8283 matches found
ROS-20240506-01
A vulnerability in the libexpat XML parser library is related to incorrect restriction of XML references to external objects. XML references to external objects. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting specially crafte...
ROS-20240422-04
A vulnerability in the JpegEncoder::Encode function of the libheif file format decoder and encoder is related to a memory leak. memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
ROS-20240415-02
Vulnerability of udevListInterfacesByStatus function in module src/interface/interfacebackendudev.c of libvirt library is caused by an off-by-one error. module of the libvirt library has an off-by-one error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240410-21
A vulnerability in the RPM Package Manager of Red Hat Enterprise Linux operating systems is related to the lack of RPM signature verification of subsection binding before importing them. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges A...
ROS-20240409-17
Vulnerability of linebytessplit function src/split.c of GNU Core Utilities GNU Coreutils is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240408-19
A vulnerability in the file include/logging/RightsLogFormatter.php of a software tool for implementing the MediaWiki hypertext environment is related to incorrect input neutralization during the creation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240408-10
GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...
ROS-20240408-03
Vulnerability of derivatespatiallumavectorprediction function of h.265 Libde265 video codec implementation is related to with the ability to write beyond buffer boundaries in memory. Exploiting the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity an...
ROS-20240405-05
A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...
ROS-20240404-18
Vulnerability in the OpenVAS database management system's OpenVAS scanning and vulnerability management tool MariaDB is associated with uncontrolled resource consumption when connecting to ports 3306 and 4567. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a...
ROS-20240329-22
Vulnerability in the Heerces C++ library of the BigFix Platform IT hardware co-management platform is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, to execute arbitrary code by sending a specially crafted HTTP request...
ROS-20240329-23
The vulnerability in the interface of Zabbix universal monitoring system is related to insufficient input data validation when processing the URL field of Maps element. data when processing the URL field of the Maps element. Exploitation of the vulnerability could allow an attacker, acting...
ROS-2-1439
2.1439 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-804
2.804 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...
ROS-2-1188
2.1188 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...
ROS-20240226-01
A vulnerability in the mustmkdirandopenwithperms function of the snap-confine utility is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker to escalate privileges or execute arbitrary code...
ROS-20240201-01
Vulnerability of XTerm terminal emulator is related to failure to clean input data. Exploitation exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause denial of service Vulnerability in the ReGIS vector graphics...
ROS-20231114-02
Vulnerability of XIChangeDeviceProperty Xi/xiproperty.c and RRChangeOutputProperty functions randr/rrrproperty.c of X Window System Xorg-server is related to the possibility of writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cau...
ROS-20231110-01
A vulnerability in the smbd library of the Samba networking software package is related to an incorrect restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service Vulnerability in the...
ROS-20231020-02
A vulnerability in the Nextcloud calendar application for cloud-based software for creating and Nextcloud data storage software is related to the server's lack of pre-checks for strings of any length as an email address. of any length as an e-mail address. Exploitation of the vulnerability could...
ROS-20231016-02
Vulnerability of libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special format video data. when processing certain special-format video data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20230918-01
GIFLIB GIF handling library vulnerability is related to a bug in the DumpScreen2RGB function in the gif2rgb.c:298:45. Exploitation of the vulnerability could allow an attacker acting remotely to cause a a heap buffer overflow. A vulnerability in the GIF library for handling GIF files GIFLIB is...
ROS-20230915-12
A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to keys that are not explicitly authorized by the ACL configuration...
ROS-2-568
2.568 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-857
2.857 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-583
2.583 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...
ROS-20230417-03
Vulnerability in ImageMagick graphic editor is related to improper management of internal resources within the application when parsing SVG files. within the application when parsing SVG files. Exploitation of the vulnerability could allow an attacker, acting remotely, to pass a specially crafted...
ROS-20230317-02
Squid vulnerability related to a bug in libntlmauth due to improper integer overflow protection integer overflow protection in Squid SSPI and SMB authentication helpers. Exploitation of the vulnerability could allow an attacker, acting remotely to disclose information or cause a denial of service...
ROS-20221025-02
A vulnerability in the Redis database management system DBMS is associated with the sigsegvHandler function of the debug.c file of the Crash Report component. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20220721-02
A vulnerability in the Harfbuzz text conversion library involves an integer overflow in the hb-ot-shape-fallback.cc file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause the applicatio...
ROS-20220530-02
Vulnerabilities in the Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck components of the PostgreSQL database management system are related to a maintenance error in one component. pgamcheck components of PostgreSQL database management system are related to...
ROS-2-667
2.667 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...
ROS-2-457
2.457 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...
ROS-2-1008
2.1008 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-615
2.615 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-977
2.977 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...
ROS-2-532
2.532 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-642
2.642 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...
ROS-2-483
2.483 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1180
2.1180 Buffer Overflow in Python3 CVE-2021-3177 1. Vulnerability Description: CVE-2021-3177 The vulnerability is capable of causing code execution when processing unchecked floating point numbers in handlers that call C functions using the ctypes mechanism. 2. Possible measures to eliminate the...
ROS-2-644
2.644 Denial of Service in Open vSwitch CVE-2020-35498 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01134 2. Possible measures to...
ROS-2-879
2.879 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...
ROS-2-441
2.441 Vulnerability in Curl CVE-2020-8177 1. Vulnerability Description: The vulnerability allows a local file on the system to be overwritten when accessing an attacker-controlled server. The problem only occurs when the "-J" "--remote-header-name" and "-i" "--head" options are used...
ROS-2-453
2.453 Buffer Overflow in Python3 CVE-2021-3177 1. Vulnerability Description: CVE-2021-3177 The vulnerability is capable of causing code execution when processing unchecked floating point numbers in handlers that call C functions using the ctypes mechanism. 2. Possible measures to eliminate the...
ROS-2-1342
2.1342 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-628
2.628 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...
ROS-2-919
2.919 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-591
2.591 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-20260524-73-0054
Vulnerability in nextcloud related to the use of dangerous methods or features. Exploitation of the vulnerability could allow an attacker to directly access the memory of a computing device to which thunderbolt-enabled devices are connected...
ROS-20260508-73-0014
Vulnerability in nodejs-minimatch related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...