Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2024/05/07 12:0 a.m.•36 views

ROS-20240507-03

A vulnerability in the FileBackedOutputStream feature of the Google Guava Java library suite is related to the use of files and directories accessible to external parties. Exploitation of the vulnerability could allow an attacker to Gain unauthorized access to protected information...

7.1CVSS6.6AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/04/23 12:0 a.m.•36 views

ROS-20240423-07

The aiohttp HTTP client vulnerability is related to an incorrect restriction of the path name to a directory with restricted access. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information The aiohttp HTTP client vulnerability...

7.5CVSS7AI score0.76875EPSS
Exploits16
Redos
Redos
•added 2024/04/12 12:0 a.m.•36 views

ROS-20240412-04

A vulnerability in Salt's configuration management and remote execution system is related to the copying a script along a predictable path. Exploitation of the vulnerability could allow an attacker, acting remotely to run their own script. A vulnerability in the symbolic.py component of the Pytho...

8.1CVSS7.6AI score0.01207EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-01

A vulnerability in the PMIx process control interface is related to the execution of library code with UID 0. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.1CVSS7.2AI score0.01121EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-14

Vulnerability of a VPN packet based on IPSec strongSwan protocol is caused by a bug in the charon-tkm process with the key exchange IKE protocol implementation based on TKMv2 Trusted Key Manager. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.7AI score0.0229EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•36 views

ROS-20240329-05

Vulnerability in the vim text editor is related to the use of an insecure search path. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the vimregsubboth function of the vim text editor is caused by a buffer overflow in dynamic...

7.8CVSS8.5AI score0.00624EPSS
Exploits4
Redos
Redos
•added 2024/03/28 12:0 a.m.•36 views

ROS-20240328-11

The vulnerability in Curl is related to the installation of "supercookie files" in Curl, which are then passed back to a to more sources. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality of protected information...

6.5CVSS6.9AI score0.01685EPSS
Exploits1
Redos
Redos
•added 2023/11/21 12:0 a.m.•36 views

ROS-20231115-01

A vulnerability in the Squid proxy server related to the execution of a "buffer overflow" attack, writing up to 2MB of of arbitrary data to the memory heap when Squid is configured to accept HTTP Digest Authentication. Exploitation of the vulnerability could allow an attacker acting remotely to...

9.3CVSS7.7AI score0.85944EPSS
Exploits0
Redos
Redos
•added 2023/10/16 12:0 a.m.•36 views

ROS-20231016-04

A vulnerability in the VP8 encoding function of the libvpx library in Google Chrome browser is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker, remotely execute arbitrary code when a user opens a speciall...

8.8CVSS8.2AI score0.49013EPSS
Exploits3
Redos
Redos
•added 2023/10/09 12:0 a.m.•36 views

ROS-20230416-10

A vulnerability in the qdiscgraft function net/sched/schapi.c of the traffic control subsystem of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.8AI score0.00964EPSS
Exploits1
Redos
Redos
•added 2023/08/25 12:0 a.m.•36 views

ROS-20230825-05

The QEMU hardware emulator vulnerability is related to the VNC server, when a client connects to the server, QEMU checks if the current number of connections exceeds a certain threshold, and if so, clears the previous connection, if the previous connection is in the confirmation phase and fails,...

7.5CVSS6.7AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•36 views

ROS-2-507

2.507 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS8.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•36 views

ROS-2-599

2.599 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/01/24 12:0 a.m.•36 views

ROS-20230124-02

Vim text editor vulnerability is related to an incorrect memory access error with collapsing and using "L" in the src/normal.c function. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a buffer overflow and denial of service...

7.8CVSS7.8AI score0.00467EPSS
Exploits1
Redos
Redos
•added 2022/03/24 12:0 a.m.•36 views

ROS-20220324-01

Vulnerability of cgroupreleaseagentwrite function kernel/cgroup/cgroup-v1.c of Linux kernel is related to lack of privilege control when setting releaseagent. Linux kernel is related to lack of privilege control when setting releaseagent. Exploiting the vulnerability could allow an attacker to...

7.8CVSS7.7AI score0.05528EPSS
Exploits12
Redos
Redos
•added 2021/12/24 12:0 a.m.•36 views

ROS-2-486

2.486 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

8.6AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-685

2.685 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.3AI score0.02719EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-465

2.465 Remote code execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.8CVSS7.5AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-815

2.815 Directory traversal in Apache Commons IO CVE-2021-29425 1. Vulnerability Description: The vulnerability allows a remote attacker to perform directory traversal attacks. The vulnerability exists due to an input validation error in the FileNameUtils.normalize method when processing directory...

6.1CVSS7.4AI score0.10608EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-662

2.662 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

7.8CVSS7.6AI score0.99295EPSS
Exploits83
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-480

2.480 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS7.8AI score0.06132EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-1347

2.1347 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-882

2.882 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.8CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-711

2.711 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.8AI score0.52838EPSS
Exploits12
Redos
Redos
•added 2026/05/25 12:0 a.m.•35 views

ROS-20260525-73-0002

Vulnerability in awscli related to the use of an invalid referenced name. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.8AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•35 views

ROS-2-586

2.586 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/11/15 12:0 a.m.•35 views

ROS-20241115-01

A vulnerability in the pinctrl component of the Linux kernel is related to the dereferencing of a NULL pointer in the pcssetmux function in drivers/pinctrl/pinctrl-single.c.. pcssetmux function in drivers/pinctrl/pinctrl-single.c. Exploitation of the vulnerability could allow an attacker to cause...

7.1CVSS7.4AI score0.00259EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•35 views

ROS-20241004-04

The vulnerability of the filemapcachestat function in the mm/filemap.c module of the memory management subsystem of the kernel of Linux operating system is related to memory usage after its release. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.7AI score0.0095EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•35 views

ROS-20241002-06

A vulnerability in the iommu/arm-smmu-v3 component of the Linux operating system kernel is related to soft locking, caused by armsmmumminvalidaterange. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the erofs component of the Linux...

7.8CVSS8.6AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2024/07/31 12:0 a.m.•35 views

ROS-20240731-05

A vulnerability in the SHA-3 cryptographic hash function of the eXtended Keccak Code Package XKCP software package is related to errors in block processing of input data and type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code during...

9.8CVSS8.2AI score0.05193EPSS
Exploits1
Redos
Redos
•added 2024/07/04 12:0 a.m.•35 views

ROS-20240704-08

A vulnerability in the curl program line utility is related to the storage of HSTS data in a file with a too long name, curl can delete the entire contents, causing subsequent requests using the file to be unaware of the HSTS status they should have used. file will be unaware of the status of the...

5.3CVSS6.7AI score0.01133EPSS
Exploits1
Redos
Redos
•added 2024/04/25 12:0 a.m.•35 views

ROS-20240425-05

A vulnerability in the systemctl status command of the Systemd service initialization and management subsystem is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause a denial of service...

7.8CVSS8AI score0.01051EPSS
Exploits6
Redos
Redos
•added 2024/04/23 12:0 a.m.•35 views

ROS-20240423-06

Envoy proxy vulnerability is due to the fact that regular expressions are compiled for each request and can lead to high CPU utilization and increased request latency. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. The Envoy proxy...

8.6CVSS7.5AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/04/18 12:0 a.m.•35 views

ROS-20240418-06

The Containerd container runtime vulnerability is related to a flaw that causes additional groups are not properly configured within the container. Exploitation of the vulnerability could allow An attacker to gain unauthorized access to protected information or execute arbitrary code A...

9.8CVSS8.3AI score0.04561EPSS
Exploits1
Redos
Redos
•added 2024/04/11 12:0 a.m.•35 views

ROS-20240411-05

The vulnerability of the eval function of the ImageMath module of the Pillow image manipulation library is related to incorrect control of code generation when processing the environment parameter. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS8.2AI score0.01703EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•35 views

ROS-20240409-12

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Eclipse Jetty servlet container vulnerability is related to errors in processi...

9.8CVSS8AI score0.1593EPSS
Exploits2
Redos
Redos
•added 2024/04/05 12:0 a.m.•35 views

ROS-20240405-11

Vulnerability of the flushrefsamples function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.8CVSS6.6AI score0.00684EPSS
Exploits5
Redos
Redos
•added 2024/04/04 12:0 a.m.•35 views

ROS-20240404-01

A vulnerability in the Grafana web-based data submission tool is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to gain full access to a user's account A vulnerability in the Grafana monitoring and surveillance platform is...

9.8CVSS7.6AI score0.09216EPSS
Exploits2
Redos
Redos
•added 2024/04/02 12:0 a.m.•35 views

ROS-20240402-10

A vulnerability in the NetScreen file parser of Wireshark, a computer network traffic analyzer, is related to an operation exceeding buffer boundaries. operation out of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerabilit...

7.8CVSS6.8AI score0.03456EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•35 views

ROS-20240402-13

Vulnerability in picparameterset::dump function of h.265 Libde265 video codec implementation is related to multiple buffer overflows via numtilecolumns and numtilerow parameters. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.1CVSS6.8AI score0.00979EPSS
Exploits1
Redos
Redos
•added 2024/03/28 12:0 a.m.•35 views

ROS-20240328-05

Vulnerability of icmpping function of Zabbix universal monitoring system is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability of the smart.disk.get edent of the Zabbix...

9.8CVSS7.7AI score0.00873EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•35 views

ROS-20240328-08

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its freeing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service using specially crafted malware. arbitrary code or cause a...

9.6CVSS9.3AI score0.43238EPSS
Exploits4
Redos
Redos
•added 2024/03/28 12:0 a.m.•35 views

ROS-20240328-14

A vulnerability in the TIFFOpen API function of the LibTIFF library is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS7AI score0.01825EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•35 views

ROS-2-490

2.490 Multiple vulnerabilities of libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•35 views

ROS-2-876

2.876 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•35 views

ROS-2-529

2.529 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2024/02/08 12:0 a.m.•35 views

ROS-20240208-03

Grub loader vulnerability is related to out-of-bounds writes when processing delimited headers HTTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the grubcmdchainloader function of the Grub operating system...

8.1CVSS8.6AI score0.01284EPSS
Exploits0
Redos
Redos
•added 2023/10/31 12:0 a.m.•35 views

ROS-20231031-01

A vulnerability in the Runc isolated container launch tool is related to improper saving of permissions. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. Vulnerability in the Runc isolated container too...

7.8CVSS7.1AI score0.00343EPSS
Exploits1
Redos
Redos
•added 2023/08/25 12:0 a.m.•35 views

ROS-20230824-02

A vulnerability in Git's distributed version control system is related to flaws in the path name limitation to the directory. Exploitation of the vulnerability allows an attacker acting remotely to impact the data integrity using a specially crafted command. The vulnerability in the...

7.8CVSS9AI score0.52164EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•35 views

ROS-2-1545

2.1545 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Total number of security vulnerabilities5000