8276 matches found
ROS-20260216-73-0033
A vulnerability in the Networking component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access ...
ROS-20260216-73-0034
A vulnerability in the Networking component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access ...
ROS-20260216-73-0039
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause...
ROS-20260216-73-0042
A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause...
ROS-20260209-73-0023
A vulnerability in the Zlib protocol implementation of the MongoDB database management system is related to improper handling of a length parameter mismatch. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...
ROS-20260209-73-0033
A vulnerability in the JWE, JWS, JWT go-jose standards suite implementation package for the Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260205-73-0028
A vulnerability in the crypto, lzo modules of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability may allow an attacker to violate data integrity and also cause a denial of service...
ROS-20260129-73-0063
The vulnerability in the Go programming language is related to a flaw in the authorization procedure. Exploitation of the vulnerability allows an attacker acting remotely to affect the confidentiality and integrity of protected information...
ROS-20260129-73-0074
A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already established network connection, without opening new network connections and without acknowledging the receipt of packets. Exploitation of the vulnerability could allo...
ROS-20260129-73-0046
Vulnerability in nextcloud related to flaws in access to personal information. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
ROS-20260120-7323
A vulnerability in the drivers/net/caif/caifvirtio.c file of the Linux operating system kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260119-7393
A vulnerability in the pcf85063nvmemread function of the drivers/rtc/rtc-pcf85063.c component of the Linux operating system kernel is related to writing beyond buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, violate its integrity, and...
ROS-20260119-7356
A vulnerability in the arpxmitfinish function of the net/ipv4/arp.c module of the Linux kernel IPv4 protocol implementation is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protecte...
ROS-20260114-7322
A vulnerability in the pfifotailenqueue function net/sched/schfifo.c of the Linux operating system kernel is associated with a functionality mismatch according to the specification. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...
ROS-20251223-7315
Vulnerability in php-symfony4 related to the use of non-canonical url-paths for authorization solutions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...
ROS-20251223-7321
A vulnerability in the urllib.parse.urlsplit and urlparse functions of the Python programming language interpreter is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity...
ROS-20251215-7307
A vulnerability in the GNU Wget download manager is related to insufficient server-side request validation. Exploitation of the vulnerability could allow a remote attacker to perform an SSRF, phishing or man-in-the-middle attack...
ROS-20251201-02
A vulnerability in the vfsinode.c component of the Linux kernel is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the llcpsock.c component of the Lin...
ROS-20251128-03
A vulnerability in the Vault access control system and Vault enterprise information archiving platform Enterprise is related to authentication bypass using an alternate path or channel in AWS authentication method. AWS authentication method. Exploitation of the vulnerability could allow an attack...
ROS-20251128-04
Vulnerability of the smb2isvalidoplockbreak function in the fs/smb/client/smb2misc.c module of the SMB client implementation of the Linux kernel is related to the reuse of the previously released SMB protocol client implementation of the Linux kernel is related to the reuse of previously freed...
ROS-20251125-06
A vulnerability in the Moodle virtual learning environment is related to the disclosure of hidden group names to users, who have permission to create events in the calendar. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected...
ROS-20251125-08
Apache Tomcat application server vulnerability is related to incorrect resource release. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Apache Tomcat application server vulnerability is associated with failure to take measures to...
ROS-20251106-05
The bfdselfparseehframe function of the GNU Binutils development tool has a vulnerability related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in GNU Binutils software development to...
ROS-20251105-06
The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...
ROS-20251031-03
A vulnerability in the Apache ActiveMQ software platform is related to the recovery of invalid data in memory data. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by creating an OpenWire class. arbitrary code by creating a class over the OpenWire protoco...
ROS-20251016-04
Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...
ROS-20250822-21
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-23
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250806-13
Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the crypto-elliptic component of the Golang programming language is related to the...
ROS-20250710-09
A vulnerability in the Apache MINA Java network application framework is related to incorrect handling ofjq SSL/TLS closenotify messages, as a result of which the software does not close the connection and keeps the socket open, allowing the client to subsequently receive open socket messages...
ROS-20250703-09
Vulnerability of RoundCube Webmail mail client is related to flaws in deserialization mechanism of from parameter processing. processing the from parameter. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending a specially crafted request...
ROS-20250602-01
A vulnerability in the Bluetooth component of the Linux kernel is related to a memory leak in the function hcigetrandomaddress in net/bluetooth/hcisync.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the traceeventshist component of the...
ROS-20250526-09
Vulnerability of moodle virtual learning environment is related to flaws in permission checking and user capabilities of the user. Exploitation of the vulnerability could allow an attacker acting remotely to access confidential information A vulnerability in the Multi-Factor Authentication...
ROS-20250526-08
Vulnerability in the soupheaderparsequalitylist function of the libsoup GUI library GNOME of Linux operating systems is related to a memory leak when parsing a quality list containing elements with all zeros. Exploitation of the vulnerability could allow an attacker acting remotely, gain access t...
ROS-20250515-12
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-02
A vulnerability in the PHP Twig template language is due to sandbox security checks not being executed under certain circumstances. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the implemented securit...
ROS-2-232
2.232 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-18
2.18 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-2-32
2.32 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-20250506-01
Vulnerability of net/ipv6 components of Linux operating system kernel is related to memory leak in function ip6negativeadvice in net/ipv6/route.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the can component of the Linux operating...
ROS-20250505-03
Vulnerability in MySQL Server component is related to improper order of behavior. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250424-14
Vulnerability in Apache Tomcat application server's JNDIRealm module implementation is related to flaws in the authentication mechanism. authentication mechanism. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information. Unauthorized...
ROS-20250417-11
Vulnerability of the phpseclib cryptographic protocol library is related to insufficient verification of user input data user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250410-01
A vulnerability in the mailbox component of the Linux kernel is related to resource management errors in the bcm2835mboxprobe function in drivers/mailbox/bcm2835-mailbox.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the uvcparseformat...
ROS-20250326-03
The vulnerability in the document-oriented database management system MongoDB is related to bugs in the query analysis of some complex self-referential $lookup subconvectors, leading to sending to the server literal values in expressions for encrypted fields as plaintext instead of encrypted text...
ROS-20250311-03
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-06
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-07
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250303-07
The vulnerability of the ntfsreadmft function in the fs/ntfs3/inode.c module of the Linux kernel is related to the following issues lack of validation of allowed attribute sizes. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of...
ROS-20250303-01
Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the lack of restrictions on authentication attempts. Exploitation of the vulnerability could allow an attacker acting remotely to reset arbitrary passwords...