32 matches found
ROS-2-438
2.438 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in th...
ROS-2-860
2.860 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...
ROS-2-568
2.568 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-1445
2.1445 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
ROS-2-1176
2.1176 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...
ROS-2-443
2.443 Vulnerabilities in Squid Proxy Server 1. Vulnerability description: Problems are present in the code processing the "@" block at the beginning of a URL "user@host" and allow bypassing access restriction rules, poisoning cache contents and performing a cross-site scripting attack.Identifier...
ROS-2-1168
2.1168 Vulnerability in Curl CVE-2020-8177 1. Vulnerability Description: The vulnerability allows a local file on the system to be overwritten when accessing an attacker-controlled server. The problem only occurs when the "-J" "--remote-header-name" and "-i" "--head" options are used...
ROS-2-1180
2.1180 Buffer Overflow in Python3 CVE-2021-3177 1. Vulnerability Description: CVE-2021-3177 The vulnerability is capable of causing code execution when processing unchecked floating point numbers in handlers that call C functions using the ctypes mechanism. 2. Possible measures to eliminate the...
ROS-2-1283
2.1283 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-1224
2.1224 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...
ROS-2-478
2.478 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-2239
2.2239 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-807
2.807 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...
ROS-2-2131
2.2131 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-642
2.642 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...
ROS-2-1248
2.1248 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...
ROS-2-1366
2.1366 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...
ROS-2-2189
2.2189 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromis...
ROS-2-553
2.553 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...
ROS-2-499
2.499 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...