8181 matches found
ROS-20250130-03
Vulnerability of ma35d1serialprobe function in drivers/tty/serial/ma35d1serial.c module of Nuvoton driver MA35D1 of the Linux operating system kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...
ROS-20250122-02
A vulnerability in the USB component of the Linux kernel is related to incorrect input validation in the usbparseendpoint function in drivers/usb/core/config.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cachefiles component of th...
ROS-20250115-04
A vulnerability in the ldapescape function of the PHP programming language interpreter is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the dblib and...
ROS-20250115-02
A vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird email client is related to improper permission persistence. exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information, to affect the confidentiality of protected informati...
ROS-20250114-07
A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...
ROS-20250110-02
A vulnerability in the Exiv2 media metadata management library is related to a flaw in the use of the assert function. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted image file Vulnerability in the Jp2Image::readMetadata...
ROS-20250110-14
Vulnerability of ServerConfig.PublicKeyCallback function of the library for Go crypto programming language is related to a flaw in the authorization procedure for key processing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...
ROS-20241220-02
A vulnerability in the minimalist console MPEG audio player mpg123 is related to a boundary error inside the libmpg123 when decoding PCM. Exploitation of the vulnerability could allow an attacker acting remotely, to pass specially crafted data to an application, cause corruption in the heap, and...
ROS-20241216-09
Vulnerability in the Automatic ConfigProvider component of Apache Kafka Message Manager is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, disclose protected information...
ROS-20241210-01
A vulnerability in the freerdpimagecopy function of the FreeRDP RDP client is related to reading beyond memory boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to impact the Confidentiality, integrity and availability of protected information FreeRDP RDP clien...
ROS-20241203-14
Squid proxy server vulnerability is related to errors in input data processing. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by sending specially crafted ESI packets. specially crafted ESI packets...
ROS-20241203-01
The Go programming language vulnerability is related to errors in processing special characters "" in the in the context of CSS. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Parse function of the Golang programming...
ROS-20241126-01
Vulnerability of hcilebigsyncestablishedevt function in net/bluetooth/hcievent.c module of Bluetooth protocol implementation in Linux kernel is related to dereferencing of null pointer. of the Linux kernel Bluetooth protocol is related to null pointer dereferencing. Exploitation of the...
ROS-20241121-04
Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is related to...
ROS-20241028-01
Vulnerability in HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to user enumeration when using the LDAP authentication method. Exploitation The vulnerability could allow an attacker acting remotely to impact the integrity of the systems...
ROS-20241015-03
Nomad application orchestrator vulnerability related to improper link resolution before accessing a file. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an attacker to execute arbitrary code...
ROS-20241004-08
A vulnerability in the logitech-hidpp component of the Linux operating system kernel is related to a kernel crash when disconnecting the USB receiver. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20240902-22
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
ROS-20240826-22
Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...
ROS-20240826-25
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...
ROS-20240820-11
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code using a specially crafted w...
ROS-20240820-16
A vulnerability in the filtervar function of the PHP programming language interpreter is related to insufficient data authentication. data authentication. Exploitation of the vulnerability could allow an attacker acting remotely, spoof URLs with erroneous data...
ROS-20240820-15
A vulnerability in the filtervar function of the PHP programming language interpreter is related to insufficient data authentication. data authentication. Exploitation of the vulnerability could allow an attacker acting remotely, spoof URLs with erroneous data...
ROS-20240815-18
Vulnerability in the HTTP/2 protocol implementation of Mozilla Firefox, Firefox ESR and the mail client Thunderbird is related to uncontrolled resource consumption as a result of incorrect limitation on the field block size when processing CONTINUATION frames. field block size when processing...
ROS-20240806-08
A vulnerability in the libnbd library's nbdgetsize function is related to the responses received by the server, a block of larger than 2^63. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240422-11
Vulnerability of net/http and net/http2 libraries of Go programming language in terms of implementation of the HTTP/2 protocol is related to uncontrolled resource consumption as a result of incorrect determination of the end of the HTTP/2 is related to uncontrolled resource consumption as a resul...
ROS-20240718-02
The go-getter library vulnerability of HashiCorp's enterprise information archiving platforms is related to a vulnerability to argument injection when running Git. Exploitation of the vulnerability could allow an attacker, acting remotely, to format the Git URL to inject additional Git arguments...
ROS-20240620-18
Vulnerability in the ReadTIFFImage function of the ImageMagick console graphical editor related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the importmultispectralquantum function of the...
ROS-20240422-10
A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...
ROS-20240514-15
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...
ROS-20240514-06
The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240411-10
A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...
ROS-20240402-18
A vulnerability in the multiprotocol messaging and streaming broker RabbitMQ is related to a HTTP API's lack of restriction on HTTP request body size, which made it vulnerable to very large messages. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20240402-21
Vulnerability of the OpenSC smart card software toolkit and libraries is related to a memory vulnerability during card registration using pkcs15-init. memory vulnerabilities during card registration using pkcs15-init. Exploitation of the vulnerability could allow an attacker to affect the...
ROS-20240322-05
Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...
ROS-20240322-04
Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...
ROS-2-56
2.56 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technica...
ROS-2-1110
2.1110 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1122
2.1122 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-1048
2.1048 Notification on the update of the Red OS OPERATION SYSTEM MIS update RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1702
2.1702 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-379
2.379 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-2-26
2.26 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-2-145
2.145 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01 You can contact the technical...
ROS-2-3
2.3 Notification of the update of the OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-2-192
2.192 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-2-1540
2.1540 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...
ROS-2-415
2.415 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technic...
ROS-2-1081
2.1081 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technica...
ROS-2-1904
2.1904 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...