8181 matches found
ROS-20260113-7312
A vulnerability in the navi10issupportfinegraineddpm function in the drivers/gpu/drm/amd/pm/swsmu/smu11/navi10ppt.c module of the amdpgu driver of the Linux kernel is related to incorrect index calculation. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integri...
ROS-20251203-18
Vulnerability of the cURL server communication software tool is related to errors in the host verification mechanism when using the wolfSSH-based backend. host verification mechanism when using wolfSSH-based backend. Exploitation of the vulnerability could allow an attacker acting remotely to...
ROS-20251202-03
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the Downloa...
ROS-20251201-03
A vulnerability in the Linux kernel NVMe driver is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the nvmetreqcomplete function in the drivers/nvme/target/tcp.c module of the NVMe...
ROS-20251125-09
Apache Tomcat application server vulnerability is related to incorrect resource release. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Apache Tomcat application server vulnerability is associated with failure to take measures to...
ROS-20251125-05
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to authentication bypass using an alternate path or channel in AWS authentication method AWS authentication method. Exploitation of the vulnerability could allow an attacker acting...
ROS-20251125-07
Apache Tomcat application server vulnerability is related to incorrect resource release. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Apache Tomcat application server vulnerability is associated with failure to take measures to...
ROS-20251105-01
A vulnerability in the Apache Log4cxx C++ logging framework is related to the fact that when using the HTMLLayout, logger names are not properly escaped when written to an HTML file. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data A vulnerability...
ROS-20251028-01
A vulnerability in the Webmin hosting control panel CGI request handler is associated with errors in processing input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code with root privileges...
ROS-20250526-04
Vulnerability in Nomad application orchestrator due to ACL policies not using security labels. security labels. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20250526-05
Nomad application orchestrator vulnerability related to the fact that the HTTP search API can expose the names of available CSI plugins. of available CSI plugins. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive information Nomad application...
ROS-20250515-09
A vulnerability in the ReadParams function of the FastCGI protocol implementation of the fcgi2 library fcgi is related to an integer overflow. integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending requests containing special...
ROS-2-19
2.19 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-339
2.339 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technica...
ROS-20250424-33
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250417-06
Vulnerability in moodle virtual learning environment is related to insufficient validation of HTTP request source in the confirmedsesskey. Exploitation of the vulnerability could allow an attacker acting remotely to perform Cross-site request forgery attacks...
ROS-20250417-09
Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird email client of operating systems Windows is related to a post-release usage error in XSLTProcessor. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...
ROS-20250417-01
A vulnerability in the Nextcloud calendar cloud software application for creating and utilizing the Nextcloud Nextcloud data warehouse is related to disclosure of internal website paths when the SMTP server is unavailable. Exploitation of the vulnerability could allow an attacker acting remotely ...
ROS-20250403-09
Apache Tomcat application server vulnerability is related to accepting input path data as an internal point without verification. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information and execute arbitrary code. unauthorized access to...
ROS-20250403-11
Vulnerability in the OpenSearch software package related to calls that utilize an internal underlying Identity Provider IdP rather than other externally configured IdPs. Exploitation of the vulnerability could Allow an attacker to impact data integrity...
ROS-20250326-04
A vulnerability in the Ruby Sinatra web application development framework is related to causing an Open Redirect Attack Attack by inserting an arbitrary address into this header. Exploiting the vulnerability allows an attacker, acting remotely, to gain access to sensitive data...
ROS-20250226-15
A vulnerability in the Netty networking software tool is related to an application attempting to download a file that does not does not exist. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Netty networking software is related to...
ROS-20250214-01
A vulnerability in the Grafana web-based data submission tool is related to the ability to delete pending pending invitations. Exploitation of the vulnerability could allow an attacker acting remotely, modify arbitrary data...
ROS-20250212-11
The Nomad application orchestrator vulnerability is related to improper assignment of privileges in the namespace namespace privileges via unedited workload identification tokens. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive information...
ROS-20250212-02
Open Asset Import Library Assimp 3D model import library vulnerability is related to heap buffer overflow. heap buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of OpenDDDLParser::parseStructure function of 3D models import...
ROS-20250203-15
Vulnerability in Active Support PostgreSQL component of Ruby interpreter is related to insufficient validation of user input in Active Support in Inflector.underscore. user input data in Active Support in Inflector.underscore. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250120-02
Vulnerability of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers of operating systems Windows is related to leaked video frames from different sources. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information...
ROS-20250115-06
A vulnerability in the ocfs2 component of the Linux kernel is related to the dereferencing of a NULL pointer in the ocfs2fillsuper function in fs/ocfs2/super.c, toocfs2trigger, ocfs2dbfrozentrigger and ocfs2journalaccess in fs/ocfs2/journal.c. Exploitation of the vulnerability could allow an...
ROS-20250114-12
A vulnerability in the implementation of the Zstandard compression method of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code provided that a user opens a specially generated archive. by a user opening a special...
ROS-20250114-05
A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250114-09
Vulnerability in the animation control and synchronization handler on web pages of Mozilla Firefox browsers, Firefox ESR is related to the possibility of memory usage after its release. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting it into...
ROS-20241212-24
Vulnerability of addRelatedObjects function of Zabbix universal monitoring system is related to failure to take measures to protect SQL query structure. to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges by...
ROS-20241211-07
CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...
ROS-20241211-11
A vulnerability in the HTTP client library for Python urllib3 is related to the fact that the Prox-Authorization header is not removed during source-to-source redirection when using proxy server support urllib3 with ProxyManager . Exploitation of the vulnerability could allow an attacker acting...
ROS-20241209-05
The vulnerability of Salt's configuration management and remote execution system is related to the fact that the application does not cause a crash when bad column data is detected. Exploitation of the vulnerability could allow an attacker acting remotely to use the default value from state inste...
ROS-20241205-01
The vulnerability of the asm-bug component of the Linux operating system kernel is related to incorrect error handling in arch/arm64/include/asm/asm-bug.h. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the sr component of the...
ROS-20241203-18
An open source RDP server vulnerability is related to ineffective operation of the configuration parameter, that limits the maximum number of login attempts. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20241023-03
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to improper privilege assignment. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate privileges...
ROS-20241021-03
Vulnerability of the tic4xprintcond function of the opcodes/tic4x-dis.c component of the GNU development tool Binutils is related to memory initialization errors. Exploitation of the vulnerability allows an attacker, acting remotely, to gain access to confidential data...
ROS-20241017-10
Dovecot mail server vulnerability is related to unrestricted resource allocation. Exploitation The vulnerability could allow an attacker acting remotely to perform a denial of service...
ROS-20241008-01
Vulnerability in the DWARF Object Handler component of the library for providing access to debugging information DWARF libdwarf is associated with a re-release vulnerability. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a memory leak...
ROS-20241008-02
A vulnerability in the Portainer container management platform is related to an improperly used algorithm encryption algorithm in the AesEncrypt function. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the confidentiality, integrity, and availability of...
ROS-20241004-06
A vulnerability in the ksmbd component of the Linux operating system kernel is related to a link reset after using the opinfo. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20240927-04
A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...
ROS-20240927-15
A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...
ROS-20240918-05
A vulnerability in the net component of the Golang programming language is related to the execution of a loop with an inaccessible exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240904-10
A vulnerability in the Clojure dynamic programming language is related to the deserialization of untrusted data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Clojure dynamic programming language is related to the...
ROS-20240902-21
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20240902-07
A vulnerability in the cpio binary archiver is related to regression when using the command line parameter --no-absolute-filenames. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240902-06
Vulnerability of swfgetstring function of GPAC multimedia platform, is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the gfdashsetupperio...