8162 matches found
ROS-2-683
2.683 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-1387
2.1387 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-494
2.494 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-837
2.837 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-477
2.477 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-470
2.470 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
ROS-2-968
2.968 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-917
2.917 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...
ROS-2-468
2.468 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...
ROS-2-811
2.811 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...
ROS-2-577
2.577 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...
ROS-2-592
2.592 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...
ROS-20260508-73-0016
A vulnerability in the ngxmailauthauthhttpmodule module of the NGINX Plus and NGINX Open Source HTTP server is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-2-657
2.657 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...
ROS-20250113-05
A vulnerability in the dma-mapping component of the Linux kernel is related to incorrect input validation in the mapbenchmarkioctl function in kernel/dma/mapbenchmark.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the f2fs component of...
ROS-20241121-01
Vulnerability in Moodle virtual learning environment related to excessive data output by application in Messaging error message. Messaging error message. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to confidential information. remotely, to...
ROS-20241101-02
A vulnerability in the vmxnet3 component of the Linux operating system kernel is related to resource management errors in the vmxnet3processxdp function in drivers/net/vmxnet3/vmxnet3xdp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in t...
ROS-20241029-02
A vulnerability in the Action Dispatch component of the Ruby interpreter with the Action Pack extension is related to bugs in the procedures for filtering Action Dispatch request parameters. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...
ROS-20241001-05
A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...
ROS-20240927-05
Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...
ROS-20240916-09
The vulnerability of the x86 HVM Hypercall Handler component of the Xen kernel's x86 HVM hypervisor is related to the ability to freely switch between 64-bit and other system modes. Linux kernel hypervisor is related to the ability to freely switch between 64-bit and other system modes...
ROS-20240911-11
Vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain Unauthorized access to protected information A vulnerability in the libfsimage compone...
ROS-20240909-01
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...
ROS-20240826-04
A vulnerability exists in the Apache Derby database management system due to failure to take measures to to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the database. remotely to gain unauthorized access to t...
ROS-20240826-16
A vulnerability in the Concurrency component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK, and Oracle Java SE software platform is related to insufficient input validation. for JDK and Oracle Java SE software platform is related to insufficient input validation...
ROS-20240815-08
Vulnerability in the ANGLE component of Google Chrome browser is related to out-of-bounds recording. Exploitation of the of the vulnerability could allow an attacker acting remotely to exploit the heap corruption with a a specially crafted HTML page V8 JavaScript script handler V8 vulnerability i...
ROS-20240806-03
A vulnerability in the Java Apache Commons BCEL bytecode processing library is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code...
ROS-20240729-15
A vulnerability in the django.utils.text.Truncator.words function of the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240729-01
Vulnerability in Forms Authentication in Application Server Web Application Examples Apache Tomcat exists due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...
ROS-20240723-03
Vulnerability of Ruby interpreter's Net::FTP class implementation is related to flaws in service data protection using the PASV command. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. remotely, to gain unauthorized...
ROS-20240719-04
A vulnerability in the Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability...
ROS-20240717-05
A vulnerability in the implementation of PKCS1 v1.5, OAEP, and RSASVP standards in the NSS Network Security Services library set is associated with insufficient protection of service data due to time discrepancy. Exploitation of the vulnerability allows an attacker acting remotely to implement th...
ROS-20240709-02
Vulnerability in the tempfile.TemporaryDirectory component of the Python programming language interpreter CPython is related to dereferencing symbolic links while clearing permission-related errors. Exploitation of the vulnerability could allow an attacker to increase their privileges...
ROS-20240702-01
Vulnerabilities in Microsoft Visual Studio software development tool and Microsoft.NET Framework are related to uncontrolled resource consumption. Microsoft.NET Framework is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240626-09
Vulnerability of opj2decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir comman...
ROS-20240625-02
A vulnerability in the lxc-user-nic component of the LXC virtualization system is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the protected information...
ROS-20240611-13
Vulnerability in clone/clonefrom components of Python library for interacting with git repositories GitPython is associated with errors in input processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting a specially crafted URL int...
ROS-20240522-01
A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host system...
ROS-20240508-01
Vulnerability in the Rack module of the Ruby interpreter is related to incorrect implementation of the Ruby programming language of handling invalid URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240503-07
A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240425-02
A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...
ROS-20240425-07
A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...
ROS-20240425-06
A vulnerability in the util-linux package of the Linux operating system is related to incorrect privilege assignment. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to passwords or change a user's clipboard using the setgid command. access to...
ROS-20240410-01
Apache Tomcat application server vulnerability is related to lack of service data protection. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...
ROS-20240408-16
A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...
ROS-20240408-17
Vulnerability in Flask-Security-Too security management tool is related to URL redirection to an untrusted site when processing the "next" request parameter. to an untrusted site when processing the "next" request parameter. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-20240408-13
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240408-02
A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...
ROS-20240402-11
A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...
ROS-20240329-21
Vulnerability of readSeparateTilesIntoBuffer function of LibTIFF library is related to integer overflow on tiff files processing. overflow when processing tiff files. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the...