ROS-2-131

2.131 Notification on update of the RAND OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

ROS-2-343

2.343 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technica...

ROS-2-555

2.555 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-2144

2.2144 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-2022

2.2022 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-2134

2.2134 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-1209

2.1209 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-1482

2.1482 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-1063

2.1063 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

ROS-2-128

2.128 Notification on the update of OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

ROS-2-1565

2.1565 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-1516

2.1516 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

ROS-2-1484

2.1484 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

ROS-2-1745

2.1745 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

ROS-2-2226

2.2226 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

ROS-2-1710

2.1710 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

ROS-2-505

2.505 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

ROS-2-1500

2.1500 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

ROS-2-1250

2.1250 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

ROS-2-599

2.599 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

ROS-2-1545

2.1545 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

ROS-2-2191

2.2191 Remote Code Execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in Web Render components and could potentially be exploited for malicious code execution.IDENT of the Information Security Threat Data Bank of the FSTEC of...

ROS-2-543

2.543 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

ROS-2-2028

2.2028 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

ROS-2-1334

2.1334 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

ROS-2-1501

2.1501 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

ROS-2-1701

2.1701 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

ROS-2-1349

2.1349 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

ROS-2-1445

2.1445 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

ROS-2-568

2.568 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

ROS-2-1176

2.1176 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

ROS-2-1165

2.1165 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in...

ROS-2-1174

2.1174 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

ROS-2-1172

2.1172 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

ROS-2-1097

2.1097 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

ROS-2-1090

2.1090 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

ROS-2-1022

2.1022 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

ROS-2-1151

2.1151 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

ROS-2-201

2.201 Notification on Update of the Anti-Malware Protection System "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your...

ROS-2-2039

2.2039 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-932

2.932 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

ROS-2-2157

2.2157 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-1809

2.1809 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-533

2.533 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-1133

2.1133 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

ROS-2-1100

2.1100 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

ROS-2-1223

2.1223 Vulnerability in OpenVPN CVE-2020-11810 1. Vulnerability Description: A corrective release of the OpenVPN 2.4.9 virtual private networking package has been generated. The new version addresses a vulnerability CVE-2020-11810 that allows a client session to be transferred to a new IP address...

ROS-2-907

2.907 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

ROS-2-1313

2.1313 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

ROS-2-999

2.999 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...