Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2024/03/13 12:0 a.m.•37 views

ROS-2-1005

2.1005 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/02/02 12:0 a.m.•37 views

ROS-20230920-01

Vulnerability of winbinddpamauthcrap.c component of Samba networking software package is related to operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in SMB2 packet signing...

7.5CVSS7.4AI score0.62606EPSS
Exploits0
Redos
Redos
•added 2023/10/16 12:0 a.m.•37 views

ROS-20231016-04

A vulnerability in the VP8 encoding function of the libvpx library in Google Chrome browser is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker, remotely execute arbitrary code when a user opens a speciall...

8.8CVSS8.2AI score0.49013EPSS
Exploits3
Redos
Redos
•added 2023/09/18 12:0 a.m.•37 views

ROS-20230915-15

A vulnerability in the mailcap module of the Python programming language interpreter is related to insufficient verification of the of arguments passed to a command. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary command...

8CVSS7.6AI score0.07017EPSS
Exploits1
Redos
Redos
•added 2023/09/08 12:0 a.m.•37 views

ROS-20230907-04

Vulnerability of DHcheck, DHcheckex or EVPPKEYparamcheck functions of OpenSSL library is related to using a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Vulnerability of DHcheck,...

5.3CVSS5.9AI score0.05533EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•37 views

ROS-20230825-05

The QEMU hardware emulator vulnerability is related to the VNC server, when a client connects to the server, QEMU checks if the current number of connections exceeds a certain threshold, and if so, clears the previous connection, if the previous connection is in the confirmation phase and fails,...

7.5CVSS6.7AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•37 views

ROS-2-599

2.599 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•37 views

ROS-2-507

2.507 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS8.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/01/24 12:0 a.m.•37 views

ROS-20230124-02

Vim text editor vulnerability is related to an incorrect memory access error with collapsing and using "L" in the src/normal.c function. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a buffer overflow and denial of service...

7.8CVSS7.8AI score0.00467EPSS
Exploits1
Redos
Redos
•added 2022/12/16 12:0 a.m.•37 views

ROS-20221216-01

A vulnerability in the libarchive archiving library is related to the lack of error checking after the call to the calloc function, which may return with a NULL pointer in case of a function crash, resulting in a NULL pointer dereference. resultant dereferencing of the NULL pointer. Exploitation ...

9.8CVSS8.8AI score0.01936EPSS
Exploits0
Redos
Redos
•added 2022/03/24 12:0 a.m.•37 views

ROS-20220324-01

Vulnerability of cgroupreleaseagentwrite function kernel/cgroup/cgroup-v1.c of Linux kernel is related to lack of privilege control when setting releaseagent. Linux kernel is related to lack of privilege control when setting releaseagent. Exploiting the vulnerability could allow an attacker to...

7.8CVSS7.7AI score0.05528EPSS
Exploits12
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-815

2.815 Directory traversal in Apache Commons IO CVE-2021-29425 1. Vulnerability Description: The vulnerability allows a remote attacker to perform directory traversal attacks. The vulnerability exists due to an input validation error in the FileNameUtils.normalize method when processing directory...

6.1CVSS7.4AI score0.10608EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-465

2.465 Remote code execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.8CVSS7.5AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-882

2.882 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.8CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-516

2.516 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.6AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-459

2.459 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

8.1CVSS7.3AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-711

2.711 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.8AI score0.52838EPSS
Exploits12
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-685

2.685 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.3AI score0.02719EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•36 views

ROS-2-586

2.586 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/10/04 12:0 a.m.•36 views

ROS-20241004-04

The vulnerability of the filemapcachestat function in the mm/filemap.c module of the memory management subsystem of the kernel of Linux operating system is related to memory usage after its release. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.7AI score0.0095EPSS
Exploits0
Redos
Redos
•added 2024/09/12 12:0 a.m.•36 views

ROS-20240912-01

A vulnerability in the H5Olayoutencode function in the H5Olayout.c file of the HDF5 library is related to an overflow of the buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the...

9.8CVSS8.7AI score0.01545EPSS
Exploits15
Redos
Redos
•added 2024/08/20 12:0 a.m.•36 views

ROS-20240820-10

Vulnerability of the brnflocalin function in the net/bridge/brnetfilterhooks.c module of the netfilter component of the netfilter kernel of the of the Linux operating system is related to incorrect packet processing. Exploitation of the vulnerability could allow an attacker to affect the...

7.8CVSS6.7AI score0.00754EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•36 views

ROS-20240820-01

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code using a specially crafted w...

8.4CVSS8.1AI score0.00971EPSS
Exploits3
Redos
Redos
•added 2024/08/13 12:0 a.m.•36 views

ROS-20240813-04

Vulnerability of the phy-pendingskb function in the st21nfca component of the Linux kernel is related to memory leak during device check and remote memory allocation by phy-pendingskb function during device check. device check. Exploitation of the vulnerability could allow an attacker to cause a...

5.5CVSS6.8AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/08/12 12:0 a.m.•36 views

ROS-20240812-16

Vulnerability of the dovccioctl function in the net/atm/ioctl.c module of the ATM Asynchronous Transfer Mode network protocol implementation of the Linux kernel is related to the reuse of a previously exploited ATM protocol. Asynchronous Transfer Mode kernel of the Linux operating system is relat...

8.8CVSS8.3AI score0.09141EPSS
Exploits4
Redos
Redos
•added 2024/08/05 12:0 a.m.•36 views

ROS-20240805-01

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/05/07 12:0 a.m.•36 views

ROS-20240507-03

A vulnerability in the FileBackedOutputStream feature of the Google Guava Java library suite is related to the use of files and directories accessible to external parties. Exploitation of the vulnerability could allow an attacker to Gain unauthorized access to protected information...

7.1CVSS6.6AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/04/25 12:0 a.m.•36 views

ROS-20240425-05

A vulnerability in the systemctl status command of the Systemd service initialization and management subsystem is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause a denial of service...

7.8CVSS8AI score0.01051EPSS
Exploits6
Redos
Redos
•added 2024/04/23 12:0 a.m.•36 views

ROS-20240423-07

The aiohttp HTTP client vulnerability is related to an incorrect restriction of the path name to a directory with restricted access. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information The aiohttp HTTP client vulnerability...

7.5CVSS7AI score0.76875EPSS
Exploits16
Redos
Redos
•added 2024/04/18 12:0 a.m.•36 views

ROS-20240418-06

The Containerd container runtime vulnerability is related to a flaw that causes additional groups are not properly configured within the container. Exploitation of the vulnerability could allow An attacker to gain unauthorized access to protected information or execute arbitrary code A...

9.8CVSS8.3AI score0.04561EPSS
Exploits1
Redos
Redos
•added 2024/04/11 12:0 a.m.•36 views

ROS-20240411-06

A vulnerability in the xmalloc in function of the openvswitch module is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.1AI score0.00568EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•36 views

ROS-20240411-05

The vulnerability of the eval function of the ImageMath module of the Pillow image manipulation library is related to incorrect control of code generation when processing the environment parameter. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS8.2AI score0.01703EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•36 views

ROS-20240410-05

The vulnerability of the Moby containerization software tool is related to the lack of validation of received requests. no validation of received requests. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain unauthorized access to protected information...

7.5CVSS7.2AI score0.0075EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•36 views

ROS-20240405-11

Vulnerability of the flushrefsamples function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.8CVSS6.6AI score0.00684EPSS
Exploits5
Redos
Redos
•added 2024/04/04 12:0 a.m.•36 views

ROS-20240404-01

A vulnerability in the Grafana web-based data submission tool is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to gain full access to a user's account A vulnerability in the Grafana monitoring and surveillance platform is...

9.8CVSS7.6AI score0.09216EPSS
Exploits2
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-10

A vulnerability in the NetScreen file parser of Wireshark, a computer network traffic analyzer, is related to an operation exceeding buffer boundaries. operation out of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerabilit...

7.8CVSS6.8AI score0.03456EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-13

Vulnerability in picparameterset::dump function of h.265 Libde265 video codec implementation is related to multiple buffer overflows via numtilecolumns and numtilerow parameters. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.1CVSS6.8AI score0.00979EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-01

A vulnerability in the PMIx process control interface is related to the execution of library code with UID 0. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.1CVSS7.2AI score0.01121EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•36 views

ROS-20240328-05

Vulnerability of icmpping function of Zabbix universal monitoring system is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability of the smart.disk.get edent of the Zabbix...

9.8CVSS7.7AI score0.00873EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•36 views

ROS-20240328-14

A vulnerability in the TIFFOpen API function of the LibTIFF library is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS7AI score0.01825EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•36 views

ROS-2-529

2.529 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2024/03/13 12:0 a.m.•36 views

ROS-2-490

2.490 Multiple vulnerabilities of libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/11/21 12:0 a.m.•36 views

ROS-20231115-01

A vulnerability in the Squid proxy server related to the execution of a "buffer overflow" attack, writing up to 2MB of of arbitrary data to the memory heap when Squid is configured to accept HTTP Digest Authentication. Exploitation of the vulnerability could allow an attacker acting remotely to...

9.3CVSS7.7AI score0.85944EPSS
Exploits0
Redos
Redos
•added 2023/10/09 12:0 a.m.•36 views

ROS-20230416-10

A vulnerability in the qdiscgraft function net/sched/schapi.c of the traffic control subsystem of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.8AI score0.00964EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•36 views

ROS-2-1545

2.1545 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2022/12/22 12:0 a.m.•36 views

ROS-20221222-04

A vulnerability in the PHP programming language interpreter is related to boundary conditions in the function imageloadfont. Exploitation of the vulnerability could allow an attacker acting remotely to pass the specially crafted data to a web application, cause a read error outside of the boundar...

7.1CVSS8.2AI score0.02197EPSS
Exploits3
Redos
Redos
•added 2022/12/07 12:0 a.m.•36 views

ROS-20221207-01

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS9.8AI score0.1593EPSS
Exploits1
Redos
Redos
•added 2022/03/30 12:0 a.m.•36 views

ROS-20220330-01

Vulnerability in the network block device implementation client library libnbd, related to the mechanism of error handling mechanism in the nbdcopy tool when executing multithreaded copies using asynchronous nbd nbd calls. Exploitation of the vulnerability could allow an attacker acting remotely ...

4.8CVSS5.7AI score0.00788EPSS
Exploits1
Redos
Redos
•added 2022/02/01 12:0 a.m.•36 views

ROS-20220125-04

Apache Log4j2 Java program logging library vulnerability is related to the lack of additional JNDI access controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using the JDBC Appender. remotely execute arbitrary code using the JDBC Appender...

8.5CVSS8.8AI score0.97906EPSS
Exploits9
Redos
Redos
•added 2021/12/24 12:0 a.m.•36 views

ROS-2-486

2.486 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

8.6AI score0.0262EPSS
Exploits0
Total number of security vulnerabilities5000