8181 matches found
ROS-20230913-03
A vulnerability in libreswan software is related to a null pointer dereferencing error in the IKEv1 fast mode packets. Exploitation of the vulnerability could allow an attacker, remotely send specially crafted packets to the system and perform a denial-of-service attack. denial-of-service attack...
ROS-20230914-04
A vulnerability in the nasm assembler involves copying to a buffer without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...
ROS-20230913-02
Nextcloud server vulnerability is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to access files within a subfolder of an accessible group folder, even if extended permissions block access to the subfolder. of a group folder, even if...
ROS-20230914-06
Vulnerability of Iperf3 network bandwidth measurement tool is related to integer overflow when processing field lengths. Exploitation of the vulnerability could allow an intruder, acting remotely to cause a denial of service...
ROS-20230914-07
VMware Tools suite vulnerability is related to the ability to bypass SAML token signature. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges by implementing a man-in-the-middle attack. a man-in-the-middle attack...
ROS-20230914-08
GPAC multimedia platform vulnerability is related to integer sign overflow in the filters/muxisom.c:5716:20. Exploitation of the vulnerability could allow an attacker to cause the application to crash. The GPAC multimedia platform vulnerability is related to null pointer dereferencing in function...
ROS-20230915-12
A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to keys that are not explicitly authorized by the ACL configuration...
ROS-20230915-11
A vulnerability in the Base plugin gst-plugins-base of the Gstreamer multimedia framework is related to a buffer overrun during the parsing and decoding of subtitles from SRT files. operation outside the memory buffer when parsing and decoding subtitles from SRT files. Exploitation exploitation o...
ROS-20230915-13
A vulnerability in the symbolic.py component of the Python library for interacting with GitPython git repositories is related to a flaw in the directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected...
ROS-20230915-15
A vulnerability in the mailcap module of the Python programming language interpreter is related to insufficient verification of the of arguments passed to a command. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary command...
ROS-20230914-05
Vulnerability of DjVuLibre library for viewing, creating, editing DjVu files is related to IW44Image.cpp. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by dividing by zero. A vulnerability in the library for viewing, creating,...
ROS-20230911-04
A vulnerability in the GPAC multimedia platform is related to read out of bounds. Exploitation of the vulnerability could allow an attacker to read sensitive information from other memory locations or cause a a glitch...
ROS-20230911-01
A vulnerability in the traffic analysis software Wireshark is related to insufficient validation of user input in the iSCSI dissector. user input to the iSCSI dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, pass specially crafted input data to the applicatio...
ROS-20230911-02
Vulnerability of the KeePass password manager password text field is related to storing credentials in unencrypted form. Exploitation of the vulnerability could allow an attacker acting remotely, to recover the master password in plaintext...
ROS-20230911-07
A vulnerability in the Moodle virtual learning environment is related to insufficient validation of user input data. data, an attacker could send a specially crafted HTTP request and make the application initiate requests to arbitrary systems. Exploitation of the vulnerability could allow an...
ROS-20230911-06
Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity, and availability of protected information...
ROS-20230911-03
A vulnerability in the XMLExternalEntityParserCreate function of the XML parser library libexpat is related to a post-release exploit. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20230911-05
Vulnerability in the document processing, conversion and generation software suite Ghostscript exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by using t...
ROS-20230911-09
A vulnerability in the XML document merge mechanism XInclude of the vector graphics rendering library librsvg is related to incorrect restriction of path name to restricted directory when processing element xi:include. Exploitation of the vulnerability may allow an intruder to gain unauthorized...
ROS-20230911-10
Vulnerability of EmailValidator and URLValidator components of Django web application software platform is related to the use of regular expression with inefficient computational complexity when processing domain name labels in emails and URLs. domain name labels in emails and URLs. Exploitation ...
ROS-20230911-08
Vulnerability of UnRAR file unzipping tool is related to incorrect link resolution before accessing a file "Jump to link". before accessing the file "Follow link". Exploitation of the vulnerability could allow an attacker acting remotely to extract files outside the destination folder using file...
ROS-20230908-06
LibTIFF library vulnerability is related to buffer overflow in Fax3Encode function in libtiff/tiffiffax3.c. Exploitation of the vulnerability could allow a remote attacker to trick a victim into opening a specially crafted file and executing a type of attack. the victim to open a specially crafte...
ROS-20230908-08
A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to to override text direction in file names. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct spoofing attacks...
ROS-20230907-03
The vulnerability in the BIND DNS server is related to a stack buffer overflow when BIND is acting as a "resolver" when the number of recursive queries has reached an acceptable maximum and the server settings have been configured. "resolver", when the number of recursive queries has reached an...
ROS-20230907-02
Vulnerability in the Core component of Oracle VM VirtualBox virtual machine is related to resource release errors resources. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or gain full control of an application using the RDP protocol. arbitrary code or...
ROS-20230907-01
Ghostscript document processing toolkit vulnerability is related to a buffer overflow error in base / gdevdevn.c: 1973 in devnpcxwriterle. buffer overflow in base / gdevdevn.c: 1973 in devnpcxwriterle. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20230908-05
ImageMagick graphics editor vulnerability is related to a memory leak in Magick::Draw. Exploitation The vulnerability could allow an attacker acting remotely to force the application to cause a memory leak and execute a denial-of-service attack...
ROS-20230907-04
Vulnerability of DHcheck, DHcheckex or EVPPKEYparamcheck functions of OpenSSL library is related to using a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Vulnerability of DHcheck,...
ROS-20230908-07
A vulnerability in Firefox browser, Firefox ESR is related to a bug in the calculation of pop-up notification delay. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to grant permissions. Full-screen notification vulnerability in Mozilla Firefox,...
ROS-20230905-02
Vulnerability in the ksmbd module of Linux kernel operating systems is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using the...
ROS-20230905-01
A vulnerability in the Bluetooth permission verification subsystem of the Linux kernel is associated with errors in the processing of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands by sending specially crafted requests...
ROS-20230904-01
The vulnerability of the qfqchangeclass function of the Linux kernel is related to the operation exceeding the buffer boundaries in memory while processing the QFQMINLMAX value. buffer boundaries in memory when processing the QFQMINLMAX value. Exploitation of the vulnerability could allow an...
ROS-20230904-02
Vulnerability of the dojournalend function in the fs/reiserfs/journal.c module of the reiserfs file system of the Linux kernel is related to a buffer overrun. of the Linux operating system is related to a buffer overrun. Exploitation of the vulnerability could allow an attacker to cause a denial ...
ROS-20230830-01
The vulnerability of the Floating Frames component of the LibreOffice office software package is related to flaws in access control. in access control. Exploiting the vulnerability could allow an attacker to perform a spoofing attack using a specially crafted file A vulnerability in the Spreadshe...
ROS-20230825-06
A vulnerability in the Yasm assembler is related to null pointer dereferencing in /libyasm/intnum.c and /elf/elf.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...
ROS-20230824-02
A vulnerability in Git's distributed version control system is related to flaws in the path name limitation to the directory. Exploitation of the vulnerability allows an attacker acting remotely to impact the data integrity using a specially crafted command. The vulnerability in the...
ROS-20230824-01
The Swarm Mode vulnerability of the dockerd daemon of the containerization software tool Moby and the Mirantis Container Runtime runtime is related to the use of the Swarm Mode of the dockerd daemon. Moby container isolation system and Mirantis Container Runtime is related to the use of an insecu...
ROS-20230825-05
The QEMU hardware emulator vulnerability is related to the VNC server, when a client connects to the server, QEMU checks if the current number of connections exceeds a certain threshold, and if so, clears the previous connection, if the previous connection is in the confirmation phase and fails,...
ROS-20230825-04
Redis database management system DBMS vulnerability is related to buffer overflow. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20230825-03
A vulnerability in the Libarchive library is related to the umask call inside archivewritediskposix.c, which changes the umask of the entire process for a very short period of time, this results in a permanent setting of umask 0, which will cause the hidden creation of a directory with permission...
ROS-20230807-01
A vulnerability in the OpenLDAP protocol implementation is related to the failure to take measures to protect the SQL query structure. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity, and availability of protected information by using a specially...
ROS-20230710-01
A vulnerability in Podman software is related to a type mixing error. Exploitation of the vulnerability could allow an attacker acting remotely to send specially crafted data to the application, cause a type-mixing error, and reinterpret the resulting content differently. The Podman software...
ROS-2-1063
2.1063 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-2142
2.2142 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...
ROS-2-1022
2.1022 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-1097
2.1097 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-1120
2.1120 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...
ROS-2-1123
2.1123 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...
ROS-2-1151
2.1151 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...
ROS-2-1159
2.1159 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...