8215 matches found
ROS-20260524-73-0030
Vulnerability in the vim text editor is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to affect the availability of protected information...
ROS-20260520-73-0055
A vulnerability in the Navigation function of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0011
A vulnerability in the WebAudio component of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0027
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0032
A vulnerability in the CSS component of the Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0034
A vulnerability in the WebGL component of the Google Chrome browser is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0005
A vulnerability in the WebGL component of the Google Chrome browser is related to reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260515-73-0028
A vulnerability in the JavaScript script handler V8 of the Google Chrome and Microsoft Edge browsers is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260513-73-0001
Vulnerability in rubygem-rack related to errors in processing input length parameters. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...
ROS-20260512-73-0019
A vulnerability in the Core component of the Oracle VM VirtualBox virtual machine is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to gain full control over the application...
ROS-20260512-73-0025
A vulnerability in the kernel of the Oracle VM VirtualBox virtualization software tool is related to a flaw in the data protection mechanism. Exploitation of the vulnerability may allow an attacker to bypass existing security mechanisms...
ROS-20260512-73-0023
A vulnerability in the Core component of the Oracle VM VirtualBox virtual machine is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to gain full control over the application...
ROS-20260408-73-0026
A vulnerability in the drivers/soc/qcom/mdtloader.c component of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an intruder to gain unauthorized access to protected information...
ROS-20251203-05
A vulnerability in the Java library for handling Apache Commons Configuration files is related to the fact that, the application does not properly control internal resource consumption when loading a specially crafted configuration file. created configuration file. Exploitation of the vulnerabili...
ROS-20250515-07
Vulnerability of RevertAction.Php, ApiFileRevert.Php files of MediaWiki hypertext environment implementation software is related to incorrect permissions saving. MediaWiki hypertext environment is related to incorrect permissions saving. Exploitation of the vulnerability could allow a remote...
ROS-20250515-08
A vulnerability in the Thunderbird email client is related to the presence of multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, when hovering over any attachment, only the the last link. Exploiting this vulnerability allows remote attackers, perform a...
ROS-2-2
2.2 Notification of the update of the OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-20250314-02
A vulnerability in the wifi component of the Linux operating system kernel is related to an incorrect lock in the function ilpciresume in drivers/net/wireless/intel/iwlegacy/common.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...
ROS-20250303-05
A vulnerability in the Wi-Fi driver rtl8712 of the Linux operating system kernel is related to the use of memory after its after memory has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250128-03
A vulnerability in the Go programming language is related to the fact that the application does not properly control the consumption of internal resources in several Parse functions. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250128-01
A firmware vulnerability in Intel Core Ultra processors is related to improper isolation of shared resources between trusted and untrusted agents. shared resources between trusted and untrusted agents. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20250121-05
A vulnerability in the modsql component of the ProFTPD FTP server is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to elevate his privileges to the root user...
ROS-20241220-01
A vulnerability in the password verification function of the PHP programming language is related to insufficient calculation of the password hash. password hash. Exploitation of the vulnerability allows an attacker to affect data integrity...
ROS-20241211-12
A vulnerability in the RADIUS authentication protocol implementation is related to bypassing the authentication procedure through capture-replay of intercepted messages. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access by forging an authentication...
ROS-20241203-22
The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...
ROS-20241203-11
A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20241203-10
Vulnerability in the IPAuthenticationProvider component of a centralized service for maintaining configuration information and providing distributed synchronization and group services. configuration, naming, providing distributed synchronization and provisioning of group services Apache ZooKeeper...
ROS-20241203-06
Vulnerability of coretable/dynamic module of Moodle virtual learning environment is related to access control flaws in access control. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...
ROS-20241029-01
A vulnerability in the libreswan client plug-in of the NetworkManager network connection management program is related to insufficient checking of key values inside the VPN configuration file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20241029-09
A vulnerability in the plaintextforblockquotenode function of the Ruby interpreter with the Action Text Gem extension is related to the execution of the function for an unexpectedly large amount of time. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial o...
ROS-20241023-06
Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...
ROS-20241023-07
Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...
ROS-20241023-01
A vulnerability in the HAProxy server software is related to the opening of a 0-RTT session with a spoofed IP address. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the the functionality of the allowed/blocked IP address list...
ROS-20241021-05
Vulnerability in Sentry SDK real-time crash reporting software is related to a leak of sensitive cookie values. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20241015-15
A vulnerability in the PHP programming language interpreter exists due to a failure to take measures to neutralize the special elements. Exploitation of the vulnerability could allow an attacker acting remotely to Affect the confidentiality, integrity, and availability of protected information...
ROS-20241008-06
Vulnerability of the XTestSwapFakeInput function of the X Window System X.Org Server implementation, an implementation of the Wayland Wayland protocol for X.Org XWayland is related to writing outside buffer boundaries. Exploitation of the vulnerability allows an attacker acting remotely to gain...
ROS-20240924-01
The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, redirect a user to an arbitrary URL using a specially crafted extension The vulnerability in...
ROS-20240918-09
A vulnerability in the Compositing component of Google Chrome browser is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user's security interface using a specially crafted HTML page. security interface using a specially...
ROS-20240916-03
A vulnerability in the Node.js software platform is related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to disable the validation of the integrity A vulnerability in the APIgenerateKeys function of the Node.js software platform is...
ROS-20240902-02
A vulnerability in the implementation of the INVD processor instruction for virtual machines running on servers with AMD processors is associated with loss or omission of information. AMD processors is associated with information loss or skipping. Exploitation of the vulnerability could allow An...
ROS-20240827-17
Vulnerability in the /api/v1/alerts file of the Prometheus monitoring system component for processing alerts Alertmanager is related to incorrect neutralization of input data during web page generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...
ROS-20240827-19
The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...
ROS-20240826-21
Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...
ROS-20240820-13
A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...
ROS-20240806-18
A vulnerability in the 389 Directory Server is related to the ability of an authenticated user to cause a server crash by changing the userPassword using incorrect input. user to cause a server crash by changing userPassword using incorrect input. Exploitation of the vulnerability could allow an...
ROS-20240806-20
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...
ROS-20240625-05
A vulnerability in Salt's configuration management and remote execution system is related to the catalog traversal. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Salt configuration management and remote Salt operations...
ROS-20240626-16
A vulnerability in the CRI-O container mechanism is related to the creation of a symbolic link pointing to an arbitrary directory or file on the host through directory traversal. an arbitrary directory or file on the host through directory traversal. Exploitation of the vulnerability could allow ...
ROS-20240613-01
A vulnerability in the tlsnewciphertext function of the iPXE network boot standard is related to manipulation of the padlen argument in the src/net/tls.c file of the TLS component. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive information...
ROS-20240611-01
Vulnerability in BSON Handler component of PyMongo client library is related to deserialize incorrect BSON. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive information...