8162 matches found
ROS-2-1662
2.1662 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1642
2.1642 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
ROS-2-1546
2.1546 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-1446
2.1446 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-1168
2.1168 Vulnerability in Curl CVE-2020-8177 1. Vulnerability Description: The vulnerability allows a local file on the system to be overwritten when accessing an attacker-controlled server. The problem only occurs when the "-J" "--remote-header-name" and "-i" "--head" options are used...
ROS-2-891
2.891 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1916
2.1916 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-1711
2.1711 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1814
2.1814 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-481
2.481 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1523
2.1523 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1810
2.1810 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1638
2.1638 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1287
2.1287 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1011
2.1011 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1713
2.1713 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1684
2.1684 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1644
2.1644 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-707
2.707 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1459
2.1459 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...
ROS-2-1865
2.1865 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...
ROS-2-4879
2.4879 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the firewall Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technical suppo...
ROS-2-1918
2.1918 Multiple vulnerabilities of libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-2489
2.2489 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...
ROS-20260608-73-0003
The vulnerability of the ASP.NET Core software platform is related to errors in checking the cryptographic signature. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...
ROS-20260529-73-0016
The vulnerability of the software for interacting with servers via CURL is related to the exposure of information. Exploiting this vulnerability allows a remote attacker to gain access to confidential data through the PASV response...
ROS-20260529-73-0006
The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...
ROS-20260529-73-0014
The vulnerability in openbao is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260529-73-0012
The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise, platforms for archiving corporate information, lies in the ability to bypass authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service interruptions...
ROS-20260526-73-0020
A vulnerability in the libpng library is related to the failure to check for sufficient input pixels when processing the last partial portion in the ARM/AArch64 Neon optimized palette expansion path. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...
ROS-20260524-73-0032
A vulnerability in the vim text editor is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260524-73-0048
Vulnerability in grafana related to a flaw in the authorization procedure. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20260524-73-0018
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...
ROS-20260520-73-0016
A vulnerability in the ANGLE library of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0049
A vulnerability in the WebCodecs component of the Google Chrome web browser is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data or cause a denial of service via a specially crafted HTML...
ROS-20260520-73-0040
A vulnerability in the CSS component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0038
A vulnerability in the WebGPU component of the Google Chrome browser is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0035
A vulnerability in the WebAudio component of Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0018
A vulnerability in the ANGLE library of Google Chrome and Microsoft Edge browsers is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0048
A vulnerability in the JavaScript script handler V8 of the Google Chrome web browser is related to buffer copying without input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0037
A vulnerability in the Fonts component of the Google Chrome browser is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260520-73-0043
A vulnerability in the Codecs component of the Google Chrome browser is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260516-73-0002
A vulnerability in the RxRPC module of the Linux operating system kernel is related to writing outside buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260515-73-0055
A vulnerability in the DevTools component of the Google Chrome browser is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions using a specially crafted HTML page...
ROS-20260515-73-0053
A vulnerability in the Google Chrome browser is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...
ROS-20260515-73-0051
A vulnerability in theWebAppInstalls component of Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface using a specially crafted HTML page...
ROS-20260515-73-0020
A vulnerability in the Google Chrome web browser's DevTools web development toolkit is related to the failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...
ROS-20260515-73-0030
A vulnerability in the WebML component of the Google Chrome browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260515-73-0031
A vulnerability in the WebML component of the Google Chrome browser is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260515-73-0013
Vulnerability in grafana related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges...