8280 matches found
ROS-20260324-73-0035
A vulnerability in the net/netfilter/xtnfacct.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to gain access to sensitive data and cause a denial of service...
ROS-20260324-73-0029
A vulnerability in the net component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260324-73-0015
A vulnerability in the ipv6 component of the Linux operating system kernel is associated with the execution of a loop with an inaccessible exit condition. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260324-73-0011
A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of an uninitialized resource. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...
ROS-20260324-73-0001
A vulnerability in the smb2sesssetup function in the fs/smb/server/smb2pdu.c module of the Linux kernel SMB server support is related to synchronization errors when using a shared resource. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity and...
ROS-20260319-73-0003
A vulnerability in the netsetvlan function of the Network module of the Grub2 operating system loader is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260313-73-0023
A vulnerability in the gsstartio function of the usb component of the Linux operating system kernel is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260313-73-0037
A vulnerability in the htblookupleaf function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260313-73-0012
A vulnerability in the crostypecaltmodework function of the Linux operating system kernel is related to insufficient resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260224-73-0016
Vulnerability in moodle related to lack of element neutralization in csv file. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260209-73-0039
A vulnerability in the Agent component of the Zabbix IT infrastructure monitoring system is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker to gain write access to arbitrary system files in the /home/cecuser directory...
ROS-20260129-73-0022
Vulnerability in ImageMagick related to an operation exceeding buffer boundaries in memory. The vulnerability can be exploited remotely...
ROS-20260120-7307
A vulnerability in the powerpc/code-patching component of the Linux operating system kernel is related to the allocation of unlimited memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20251128-07
Vulnerability of the vhostnewmsg function in the drivers/vhost/vhost.c module of the vhost driver of the Linux kernel is related to incorrect initialization of memory for messages transferred between guests. Linux kernel is related to incorrect memory initialization for messages transferred betwe...
ROS-20251125-09
Apache Tomcat application server vulnerability is related to incorrect resource release. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Apache Tomcat application server vulnerability is associated with failure to take measures to...
ROS-20250929-15
Vulnerability of modssl function of Apache HTTP Server web server is related to flaws in the procedure of authentication procedure when processing the SSLEngine optional parameter. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using the TLS...
ROS-20250717-01
GLPI asset and data center management software vulnerability is related to incorrect access restrictions in the API. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive information...
ROS-20250703-07
A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the libvpx library of the Google Chrome and Microsoft Edge...
ROS-20250630-09
Vulnerability of net/http, x/net/proxy and x/net/http/httpproxy packages of Go programming language is related to incorrect mapping of hosts to proxy server templates. Exploitation of the vulnerability could allow an intruder to affect confidentiality and availability of protected information A...
ROS-20250529-01
A vulnerability in the phy component of the Linux kernel is related to the dereferencing of a NULL pointer in the spusbphyphyprobe function in drivers/phy/sunplus/phy-sunplus/phy-sunplus-usb2.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability...
ROS-2-19
2.19 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-20250409-01
A vulnerability in the NFSD component of the Linux kernel is related to the dereferencing of a NULL pointer in the nfsd4processcbupdate function in fs/nfsd/nfs4callback.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the ALSA compone...
ROS-20250403-02
A vulnerability in the QPDF PDF conversion command line utility is related to the creation of a .pdf file with the PlASCII85Decoder::write parameter in libqpdf. .pdf file with the PlASCII85Decoder::write parameter in libqpdf. Exploitation of the vulnerability could allow an attacker to execute...
ROS-20250402-05
A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Html Sanitizer applications is related to with insufficient cleaning of user-supplied data. Exploitation of the vulnerability could allow An attacker acting remotely could conduct cross-site scripting attacks...
ROS-20250402-03
A vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the possibility of memory usage after release. Thunderbird is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow a...
ROS-20250402-06
Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...
ROS-20250326-02
A vulnerability in the document-oriented MongoDB database management system is related to the lack of authorization checks. authorization checks. Exploitation of the vulnerability could allow a remote intruder gain unauthorized access to protected information...
ROS-20250311-02
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250307-12
Nomad application orchestrator vulnerability related to customization of wildcard namespace usage. namespace. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL policy by allowing reads from other namespaces. ACL policy by allowing reads from other namespaces...
ROS-20250226-15
A vulnerability in the Netty networking software tool is related to an application attempting to download a file that does not does not exist. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Netty networking software is related to...
ROS-20250219-03
A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information A vulnerability in th...
ROS-20250203-13
A vulnerability in the Active Record component of the Ruby on Rails software platform is related to the possibility of injecting SQL code through comments. SQL code through comments. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of...
ROS-20250203-06
A vulnerability in the LibreOffice office suite is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to disclose confidential information LibreOffice office suite vulnerability is related to incorrect path name restriction to a...
ROS-20250130-02
Vulnerability of the nftverdictinit function in the net/netfilter/nftablesapi.c module of the operating system kernel Linux is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of...
ROS-20250128-09
A vulnerability in the Container Storage Interface CSI component of the Nomad application orchestrator is related to an improper authorization. Exploitation of the vulnerability could allow an attacker acting remotely, Affect the integrity of protected information...
ROS-20250127-03
A vulnerability in the drm/lima components of the Linux operating system kernel is related to incorrect calculation in the virtualncidevwrite function in drivers/nfc/virtualncidev.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in an x8...
ROS-20250122-01
A vulnerability in the SUNRPC component of the Linux operating system kernel is related to an incorrect lock in the xsgetsrcport function in net/sunrpc/xprtsock.c, in rpcsysfsxprtsrcaddrshow function in net/sunrpc/sysfs.c. Exploitation of the vulnerability could allow an attacker to cause a denia...
ROS-20250117-01
Exiv2 media metadata management library vulnerability is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...
ROS-20250115-01
A vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird email client is related to improper permission persistence. exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information, to affect the confidentiality of protected informati...
ROS-20250114-08
A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250114-02
LibreOffice office suite vulnerability is related to incorrect cryptographic signature verification. signature. Exploitation of the vulnerability could allow an attacker to create a specially crafted document, which, upon recovery, would report the valid status of the electronic signature A...
ROS-20250114-04
The incognito mode vulnerability in Mozilla Firefox, Firefox ESR browsers is due to the application not properly impose security restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions Incognito mode vulnerability in...
ROS-20241220-04
Vulnerability of ServerConfig.PublicKeyCallback function of the library for Go crypto programming language is related to a flaw in the authorization procedure for key processing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...
ROS-20241218-01
Vulnerability of the kmallocreserve function in the net/core/skbuff.c module of the network subsystem of the Linux kernel is related to integer overflow. Linux kernel subsystem is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20241211-03
CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...
ROS-20241204-01
A vulnerability in the libstub component of the Linux kernel is related to the use of an uninitialized resource in the uninitialized resource in the efifree function in drivers/firmware/efi/libstub/fdt.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of servic...
ROS-20241203-21
The vulnerability of drawio diagramming software is related to improper neutralization of the of special elements used in the OS command. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary commands...
ROS-20241112-09
A vulnerability in the Consul service configuration tool is related to input validation errors when processing catalog traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and read arbitrary files on the system...
ROS-20241112-05
A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to escalate privileges...
ROS-20241107-02
A vulnerability in the x86/mmu components of the Linux operating system kernel is related to incorrect calculations in the kvmtdpmmutrysplithugepages, kvmtdpmmucleardirtyslot, and cleardirtyptmasked functions in the arch/x86/kvm/mmu/tdpmmu.c. Exploitation of the vulnerability could allow an...