8181 matches found
ROS-20251029-01
Gstreamer multimedia framework vulnerability is related to a buffer overflow on the stack. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20251023-01
A vulnerability in the cifscomposemountoptions function of the fs/smb/client/cifsproto.h module of the SMB client support kernel of the Linux operating system is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a...
ROS-20251023-02
Vulnerability of ip6makeskb function of net/ipv6/ip6output.c module of Linux kernel IPv6 protocol implementation is related to the use of uninitialized resource. of Linux operating system is related to the use of an uninitialized resource. Exploitation the vulnerability could allow an attacker to...
ROS-20251014-05
A vulnerability in the interface of the Grafana monitoring and surveillance platform is related to the failure to take measures to protect the web page structure when processing the /swagger endpoint. web page structure when processing the /swagger endpoint. Exploitation of the vulnerability coul...
ROS-20250929-08
Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information A vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is...
ROS-20250925-05
A vulnerability in the NVIDIA GPU Display Driver is related to incorrect authorization authorization. Exploitation of the vulnerability could allow an attacker to gain elevated privileges on the system A vulnerability in the NVIDIA GPU Display Driver software driver is related to an operation tha...
ROS-20250924-06
A vulnerability in the Django web application software platform is related to insufficient cleanup of the user data in FilteredRelation column aliases. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in the database A vulnerability in the...
ROS-20250911-02
Vulnerability of the rterawcksummbuf function of the vhost library of the DPDK suite of libraries and drivers for fast packet processing is related to the operation exceeding the memory buffer boundary while processing the len parameter. DPDK packet processing is related to the operation exceedin...
ROS-20250905-04
A vulnerability in the radosgw daemon of the Ceph data storage system is related to insufficient authentication of the when processing JWT tokens. Exploitation of the vulnerability could allow an intruder acting remotely to bypass the authentication procedure...
ROS-20250822-22
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-09
The vulnerability of the package designed to work with JSON Web Tokens jwt-go is related to incorrect checking of the data when processing data transmitted via m"aud". Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the authentication process...
ROS-20250822-24
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-13
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
ROS-20250819-06
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...
ROS-20250813-07
A vulnerability in the Java dnsjava DNS implementation is related to incorrect response checking during processing of DNS queries. Exploitation of the vulnerability could allow a remote attacker to bypass the implemented security restrictions. enforced security restrictions...
ROS-20250808-03
A vulnerability in the Networking component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to access control weaknesses. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...
ROS-20250807-04
Git distributed version control system vulnerability in software development tools Microsoft Visual Studio is related to the use of an unreliable search path when spell checking of cloned repositories. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when clonin...
ROS-20250806-12
A vulnerability in the mtr network diagnostic tool is related to improper handling of an item specified in the MTRPACKET environment variable. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
ROS-20250806-11
A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of registration data. inadequate protection of login credentials. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to...
ROS-20250804-03
Vulnerability of NCompress::NRar5::CDecoder method of RAR5 decoder of 7-Zip archiver is related to possibility of heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability of NArchive::NCom::CHandler::GetStream metho...
ROS-20250804-04
Vulnerability of the vsockremovesock function of the net/vmwvsock/afvsock.c module of the Linux kernel network functions implementation of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an intruder to affect the...
ROS-20250724-04
The vulnerability of the fstrflocaltime function of the jq functional programming language is related to the use of memory after its release. memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, affect the availability of protected information...
ROS-20250724-01
Vulnerability of amdgpucswaitallfences function in drivers/gpu/drm/amd/amdgpu/amdgpucs.c driver module amdgpu of AMD Radeon video cards in the Linux kernel is related to the reuse of previously released memory due to competitive access to the resource race condition. Exploitation of the...
ROS-20250717-02
Vulnerability of the auxiliary ticket escalation tool in the Escalade GLPI plugin is related to incorrect access controls. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20250710-08
A vulnerability in the OpenWire command handler of the Apache ActiveMQ software platform is related to a lack of control over user input. control over user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted...
ROS-20250710-11
Vulnerability of PropertyUtilsBean class of Apache Commons Beanutils utility is related to flaws in unbundled access to the class loader. Exploitation of the vulnerability could allow an attacker, acting remotely, execute arbitrary code...
ROS-20250707-06
Vulnerability of the sudo system administration program is related to insufficient implementation of security measures when running sudo with the -h option --host. security measures when sudo is run with the -h --host option. Exploiting the vulnerability could allow an attacker to elevate their...
ROS-20250703-02
A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...
ROS-20250624-11
A vulnerability in the Perl data structure to JSON conversion module Cpanel::JSON::XS is related to access beyond the beyond the allocated memory buffer, acting remotely, obtaining sensitive information or cause a denial of service...
ROS-2-197
2.197 Notification on updating of the Anti-Malware Protection System "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need t...
ROS-2-157
2.157 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-395
2.395 Notification on update of the Red OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...
ROS-2-742
2.742 Notification on update of the Red OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...
ROS-2-162
2.162 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-33
2.33 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-36
2.36 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-361
2.361 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-20250505-11
The Redis database management system DBMS vulnerability is related to improper management of internal resources in the application when processing output buffers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250505-07
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
ROS-20250430-08
A vulnerability in Nomad Application Orchestrator involves the insertion of sensitive information into a log file. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a client's secret client token...
ROS-20250424-13
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250326-07
A vulnerability in the snmptrapd daemon of the Zabbix universal monitoring system is related to improper processing of the output data for logs. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface Vulnerability of strbase64encoderfc2047 function...
ROS-20250326-09
Ruby interpreter vulnerability is related to a hidden time channel Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...
ROS-20250319-01
A vulnerability in the net component of the Linux operating system kernel is related to a reachability assertion in the inetaccept function in net/ipv4/afinet.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250311-08
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250307-03
A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browser exists due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate privileges using a specially crafted HTML...
ROS-20250307-07
A vulnerability in the OVN Open Virtual Network abstraction support system is related to bypassing the output access control lists ACLs in OVN deployments using crafted UDP packets. Exploitation The vulnerability could allow an attacker acting remotely to gain unauthorized access to the Virtual...
ROS-20250226-03
Vulnerability of MongoDB database management system is related to incorrect consistency checking in the input data during index processing with PrepareUnique parameter. input data during index processing with PrepareUnique parameter. Exploitation of the vulnerability could allow an attacker actin...
ROS-20250226-04
A vulnerability in the Starlette ASGI web development framework is related to the allocation of unlimited memory. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...
ROS-20250226-06
A vulnerability in python-multipart, a streaming multi-component parser for Python, is related to the fact that the application generates redundant log entries when parsing form data. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...