8110 matches found
ROS-20250710-12
A vulnerability in the Libexif library for grammar parsing EXIF files is related to an optimization of the compiler optimization that removes buffer overflow protection in libexif. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code on the target...
ROS-20250707-06
Vulnerability of the sudo system administration program is related to insufficient implementation of security measures when running sudo with the -h option --host. security measures when sudo is run with the -h --host option. Exploiting the vulnerability could allow an attacker to elevate their...
ROS-20250707-03
A vulnerability in the Portainer container management platform is related to the transmission of HTTP headers to the registry. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
ROS-20250707-01
A vulnerability in the Konsole terminal emulator of the KDE desktop environment is related to the implementation of an incorrect control flow when processing telnet://, rlogin:// and ssh:// URLs. control flow when handling telnet://, rlogin:// and ssh:// URLs. Exploitation of the vulnerability...
ROS-20250703-03
A vulnerability in the pgAdmin 4 database management tool is related to improper data cleanup, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
ROS-20250703-06
A vulnerability in the mpmathify function of the mpmath library of the Python programming language interpreter is related to the unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ReDos. remotely to cause a deni...
ROS-20250625-08
Vulnerability in DecodeConfig component of Golang programming language is related to race condition of symbolic links when using os.RemoveAll. Exploitation of the vulnerability could allow an attacker, acting remotely, to remove arbitrary directories...
ROS-20250624-02
Vulnerability in OpenSearch software package related to lack of Markdown cleanup on header or footer previews header or footer preview. Exploitation of the vulnerability could allow an attacker to, execute arbitrary code...
ROS-20250619-08
The h11 library vulnerability is related to flaws in HTTP request processing. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information. of protected information...
ROS-20250619-09
The vulnerability in the Golang programming language is related to input validation errors when processing directory traversal sequences in file names. Exploitation of the vulnerability could allow an attacker to perform directory traversal attacks...
ROS-20250616-15
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-20
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-03
A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to insufficient insufficient validation of data provided by an attacker in Rack::CommonLogger. Exploitation of the vulnerability could Allow an attacker acting remotely to manipulate data log entr...
ROS-2-120
2.120 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-17
2.17 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-20
2.20 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-346
2.346 Notification on update of the Red OS OPERATION SYSTEM MIS RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standa...
ROS-2-216
2.216 Notification on updating of the Red OS OPERATION SYSTEM MIS RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-108
2.108 Notification on update of the RDE OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...
ROS-2-160
2.160 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-374
2.374 Notification on update of the Red OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...
ROS-20250505-11
The Redis database management system DBMS vulnerability is related to improper management of internal resources in the application when processing output buffers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250505-07
Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...
ROS-20250424-13
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250417-07
Exim mail server vulnerability is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20250403-10
Vulnerability in the Rack::Static class of the modular interface between web servers and Rack web applications is related to with errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected informat...
ROS-20250403-06
A vulnerability in the InnoDB component of the Oracle MySQL Server database management system is related to a flaw in the authorization procedure as a result of incorrect input data validation. authorization procedure as a result of incorrect input data verification. Exploitation of the...
ROS-20250326-06
A vulnerability in the Twisted Web component of the Twisted networking framework is related to insufficient input data validation when processing HTTP headers. data when processing HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250326-09
Ruby interpreter vulnerability is related to a hidden time channel Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...
ROS-20250319-01
A vulnerability in the net component of the Linux operating system kernel is related to a reachability assertion in the inetaccept function in net/ipv4/afinet.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20250312-01
The vulnerability of thejd drm/amd/display component of the Linux kernel is related to incorrect verification of the input data in the calculatettucursor function in the drivers/gpu/drm/amd/display/dc/dml/dcn21/displayrqdlgcalc21.c, in the calculatettucursor function in the...
ROS-20250307-07
A vulnerability in the OVN Open Virtual Network abstraction support system is related to bypassing the output access control lists ACLs in OVN deployments using crafted UDP packets. Exploitation The vulnerability could allow an attacker acting remotely to gain unauthorized access to the Virtual...
ROS-20250219-01
A vulnerability in Intel Xeon processors is related to a bug in hardware logic. Exploitation of the vulnerability could allow an attacker to cause a denial of service Intel Xeon processor vulnerability is related to incorrect error handling in Intel SGX. Exploitation exploitation of the...
ROS-20250219-07
The vulnerability in the Apache Commons IO library is due to the fact that the application does not properly control the internal resource consumption when processing unreliable input data passed to the class org.apache.commons.io.input.XmlStreamReader. Exploitation of the vulnerability could all...
ROS-20250214-03
The vulnerability in Intel Xeon processors is related to incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX. Intel Xeon processor memory controller configurations when using Intel SGX. Exploitation exploitation of the vulnerability cou...
ROS-20250212-04
A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the consumption of internal resources in werkzeug.formparser.MultiPartParser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250205-01
A vulnerability in the net/mlx5 components of the Linux operating system kernel is related to errors in accessing statistics of of commands after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the platform/surface...
ROS-20250130-01
Linux operating system kernel vulnerability is linked to security configuration errors. Exploitation exploitation of the vulnerability could allow an attacker to bypass the secure boot mechanism and escalate privileges...
ROS-20250128-06
A vulnerability in the convertfromstr function of the numpy.core component of the NumPy for Python module is related to an incorrect string comparison. Exploitation of the vulnerability could allow an attacker acting remotely to initiate a copy. remotely to initiate data copying using specially...
ROS-20250123-01
Vulnerability of RDMA/restrack components of Linux operating system kernel is related to incorrect verification of the input data in the rdmarestrackinit and type2str functions in drivers/infiniband/core/restrack.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...
ROS-20250121-11
A vulnerability in the QTextLayout component of the cross-platform software development framework Qt is related to buffer copying without input validation. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted file SVG A...
ROS-20250115-03
A vulnerability in the ldapescape function of the PHP programming language interpreter is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the dblib and...
ROS-20250109-07
A vulnerability in the Downloads component of Microsoft Edge and Google Chrome browsers is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected information...
ROS-20241216-08
A vulnerability in the authstartsession function of the XRDP server is related to session restriction bypass. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241209-03
A vulnerability in the ntfs-3g utility of the NTFS-3G driver set of the NTFS-3G implementation of the NTFS file system is related to errors in the use of freed memory in ntfsuppercasembs in libntfs-3g/unistr.c. Exploitation of the vulnerability could allow an attacker to potentially cause a file...
ROS-20241029-14
The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...
ROS-20241017-15
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20241017-16
A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...
ROS-20240927-14
A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...
ROS-20240927-08
A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...