lack of symbolic link location checking, which leads to arbitrary writing of files to unintended locations. Exploitation of the vulnerability could allow an attacker acting remotely to upload files to arbitrary locations on the system...

ROS-20240329-23

The vulnerability in the interface of Zabbix universal monitoring system is related to insufficient input data validation when processing the URL field of Maps element. data when processing the URL field of the Maps element. Exploitation of the vulnerability could allow an attacker, acting...

ROS-20240329-21

Vulnerability of readSeparateTilesIntoBuffer function of LibTIFF library is related to integer overflow on tiff files processing. overflow when processing tiff files. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the...

ROS-20240329-19

A vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to the unrestricted resource allocation, Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240329-09

A vulnerability in the Privates Handler component of the X Window System X.Org Server implementation is related to an operation exceeding the buffer boundaries. operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

ROS-20240329-22

Vulnerability in the Heerces C++ library of the BigFix Platform IT hardware co-management platform is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, to execute arbitrary code by sending a specially crafted HTTP request...

ROS-20240329-13

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

ROS-20240329-01

A vulnerability in the vim text editor is related to improper handling of exceptional conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service The vim text editor vulnerability is related to an attempt by vim to access an already freed structure window...

ROS-20240329-10

Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...

ROS-20240329-14

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

ROS-20240329-07

A vulnerability in the Picture-in-Picture PiP technology of the Google Chrome browser is related to errors in the presentation of errors in the presentation of information by the user interface. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct spoofing attack...

ROS-20240329-04

ASP.NET Core software platform vulnerability is due to security configuration errors. Exploitation The exploitation of the vulnerability may allow an intruder to disclose protected information...

ROS-20240329-16

Vulnerability in vim text editor is related to memory usage after it is freed. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vim text editor truncstring vulnerability is related to buffer overflow. Exploitation exploitation of this vulnerability...

ROS-20240329-03

Vulnerability in InstalledVersions.php and install.php scripts of dependency manager for PHP Composer is related to the inclusion of functions from an invalid controlled scope. with the inclusion of functions from an invalid controlled scope. Exploitation of the vulnerability could allow an...

ROS-20240329-11

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

ROS-20240329-12

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

ROS-20240328-10

A vulnerability in the HAProxyI software is related to the acceptance of as part of the URI component. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive information...