8162 matches found
ROS-20250616-09
Vulnerability in adodb library is due to improper escaping of query parameter. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL statements...
ROS-20250616-10
The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the software saves confidential information in log files when processing incorrect data using the KVv2 plug-in. processing incorrect data using the KVv2 plug-in...
ROS-20250616-13
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-17
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-15
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-16
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-19
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-18
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-20
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-14
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-12
Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
ROS-20250616-11
A vulnerability in the Moodle virtual learning environment is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. information Vulnerability of moodle virtual learning environment is...
ROS-20250616-03
A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to insufficient insufficient validation of data provided by an attacker in Rack::CommonLogger. Exploitation of the vulnerability could Allow an attacker acting remotely to manipulate data log entr...
ROS-20250609-01
A vulnerability in the DOMDeserializer component of the FasterXML jackson-databind library is related to an incorrect restriction of XML links to external objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct XXE attacks...
ROS-20250602-01
A vulnerability in the Bluetooth component of the Linux kernel is related to a memory leak in the function hcigetrandomaddress in net/bluetooth/hcisync.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the traceeventshist component of the...
ROS-20250529-01
A vulnerability in the phy component of the Linux kernel is related to the dereferencing of a NULL pointer in the spusbphyphyprobe function in drivers/phy/sunplus/phy-sunplus/phy-sunplus-usb2.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability...
ROS-20250528-01
A vulnerability in the acpi component of the Linux kernel is related to the dereferencing of a NULL pointer in the acpiskipsetwakeupaddress function in drivers/acpi/sleep.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the net...
ROS-20250526-07
Google Chrome browser vulnerability involves post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact privacy, integrity and availability of data through the use of a specially crafted HTML page...
ROS-20250526-06
A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the Shamir implementation uses pre-computed table lookups. Exploitation of the vulnerability could allow an attacker to gain access to potentially sensitive information...
ROS-20250526-04
Vulnerability in Nomad application orchestrator due to ACL policies not using security labels. security labels. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20250526-09
Vulnerability of moodle virtual learning environment is related to flaws in permission checking and user capabilities of the user. Exploitation of the vulnerability could allow an attacker acting remotely to access confidential information A vulnerability in the Multi-Factor Authentication...
ROS-20250526-02
Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file...
ROS-20250526-03
Nomad application orchestrator vulnerability related to vulnerability to directory path escaping Distributions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...
ROS-20250526-05
Nomad application orchestrator vulnerability related to the fact that the HTTP search API can expose the names of available CSI plugins. of available CSI plugins. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive information Nomad application...
ROS-20250526-01
A vulnerability in the FSM component of Intel processor firmware is related to the checking of the incorrect conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the RAPL Interface of Intel processor firmware is related to the...
ROS-20250526-08
Vulnerability in the soupheaderparsequalitylist function of the libsoup GUI library GNOME of Linux operating systems is related to a memory leak when parsing a quality list containing elements with all zeros. Exploitation of the vulnerability could allow an attacker acting remotely, gain access t...
ROS-20250522-01
Vulnerability in the scsi component of the Linux operating system kernel is related to a use-after release in the scsihexpandernoderemove function in drivers/scsi/mpt3sas/mpt3sasscsih.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the...
ROS-20250521-01
Vulnerability of drm/v3d components of Linux kernel is related to dereferencing of NULL pointer in the v3dirq and v3dhubirq functions in drivers/gpu/drm/v3d/v3dirq.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the video component of t...
ROS-20250520-01
Vulnerability of v3dirq function in drivers/gpu/drm/v3d/v3dirq.c - driver for Direct Rendering Infrastructure DRI support in Linux kernel is related to code errors. Direct Rendering Infrastructure DRI of the Linux kernel is related to bugs in the code. Exploitation of the vulnerability could allo...
ROS-20250515-12
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-13
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-11
A vulnerability in the RSS Block component of the Moodle virtual learning environment is associated with authorization bypassing through a user-controlled key. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected information A...
ROS-20250515-15
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-14
A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...
ROS-20250515-08
A vulnerability in the Thunderbird email client is related to the presence of multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, when hovering over any attachment, only the the last link. Exploiting this vulnerability allows remote attackers, perform a...
ROS-20250515-10
A vulnerability in Apache Tomcat software is related to insufficient error handling for certain invalid HTTP priority headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Apache Tomcat software vulnerability is related to insufficient...
ROS-20250515-09
A vulnerability in the ReadParams function of the FastCGI protocol implementation of the fcgi2 library fcgi is related to an integer overflow. integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending requests containing special...
ROS-20250515-05
A vulnerability in the Poppler PDF display library is related to a floating-point exception in the PSStack::roll function. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Poppler PDF mapping library is related to improper signature...
ROS-20250515-04
The vulnerability of the docker CLI plugin that extends Buildx build capabilities is related to the fact that the software stores sensitive information in log files. software stores sensitive information in log files. Exploiting the vulnerability could allow an attacker to gain access to sensitiv...
ROS-20250515-07
Vulnerability of RevertAction.Php, ApiFileRevert.Php files of MediaWiki hypertext environment implementation software is related to incorrect permissions saving. MediaWiki hypertext environment is related to incorrect permissions saving. Exploitation of the vulnerability could allow a remote...
ROS-20250515-03
Vulnerability of flacbuffercopy function of libsndfile library is related to reading data outside the buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information and cause a denial of service. unauthorized acces...
ROS-20250515-02
A vulnerability in the PHP Twig template language is due to sandbox security checks not being executed under certain circumstances. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the implemented securit...
ROS-20250515-01
A vulnerability in the PHP Twig template language is due to sandbox security checks not being executed under certain circumstances. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the implemented securit...
ROS-20250515-06
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a request flow within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementation is...
ROS-20250514-01
A vulnerability in the iiosimpledummytriggerh function of driver drivers/iio/dummy/iiosimpledummybuffer.c of the Linux kernel's IIO stub driver support is related to the use of an uninitialized resource. an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain...
ROS-2-35
2.35 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-232
2.232 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...
ROS-2-65
2.65 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-186
2.186 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-442
2.442 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...