8215 matches found
ROS-20250430-09
VBI libzvbi VBI capture and decode library vulnerability is related to an integer overflow in the vbicapturesimloadcaption function in src/io-sim.c. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system VBI capture and decode...
ROS-20250430-01
A vulnerability in the BusyBox set of command line utilities is related to a post-release usage error in the awk applet. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system The BusyBox command line utility set vulnerability is related to a NUL...
ROS-20250424-02
The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20250417-07
Exim mail server vulnerability is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20250403-05
A vulnerability in the Media component of the Google Chrome browser is related to memory usage after it is released. after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page V8 JavaScript scrip...
ROS-20250403-06
A vulnerability in the InnoDB component of the Oracle MySQL Server database management system is related to a flaw in the authorization procedure as a result of incorrect input data validation. authorization procedure as a result of incorrect input data verification. Exploitation of the...
ROS-20250403-10
Vulnerability in the Rack::Static class of the modular interface between web servers and Rack web applications is related to with errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected informat...
ROS-20250403-01
A vulnerability in the lookup function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the doProlog function of the xmlparse.c file of the Expat...
ROS-20250326-06
A vulnerability in the Twisted Web component of the Twisted networking framework is related to insufficient input data validation when processing HTTP headers. data when processing HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20250219-07
The vulnerability in the Apache Commons IO library is due to the fact that the application does not properly control the internal resource consumption when processing unreliable input data passed to the class org.apache.commons.io.input.XmlStreamReader. Exploitation of the vulnerability could all...
ROS-20250219-01
A vulnerability in Intel Xeon processors is related to a bug in hardware logic. Exploitation of the vulnerability could allow an attacker to cause a denial of service Intel Xeon processor vulnerability is related to incorrect error handling in Intel SGX. Exploitation exploitation of the...
ROS-20250214-03
The vulnerability in Intel Xeon processors is related to incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX. Intel Xeon processor memory controller configurations when using Intel SGX. Exploitation exploitation of the vulnerability cou...
ROS-20250212-08
A vulnerability in the Python toolkit dnspython is related to insufficient validation of user input in the Tudoor mechanism. user input in the Tudoor mechanism. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250205-01
A vulnerability in the net/mlx5 components of the Linux operating system kernel is related to errors in accessing statistics of of commands after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the platform/surface...
ROS-20250128-06
A vulnerability in the convertfromstr function of the numpy.core component of the NumPy for Python module is related to an incorrect string comparison. Exploitation of the vulnerability could allow an attacker acting remotely to initiate a copy. remotely to initiate data copying using specially...
ROS-20250127-02
A vulnerability in the Phone Book Access component of the Bluetooth protocol stack for Linux BlueZ is related to a buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code Vulnerability in the Bluetooth technology stack for...
ROS-20250123-01
Vulnerability of RDMA/restrack components of Linux operating system kernel is related to incorrect verification of the input data in the rdmarestrackinit and type2str functions in drivers/infiniband/core/restrack.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...
ROS-20250121-11
A vulnerability in the QTextLayout component of the cross-platform software development framework Qt is related to buffer copying without input validation. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted file SVG A...
ROS-20250117-05
A vulnerability in the URL Handler component of the Tornado asynchronous networking library is related to URL redirection to an untrusted site. Exploitation of the vulnerability could allow an attacker acting remotely redirect a user to an arbitrary website and conduct a phishing attack...
ROS-20250110-11
A vulnerability in the Action Pack framework of the Ruby on Rails software platform is related to incorrect validation of the of input data. Exploitation of the vulnerability could allow a remote attacker to bypass certain security restrictions. certain security restrictions...
ROS-20241216-08
A vulnerability in the authstartsession function of the XRDP server is related to session restriction bypass. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20241029-12
A vulnerability in the Podman OCI container management and startup software tool is related to bugs in the option bind-propagation of the Dockerfile RUN --mount instruction. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...
ROS-20241029-14
The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...
ROS-20240927-08
A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...
ROS-20240911-18
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
ROS-20240607-07
Vulnerability of system views pgstatsext, pgstatsextexprs of PostgreSQL DBMS is related to privilege management errors in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges...
ROS-20240328-18
A vulnerability in Apache Tomcat application server is related to URL redirection to an untrusted site. Exploitation of the vulnerability could allow a remote attacker to redirect a user to an arbitrary URL. arbitrary URL...
ROS-20240402-19
A vulnerability in the VMware Tools suite for Windows operating systems is related to a flaw in the authorization procedure. of authorization. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges VMware Tools s utility suite vulnerability is relate...
ROS-20240322-03
Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...
ROS-2-1652
2.1652 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1605
2.1605 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-2162
2.2162 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-1025
2.1025 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1071
2.1071 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01 You can contact the technic...
ROS-2-1080
2.1080 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1109
2.1109 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-381
2.381 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-411
2.411 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1073
2.1073 Notification on the update of the Red OS OPERATION SYSTEM MIS update RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact th...
ROS-2-1977
2.1977 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-2-730
2.730 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-727
2.727 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-1452
2.1452 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...
ROS-2-1118
2.1118 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-2146
2.2146 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1887
2.1887 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1791
2.1791 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
ROS-2-1699
2.1699 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...
ROS-2-2157
2.2157 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-2039
2.2039 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...