8219 matches found
ROS-20250424-34
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250421-01
Vulnerability of the vmfaultt vasmmapfault function of the arch/powerpc/platforms/book3s/vas-api.c module of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...
ROS-20250417-03
The Jenkins Automation Server vulnerability is related to the fact that the vulnerable plugin does not edit encrypted secret values when accessing config.xml of agents via REST API or CLI. Exploitation of the vulnerability could Allow an attacker acting remotely to gain access to potentially...
ROS-20250403-04
A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...
ROS-20250403-12
OpenSearch software package vulnerability related to out-of-bounds memory reads. Exploitation of the vulnerability could allow an attacker to obtain sensitive data...
ROS-20250402-08
The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the application allows the use of entity aliases mapped to a single resource with the same alias name. Exploitation of the vulnerability could allow an attacker actin...
ROS-20250312-01
The vulnerability of thejd drm/amd/display component of the Linux kernel is related to incorrect verification of the input data in the calculatettucursor function in the drivers/gpu/drm/amd/display/dc/dml/dcn21/displayrqdlgcalc21.c, in the calculatettucursor function in the...
ROS-20250311-03
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250226-13
The Eclipse Jetty servlet container vulnerability is due to the application not properly controlling the internal resource consumption in the ThreadLimitHandler.getRemote function. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250226-05
A vulnerability in AMD processors is associated with improper access control in System Management Mode SMM. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20250226-06
A vulnerability in python-multipart, a streaming multi-component parser for Python, is related to the fact that the application generates redundant log entries when parsing form data. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...
ROS-20250226-03
Vulnerability of MongoDB database management system is related to incorrect consistency checking in the input data during index processing with PrepareUnique parameter. input data during index processing with PrepareUnique parameter. Exploitation of the vulnerability could allow an attacker actin...
ROS-20250131-01
A vulnerability in the f2fs component of the Linux operating system kernel is related to improper error handling in the f2fsmarkinodedirtysync function in f2fs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsi component of...
ROS-20250418-01
A vulnerability in the gui/util/qktxhandler.cpp component of the KTX image processing module of the cross-platform Qt software development framework is related to a buffer overrun. Qt software development framework is related to an operation exceeding buffer boundaries in memory. memory...
ROS-20250121-07
Vulnerability of ECMP dissector of computer network traffic analyzer Wireshark is related to insufficient inadequate validation of user input. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in FiveCo RAP dissector of Wireshark computer network...
ROS-20250121-08
Vulnerability of Asterisk management systems is related to improper access restrictions for users with the the "write=originate" role. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges on the system...
ROS-20250120-01
Vulnerability of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers of operating systems Windows is related to leaked video frames from different sources. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information...
ROS-20250114-10
Vulnerability in the animation control and synchronization handler on web pages of Mozilla Firefox browsers, Firefox ESR is related to the possibility of memory usage after its release. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting it into...
ROS-20250114-14
A vulnerability in the compress component of the Linux operating system kernel is related to incorrect blocking in the f2fsreleasecompressblocks and f2fsreservecompressblocks functions in f2fs/file.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...
ROS-20250110-09
Vulnerability in Erlang programming language OTP library set is related to incorrect certificate validation. certificate. Exploitation of the vulnerability allows an attacker acting remotely to perform a MitM attack...
ROS-20241211-04
CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...
ROS-20241209-02
A vulnerability in some IntelR TDX modules is related to improper input validation. Exploitation of the vulnerability could allow a privileged attacker to potentially escalate privileges through local access. Vulnerability related to processor instruction sequencing causes unexpected behavior on...
ROS-20241209-04
A vulnerability in the JavaScript library for securely cleaning and protecting DOMPurify HTML code is related to flaws in the validation of input data containing signs of an XSS attack. Exploitation of the vulnerability could Allow a remote attacker to perform a cross-site scripted attack...
ROS-20241017-16
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-14
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241015-17
A vulnerability in the Networking component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect authorization. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity ...
ROS-20241001-08
Vulnerability of SPRT dissector of Wireshark computer network traffic analyzer related to access to an uninitialized pointer. uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service via packet injection or a specially crafted capture...
ROS-20240911-22
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
ROS-20240826-26
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...
ROS-20240820-12
A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...
ROS-20240820-06
The aiohttp HTTP client vulnerability is related to flaws in HTTP request processing. Exploitation of the vulnerability could allow an attacker acting remotely to perform an "HTTP request smuggling" attack...
ROS-20240816-14
A vulnerability in the phardirread function of the PHP interpreter is caused by a buffer overflow on the stack. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Vulnerability in PHP programming language interpreter is related to incorrect restriction of XM...
ROS-20240816-15
A vulnerability in the PHP programming language interpreter is related to the erroneous handling of cookies due to the replacement of spaces, dots, and open square brackets with underscores. as a result of replacing spaces, periods and open square brackets with underscores. Exploitation...
ROS-20240730-18
A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...
ROS-20240529-05
A vulnerability in the ImageIO component of the Oracle Java SE software platform and the Oracle GraalVM Virtual Machine Enterprise Edition is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a partial denial of service Vulnerability i...
ROS-20240521-10
A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...
ROS-2-1021
2.1021 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-779
2.779 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the extension of the validity of the previously obtained FSTEC of Russia Certificate of Conformity No. 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You ca...
ROS-2-1694
2.1694 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...
ROS-2-1759
2.1759 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1611
2.1611 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-2-1734
2.1734 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...
ROS-2-1519
2.1519 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...
ROS-2-1663
2.1663 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
ROS-2-1752
2.1752 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-1029
2.1029 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-753
2.753 Notification of Update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...
ROS-2-356
2.356 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-412
2.412 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technic...
ROS-2-1552
2.1552 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...