8244 matches found
ROS-20240918-11
A vulnerability in the libpcap library's freeaddrinfo function is related to calling freeaddrinfo for the same allocated memory block. same allocated block of memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20240919-03
A vulnerability in the nommu component of the Linux operating system kernel is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm component of the Linux kernel is related to NULL pointer dereferencing...
ROS-20240917-06
A glitch in the sessionlogin.cgi script of the Webmin hosting control panel and web interface for unix-like systems Usermin exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a...
ROS-20240904-09
A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...
ROS-20240904-12
A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240904-02
Vulnerability of Microsoft .NET software platforms and Microsoft software development tools Visual Studio is related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20240902-13
A vulnerability in the Go Getter library is related to a Git update for an existing maliciously modified Git configuration. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240828-02
A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20240827-06
The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...
ROS-20240826-17
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service Vulnerability of...
ROS-20240820-05
A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...
ROS-20240816-06
The vulnerability in OpenVPN software is related to the lack of resource release after the resource expires. the resource's expiration date. Exploitation of the vulnerability could allow an attacker to "save a session" even if the the server has been ordered to disconnect that client...
ROS-20240812-07
Squid proxy server vulnerability is related to uncontrolled resource consumption as a result of filtering and data reduction to an unsafe value when processing HTTP header length. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service by...
ROS-20240806-07
A vulnerability in the Fake Authentication Result Handler component of OpenDKIM DKIM filter software is related to the lack of sequence number verification when deleting fake fields. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity...
ROS-20240731-03
A vulnerability in the MXF file parser of the Gstreamer multimedia framework is related to an operation exceeding the boundaries of a buffer in memory. buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240730-12
Vulnerability in Django web application software platform is related to unrestricted resource allocation. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service DoS. denial of service DoS...
ROS-20240726-02
A vulnerability in the HAProxy server software is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240717-04
Vulnerability in img2txt function of libcaca graphics library is related to division by zero. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...
ROS-20240717-06
A vulnerability in the GnuTLS transport layer security library is related to the disclosure of confidential information to an unauthorized person. information to an unauthorized person. Exploitation of the vulnerability could allow an attacker acting remotely to cause a data breach...
ROS-20240712-03
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a request flow within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementation is...
ROS-20240626-08
A vulnerability in the ISO 9660 Image File Handler component of the libcdio library is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240618-02
Vulnerability in util/gif2rgb.c file of GIFLIB library for working with GIF files is related to memory leakage through a gif file. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...
ROS-20240617-02
A vulnerability in the bgpd/bgpattr.c file of a software tool for implementing network routing on Unix-like FRRouting systems is related to read outside bgpattraigpvalid bounds, as there are no AIGP checks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denia...
ROS-20240611-16
A vulnerability in the gitpython package is related to external git calls without sufficiently cleaning up input arguments. Exploitation of the vulnerability could allow an attacker acting remotely to inject a malicious remote URL into a clone command...
ROS-20240606-02
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...
ROS-20240606-06
A vulnerability in the yajltreeparse function of the YAJL-ruby JSON library is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...
ROS-20240422-08
A vulnerability in the TC flower packet management filter of the software-defined multi-tiered Open vSwitch OvS switch is related to flaws in the handling of exceptional states resulting from an incorrect validation of Geneve packet metadata. incorrect validation of Geneve packet metadata...
ROS-20240418-03
A vulnerability in the underlying authentication system of the Grafana web presentation tool is related to flaws in the authorization mechanism when processing the verifyemailenabled parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass email verification...
ROS-20240410-03
A vulnerability in the Libvirt virtualization management library is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240410-06
The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...
ROS-20240409-09
Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...
ROS-20240408-18
A vulnerability in the makeftpcmd component of the ProFTPD FTP server is related to a single-byte read outside the of the allowed range. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240404-20
A vulnerability in the Vorbis-tools package is related to the conversion of wav files to ogg files. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20240403-04
Vulnerability of onstreamio and dnsstreamcomplete functions of the subsystem of initialization and management of services Systemd is related to not incrementing the reference count for the DnsStream object. Exploitation of the vulnerability could allow a remote intruder to violate the integrity a...
ROS-20240403-06
A vulnerability in the adodbaddslashes function of the adodb library is related to improper authentication. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication...
ROS-20240402-22
Moodle virtual learning environment vulnerability is related to lack of additional comment cleanup Wiki. Exploitation of the vulnerability could allow an attacker acting remotely to perform a cross-site scripting attacks XSS A vulnerability in the Moodle virtual learning environment is related to...
ROS-2-805
2.805 Vulnerability in OpenVPN CVE-2020-11810 1. Vulnerability description: A corrective release of the OpenVPN Virtual Private Networking Package 2.4.9 has been generated. The new version addresses a vulnerability CVE-2020-11810 that allows a client session to be transferred to a new IP address...
ROS-2-1573
2.1573 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
ROS-2-466
2.466 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...
ROS-2-455
2.455 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...
ROS-2-1169
2.1169 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted...
ROS-20230908-08
A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to to override text direction in file names. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct spoofing attacks...
ROS-20230825-06
A vulnerability in the Yasm assembler is related to null pointer dereferencing in /libyasm/intnum.c and /elf/elf.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...
ROS-2-1297
2.1297 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-1319
2.1319 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...
ROS-2-607
2.607 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-907
2.907 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...
ROS-2-858
2.858 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-2-1167
2.1167 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Failure to initialize memory when allocating buffers for pixmaps using the AllocatePixmap call could cause the X client to leak memory contents from the heap when the X...
ROS-2-539
2.539 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...