8283 matches found
ROS-20250311-08
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250307-03
A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browser exists due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate privileges using a specially crafted HTML...
ROS-20250307-07
A vulnerability in the OVN Open Virtual Network abstraction support system is related to bypassing the output access control lists ACLs in OVN deployments using crafted UDP packets. Exploitation The vulnerability could allow an attacker acting remotely to gain unauthorized access to the Virtual...
ROS-20250303-02
Vulnerability in the htmlawed module of the GLPI computer hardware request, incident and inventory system is related to incorrect input validation in /vendor/htmlawed/htmlawed/htmlawed/htmLawedTest.php. Exploitation of the of the vulnerability could allow an attacker acting remotely to inject...
ROS-20250226-04
A vulnerability in the Starlette ASGI web development framework is related to the allocation of unlimited memory. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...
ROS-20250212-04
A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the consumption of internal resources in werkzeug.formparser.MultiPartParser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250130-01
Linux operating system kernel vulnerability is linked to security configuration errors. Exploitation exploitation of the vulnerability could allow an attacker to bypass the secure boot mechanism and escalate privileges...
ROS-20250117-06
A vulnerability in the drm/lima components of the Linux operating system kernel is related to the race condition in the function limaschedtimedoutjob in drivers/gpu/drm/lima/lima/limasched.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A...
ROS-20250115-03
A vulnerability in the ldapescape function of the PHP programming language interpreter is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the dblib and...
ROS-20250113-04
A vulnerability in the usb component of the Linux kernel is related to incorrect locking in the functions freeepfback, uaudiosetvolume, uaudiosetmute and gaudiosetup functions in drivers/usb/gadget/function/uaudio.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...
ROS-20250109-07
A vulnerability in the Downloads component of Microsoft Edge and Google Chrome browsers is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected information...
ROS-20250109-05
Vulnerability in Firefox ESR, Firefox web browsers and Thunderbird email client is related to errors in data type conversion due to enabled autorun private mode. data type conversion errors due to enabled private mode autorun. Exploitation of the vulnerability could allow an attacker acting...
ROS-20241212-22
Vulnerability of addRelatedObjects function of Zabbix universal monitoring system is related to failure to take measures to protect SQL query structure. to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges by...
ROS-20241209-03
A vulnerability in the ntfs-3g utility of the NTFS-3G driver set of the NTFS-3G implementation of the NTFS file system is related to errors in the use of freed memory in ntfsuppercasembs in libntfs-3g/unistr.c. Exploitation of the vulnerability could allow an attacker to potentially cause a file...
ROS-20241029-03
The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...
ROS-20241017-15
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20240927-14
A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...
ROS-20240924-06
A vulnerability in the Garbage Collector component of the Firefox and Firefox ESR browsers and the Thunderbird email client is related to memory release errors in object operations. Thunderbird email client is associated with memory freeing errors when performing operations on objects. Exploitati...
ROS-20240924-05
The vulnerability in Firefox ESR web browsers, Firefox and Thunderbird email client is related to writing beyond the buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Thunderbird email client and Firefox,...
ROS-20240923-08
Vulnerabilities in Mozilla Firefox, Firefox ESR and Thunderbird email client are related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, spoofing attacks Vulnerability in the implementation of the HSTS HTTP Strict Transport Security...
ROS-20240911-19
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
ROS-20240911-17
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
ROS-20240911-20
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
ROS-20240814-06
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of hidden side channels. exploitation of hidden side channels. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected information...
ROS-20240801-05
A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...
ROS-20240730-15
A vulnerability in the dstring.c component of the Debian GNU/Linux operating system cpio package is caused by an integer overflow. overflow. Exploitation of the vulnerability could allow an attacker to cause a stack overflow via a generated file...
ROS-20240729-22
A vulnerability in the packageindex module of the library designed to simplify the packaging of setuptools projects is related to functions used to download packages from URLs, provided by users or obtained from package index servers, are susceptible to code injection. Exploitation of the...
ROS-20240409-18
Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...
ROS-20240402-20
A vulnerability in the Cargo package manager of the Rust programming language is associated with incorrect verification of the of the cryptographic signature. Exploitation of the vulnerability could allow an attacker acting remotely, affect the integrity of protected information via SSH protocol...
ROS-20240322-02
Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...
ROS-2-1044
2.1044 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...
ROS-2-1911
2.1911 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-1031
2.1031 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-1769
2.1769 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1580
2.1580 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-935
2.935 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1079
2.1079 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1046
2.1046 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-1675
2.1675 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1528
2.1528 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...
ROS-2-1141
2.1141 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1099
2.1099 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-773
2.773 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the extension of the validity of the previously obtained FSTEC of Russia Certificate of Conformity No. 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can...
ROS-2-1862
2.1862 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...
ROS-2-1652
2.1652 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1781
2.1781 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1966
2.1966 Multiple vulnerabilities of libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-20231110-03
Vulnerability of the DirSync catlog synchronization mechanism of the Samba networking software package is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker, acting remotely, gain unauthorized access to protected information and increase...
ROS-20231016-07
A vulnerability in the tiff.c file of the ImageMagick console graphics editor is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to force a user to open a specially crafted file, resulting in application crash and denial of servi...
ROS-2-1063
2.1063 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...