8110 matches found
ROS-2-1396
2.1396 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-1381
2.1381 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
ROS-2-1776
2.1776 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1547
2.1547 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
ROS-2-1286
2.1286 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1358
2.1358 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-969
2.969 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...
ROS-2-1245
2.1245 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
ROS-2-1530
2.1530 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1576
2.1576 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1382
2.1382 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-504
2.504 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1211
2.1211 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1253
2.1253 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-1535
2.1535 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...
ROS-2-1609
2.1609 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...
ROS-2-852
2.852 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...
ROS-2-1876
2.1876 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-1192
2.1192 Remote Code Execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...
ROS-2-1807
2.1807 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-1273
2.1273 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...
ROS-2-3190
2.3190 Notice of Update for RED OS Operating System “RED SOFT” RU.29926343.02.01-24 OOO “RED SOFT” announces the completion of testing and the release of the updated distribution of RED OS 7.3. To update your copy of RED OS to the latest version, you need to perform a system update using the DNF...
ROS-2-1677
2.1677 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-2-5170
2.5170 Notice of Update for SZI Operating System “RED OS” Due to improvements in quality and corrections of errors, a updated version of the SZI Operating System “RED OS” 7.3 has been released. For inquiries regarding updates to your equipment and obtaining necessary materials, you may contact ou...
ROS-2-1302
2.1302 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-4699
2.4699 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...
ROS-2-696
2.696 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...
ROS-2-697
2.697 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-20260609-73-0008
The vulnerability of the SQL Expressions function on the Grafana monitoring and observation platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain unauthorized access to the platform by sending speciall...
ROS-20260603-73-0002
The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
ROS-20260529-73-0025
The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...
ROS-20260529-73-0008
The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...
ROS-20260529-73-0009
The vulnerability in Portainer-Ce is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20260529-73-0005
The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...
ROS-20260529-73-0017
The vulnerability of the software for interacting with servers via CURL is related to the execution of operations within the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...
ROS-20260526-73-0015
A vulnerability in the registry related to access control weaknesses. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20260525-73-0001
Vulnerability in python-sqlparse related to insufficient control of a resource while it exists. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0028
Vulnerability in vim related to failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...
ROS-20260524-73-0051
Vulnerability in glpi related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260524-73-0052
Vulnerability in glpi related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260524-73-0057
Vulnerability in portainer-ce related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
ROS-20260524-73-0015
A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20260524-73-0053
Vulnerability in nextcloud due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260524-73-0030
Vulnerability in the vim text editor is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to affect the availability of protected information...
ROS-20260520-73-0031
A vulnerability in the WebRTC component of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0013
A vulnerability in the V8 JavaScript script handler of Google Chrome and Microsoft Edge browsers is related to isolated environment access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0030
A vulnerability in the ANGLE library of Google Chrome and Microsoft Edge browsers is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0045
A vulnerability in the Web MIDI device support Web MIDI interface of Google Chrome browsers is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0012
A vulnerability in the WebRTC component of Google Chrome and Microsoft Edge browsers is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0052
A vulnerability in the Dawn component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...