8162 matches found
ROS-20240611-08
A vulnerability in the PushShortPixel function of a program for reading and editing files of multiple graphic formats, ImageMagick, is related to the passing of a specially created TIFF image file to ImageMagick for editing. of the ImageMagick program for reading and editing files of multiple...
ROS-20240606-03
Vulnerability of handlechopping function of Wireshark computer network traffic analyzer is related to a memory handling issue in EditCap. memory handling issue in EditCap. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in MONGO and...
ROS-20240522-04
Vulnerability of OpenSSL cryptographic library is related to the use of non-standard option SSLOPNOTICKET option, in which case the session cache continues to grow indefinitely. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...
ROS-20240426-02
A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240422-02
The pkcs12.serializekeyandcertificates function vulnerability is invoked with both a certificate whose public key which did not match the provided private key, and with a hmachash certificate set PrivateFormat.PKCS12.encryptionbuilder.hmachash..., which may have caused the pointer to be...
ROS-20240410-24
A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...
ROS-20240410-13
A vulnerability in the src/libgit2/revparse.c component of the C Libgit2 implementation of Git methods is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240410-15
A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240408-12
Vulnerability in src/gif.imageio/gifinput.cpp file of OpenImageIO image processing library is related to the ability to write beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240408-10
GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...
ROS-20240408-19
A vulnerability in the file include/logging/RightsLogFormatter.php of a software tool for implementing the MediaWiki hypertext environment is related to incorrect input neutralization during the creation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240405-05
A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...
ROS-20240404-09
A vulnerability in Avahi's local network service discovery system is related to uncontrolled consumption of resources. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20240403-09
Vulnerability of the peekforas4capability function of the software tool for implementing network routing on Unix-like systems FRRouting is related to flaws in the use of the assert function. Unix-like systems FRRouting is related to flaws in using assert function. Exploitation The vulnerability...
ROS-20240402-16
Vulnerability of loadpempkcs7certificates and loadderpkcs7certificates package cryptography functions is related to NULL pointer dereferencing and segment failure. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240401-04
HAProxy server software vulnerability is related to forwarding empty headers Content-Length. Exploitation of the vulnerability could allow an attacker acting remotely to perform an HTTP request smuggling attack. an HTTP request smuggling attack...
ROS-20240329-16
Vulnerability in vim text editor is related to memory usage after it is freed. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vim text editor truncstring vulnerability is related to buffer overflow. Exploitation exploitation of this vulnerability...
ROS-2-804
2.804 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...
ROS-2-903
2.903 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-20231110-02
The vulnerability of the functions EVPEncryptInitex2, EVPDecryptInitex2, EVPCipherInitex2 of the OpenSSL cryptographic library is related to manipulation of the keylen/ivelens argument. OpenSSL library is related to manipulation of the keylen/ivelens argument. Exploitation of the vulnerability...
ROS-20231018-02
The libXpm image file library vulnerability is related to a read error call outside of memory boundaries. outside of memory boundaries. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...
ROS-20231013-03
A vulnerability in the xmlUnlinkNode function in the tree.c file of the libxml2 library is related to a failure of a specific allocated memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20231009-01
PostgreSQL database management system vulnerability is related to the possibility of SQL injection in extensions, that use quoting constructs @extowner@, @extschema@, or @extschema:...@ inside parentheses dollar quoting, '', or "". Exploitation of the vulnerability could allow an attacker acting...
ROS-20230911-10
Vulnerability of EmailValidator and URLValidator components of Django web application software platform is related to the use of regular expression with inefficient computational complexity when processing domain name labels in emails and URLs. domain name labels in emails and URLs. Exploitation ...
ROS-20230824-01
The Swarm Mode vulnerability of the dockerd daemon of the containerization software tool Moby and the Mirantis Container Runtime runtime is related to the use of the Swarm Mode of the dockerd daemon. Moby container isolation system and Mirantis Container Runtime is related to the use of an insecu...
ROS-2-857
2.857 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-20230414-01
A vulnerability in the Ghostscript document processing toolkit is related to a buffer overflow in the BCPEncode, BCPDecode, TBCPEncode and TBCPDecode handlers. BCPEncode, BCPDecode, TBCPEncode and TBCPDecode handlers, in case when the write buffer is underfilled by one byte and then a shielded...
ROS-20230320-01
A vulnerability in the Vim text editor is related to a division by zero error in the scrolldown function in move.c. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial-of-service attack. denial-of-service attack...
ROS-20230117-01
Simple DirectMedia Layer SDL multimedia library vulnerability is related to a memory leak in the function GLESCreateTexture in the render/opengles/SDLrendergles.c file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak and execute a denial of service...
ROS-20221020-01
Vulnerability of the library providing functions for X.509 LibKSBA certificates is related to the integer overflow in the CRL parser. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow and execute...
ROS-20221007-02
Vulnerability of lighttpd web server is related to memory leak in modfastcgi and modscgi modules while processing a large number of incorrect HTTP requests. a large number of malformed HTTP requests. Exploiting the vulnerability could allow an attacker, acting remotely, send multiple invalid HTTP...
ROS-20220929-02
A vulnerability in the Redis database management system DBMS XAUTOCLAIM command implementation is related to an integer overflow during COUNT argument processing. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20220705-01
Caribou on-screen keyboard vulnerability, related to buffer overflow in XkbSetDeviceInfo and SetDeviceIndicators. Exploitation of the vulnerability could allow an attacker, when invoking the functionality of the the on-screen keyboard functionality from the screen keeper, crash libcaribou, crash...
ROS-20220622-01
Vulnerability of the E2fsprogs service utility set is related to a boundary error when processing unreliable input data. Exploitation of the vulnerability could allow an attacker to exploit a specially crafted file system, run an out-of-bounds entry, and execute arbitrary code on the target syste...
ROS-20220516-08
A vulnerability in the libxml2 XML document parsing library is related to an integer overflow in several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted multi-gigabyte XML file to...
ROS-2-895
2.895 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-861
2.861 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-956
2.956 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-684
2.684 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-478
2.478 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-535
2.535 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-500
2.500 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...
ROS-2-824
2.824 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...
ROS-2-702
2.702 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-927
2.927 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-653
2.653 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...
ROS-2-832
2.832 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-2-1217
2.1217 Vulnerability in FreeRDP 1. Vulnerability description: Eight vulnerabilities have been addressed. Five issues can cause a crash or data leak due to reads from areas outside the allocated buffer. One issue results in an integer overflow. Three issues can lead to buffer overflows in the...
ROS-2-1678
2.1678 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...
ROS-2-1171
2.1171 Vulnerability in FreeRDP 1. Vulnerability description: Eight vulnerabilities have been resolved. Five issues can cause a crash or data leak due to reads from areas outside the allocated buffer. One issue results in an integer overflow. Three issues can lead to buffer overflows in the...