ROS-2-574

2.574 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

ROS-2-108

2.108 Notification on update of the RDE OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...

ROS-2-339

2.339 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technica...

ROS-20250513-03

Vulnerability of the afpacket component of the Linux kernel is related to incorrect error handling in packetcurrentframe and vlangettci functions in net/packet/afpacket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mcppinconfget a...

ROS-2-57

2.57 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

ROS-2-1

2.1 Notification on the update of the OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

ROS-2-18

2.18 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

ROS-2-232

2.232 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

ROS-2-166

2.166 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

ROS-2-570

2.570 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

ROS-2-525

2.525 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

ROS-2-193

2.193 Notification on updating of the Red OS OPERATION SYSTEM MIS RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

ROS-2-255

2.255 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

ROS-2-323

2.323 Notification on update of the Red OS OPERATION SYSTEM MIS RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standa...

ROS-2-349

2.349 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

ROS-2-223

2.223 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

ROS-2-491

2.491 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

ROS-20250505-07

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

ROS-20250505-09

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

ROS-20250505-04

The vulnerability of the Zabbix universal monitoring system is related to insufficient cleansing of user data passed via the "groupBy" parameter in include/classes/api/CApiService.php. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL queries in the database...

ROS-20250505-06

A vulnerability in the TLS-crypt-v2 function of the OpenVPN software server is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

ROS-20250505-03

Vulnerability in MySQL Server component is related to improper order of behavior. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250505-31

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

ROS-20250505-11

The Redis database management system DBMS vulnerability is related to improper management of internal resources in the application when processing output buffers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250505-01

The vulnerability in the Golang programming language SSH server is related to the fact that the application does not control internal resources consumption in the ssh packet when working with clients that are slow or do not perform key exchange at all. or do not perform key exchange at all...

ROS-20250505-32

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

ROS-20250505-05

The vulnerability of the Zabbix universal monitoring system is related to insufficient cleansing of user data passed via the "groupBy" parameter in include/classes/api/CApiService.php. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL queries in the database...

ROS-20250505-08

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

ROS-20250505-02

A vulnerability in the Wayland protocol implementation of X.Org XWayland, an implementation of the X Window System X.Org Server Server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise it...

ROS-20250506-01

Vulnerability of net/ipv6 components of Linux operating system kernel is related to memory leak in function ip6negativeadvice in net/ipv6/route.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the can component of the Linux operating...

ROS-20250505-10

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

ROS-20250505-12

A vulnerability in the OpenSSH cryptographic security tool is related to the fact that a challenge is only sent if the the combination of username and public key can be valid for logging in. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data. dat...

ROS-20250430-08

A vulnerability in Nomad Application Orchestrator involves the insertion of sensitive information into a log file. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a client's secret client token...

ROS-20250430-06

A vulnerability in the vim text editor function is related to the execution of shell commands via specially crafted tar archives. created tar archives. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the vim text editor function is relate...

ROS-20250430-15

Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...

ROS-20250430-12

The vulnerability in the PHP programming language interpreter is related to a flaw in header processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request Smuggling attac...

ROS-20250430-01

A vulnerability in the BusyBox set of command line utilities is related to a post-release usage error in the awk applet. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system The BusyBox command line utility set vulnerability is related to a NUL...

ROS-20250430-13

HAProxy server software vulnerability is related to bounds errors in regsub function in src/sample.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

ROS-20250430-14

The vulnerability of ASP.NET Core software platform and Microsoft's software development tool Visual Studio is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250430-10

The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. hidden HTTP request HTTP Request...

ROS-20250430-02

A vulnerability in the libavformat/westwoodvqa.c component of the FFmpeg multimedia library is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service using a specially crafted VQA file FFmpeg multimedia library...

ROS-20250430-04

A vulnerability in the libsoup library of the GNOME GUI is related to an infinite loop when reading WebSocket data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service GNOME GUI libsoup library vulnerability is related to NULL pointer dereferenci...

ROS-20250430-09

VBI libzvbi VBI capture and decode library vulnerability is related to an integer overflow in the vbicapturesimloadcaption function in src/io-sim.c. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system VBI capture and decode...

ROS-20250430-07

A vulnerability in the compiler of the html templating tool jinja is related to a sandbox escape via the attr filter format selection method. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

ROS-20250430-03

A vulnerability in the GPAC multimedia platform is related to a heap buffer overflow in the isomedia/sampledescs.c:1799, in gfisomnewmphadescription in gpac/MP4Box. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the GPAC multimedia platfo...

ROS-20250430-16

The package manager vulnerability for Kubernetes Helm is related to the creation of a diagram file in such a way, that it expands and becomes much larger in uncompressed form. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A package manager...

ROS-20250430-11

The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request...

ROS-20250430-05

Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...

ROS-20250424-14

Vulnerability in Apache Tomcat application server's JNDIRealm module implementation is related to flaws in the authentication mechanism. authentication mechanism. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information. Unauthorized...

ROS-20250424-09

The vulnerability in Google Chrome and Microsoft Edge browsers is related to the possibility of memory usage after a release. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality,...