8110 matches found
ROS-20240904-13
A vulnerability in the session cookie pga4session of the pgAdmin 4 database management tool is related to an incorrect serialization. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20240904-08
Vulnerability in the MHDcreatepostprocessor function of the HTTP libmicrohttpd web server implementation is related to a improper parsing of the multipart/form-data boundary. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240904-07
A vulnerability in the Python programming language interpreter CPython is related to a loop with an unreachable exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240904-03
A vulnerability in the Gstreamer multimedia framework is associated with an integer overflow when processing EXIF file metadata. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240904-06
A vulnerability in the yasmintnumcopy function of the YASM assembler is related to the lack of memory release after the effective lifetime. Exploitation of the vulnerability could allow an attacker to gain access to the sensitive data...
ROS-20240904-09
A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...
ROS-20240904-04
A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation The vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information by sending specially crafted IPv6 packets. availabilit...
ROS-20240904-05
Node.js software platform vulnerability is related to improper access control. Exploitation vulnerability could allow an attacker to execute arbitrary code...
ROS-20240904-12
A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240904-10
A vulnerability in the Clojure dynamic programming language is related to the deserialization of untrusted data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Clojure dynamic programming language is related to the...
ROS-20240904-01
Vulnerability of the getedge function of the ospfte.c file of the OSPF Daemonr component of the software tool for implementing network routing on Unix-like systems FRRouting is related to resource release errors. network routing on Unix-like systems FRRouting is related to resource release errors...
ROS-20240904-02
Vulnerability of Microsoft .NET software platforms and Microsoft software development tools Visual Studio is related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240904-11
A vulnerability in the implementation of the PEAP Protected Extensible Authentication Protocol protocol of the Wi-Fi WPA Supplicant client is caused by flaws in the authorization procedure. Wi-Fi WPA Supplicant is caused by a flaw in the authorization procedure. Exploitation of the vulnerability...
ROS-20240902-09
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240902-05
Vulnerability of tgetstr component in tinfo/libtermcap.c library for terminal I/O management ncurses is related to the dereferencing of a NULL pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240902-04
A vulnerability in the xmlattr filter of the Jinja2 templating engine for the Python programming language is related to the failure to take measures to protect the structure of a web page. to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240902-06
Vulnerability of swfgetstring function of GPAC multimedia platform, is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the gfdashsetupperio...
ROS-20240902-01
A vulnerability in Intel Microcode processor microcode is related to the possibility of unauthorized bug injection. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause a denial of service. Intel Microcode processor...
ROS-20240902-07
A vulnerability in the cpio binary archiver is related to regression when using the command line parameter --no-absolute-filenames. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240902-16
The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials A vulnerability in the net/http module o...
ROS-20240902-17
A vulnerability in the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays is related to a stack-based buffer overflow. GStreamer ORC data arrays is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an...
ROS-20240902-12
The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials...
ROS-20240902-13
A vulnerability in the Go Getter library is related to a Git update for an existing maliciously modified Git configuration. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240902-14
Vulnerability of HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to incorrect processing of requests coming from unauthorized IP addresses. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20240902-22
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240902-11
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to too soft memory allocation checks in Angle for GLSL shaders. with too soft memory allocation checks in Angle for GLSL shaders. Exploitation of the vulnerability could Allow an attacker acting...
ROS-20240902-20
A vulnerability in the KeePass password manager is related to unencrypted storage of critical information. Exploitation of the vulnerability could allow an attacker to obtain passwords in clear form...
ROS-20240902-23
A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...
ROS-20240902-18
A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...
ROS-20240902-19
A vulnerability exists in the phpMyAdmin database administration web application due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...
ROS-20240902-21
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240902-03
Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...
ROS-20240902-15
A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240902-02
A vulnerability in the implementation of the INVD processor instruction for virtual machines running on servers with AMD processors is associated with loss or omission of information. AMD processors is associated with information loss or skipping. Exploitation of the vulnerability could allow An...
ROS-20240902-08
A vulnerability in the bus lockout regulator mechanism for some Intel processor models is associated with a a security mechanism failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service A firmware vulnerability in Intel Xeon D processors involves an incorrec...
ROS-20240902-10
GdkPixbuf image loading library vulnerability is related to heap memory corruption in aniloadchunk. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240830-01
Vulnerability of the rndissetresponse function in the rndis component of the Linux kernel is related to the "BufOffset + 8" operation, which can cause an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vrr compone...
ROS-20240829-01
A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to resource release errors. resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the Core component of the Oracle V...
ROS-20240829-02
A vulnerability in the hciqca component of the Linux operating system kernel is related to memory usage after a release. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the gso component of the Linux operating system kernel is related to the...
ROS-20240827-11
Vulnerability in the HTTP2 Stream Handler component of Apache Tomcat application server is related to insufficient exceptional state handling. exceptional state handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a...
ROS-20240828-04
A vulnerability in OpenVPN software is related to the lack of uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240827-04
A vulnerability in the CGI component of the Ruby programming language is related to the occurrence of an interpretation conflict when inserting unreliable input data into HTTP response header. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data...
ROS-20240828-07
A vulnerability in the ice component of the Linux operating system kernel is related to the rapid removal and launch of VF Commit. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the kmalloc function in the iouring component of the Linux...
ROS-20240828-06
A vulnerability in the LibTIFF library is related to null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240828-05
Vulnerability in the Connector/J component of the MySQL Connectors driver of the Oracle database management system MySQL exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data...
ROS-20240828-03
Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the incorrect handling of exceptional conditions with improper handling of exceptional conditions. Exploitation of the vulnerability could allow a remote attacker to use memory after it has been...
ROS-20240827-17
Vulnerability in the /api/v1/alerts file of the Prometheus monitoring system component for processing alerts Alertmanager is related to incorrect neutralization of input data during web page generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240827-16
A vulnerability in the C-ares asynchronous DNS query library is related to uncontrolled resource consumption in the event of misinterpretation of packet length. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a corrupted UDP packet...
ROS-20240828-08
Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to using uninitialized resource. is related to the use of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in...
ROS-20240828-02
A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...