Lucene search
K
RedosMost viewed

8368 matches found

Redos
Redos
•added 2022/02/01 12:0 a.m.•36 views

ROS-20220125-04

Apache Log4j2 Java program logging library vulnerability is related to the lack of additional JNDI access controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using the JDBC Appender. remotely execute arbitrary code using the JDBC Appender...

8.5CVSS8.8AI score0.97906EPSS
Exploits9
Redos
Redos
•added 2021/12/24 12:0 a.m.•36 views

ROS-2-486

2.486 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

8.6AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•36 views

ROS-2-1661

2.1661 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-489

2.489 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-669

2.669 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

9.8CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-973

2.973 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-662

2.662 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

7.8CVSS7.6AI score0.99295EPSS
Exploits83
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-1347

2.1347 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•36 views

ROS-2-552

2.552 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8.1AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2026/05/25 12:0 a.m.•35 views

ROS-20260525-73-0002

Vulnerability in awscli related to the use of an invalid referenced name. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.8AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•35 views

ROS-2-643

2.643 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

9.8CVSS10AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2024/11/29 12:0 a.m.•35 views

ROS-20241129-02

A vulnerability in the openvswitch component of the Linux operating system kernel is related to incorrect input validation in the parseicmpv6 function in net/openvswitch/flow.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cppccpufr...

7.8CVSS8.4AI score0.01136EPSS
Exploits1
Redos
Redos
•added 2024/11/15 12:0 a.m.•35 views

ROS-20241115-01

A vulnerability in the pinctrl component of the Linux kernel is related to the dereferencing of a NULL pointer in the pcssetmux function in drivers/pinctrl/pinctrl-single.c.. pcssetmux function in drivers/pinctrl/pinctrl-single.c. Exploitation of the vulnerability could allow an attacker to cause...

7.1CVSS7.4AI score0.00259EPSS
Exploits0
Redos
Redos
•added 2024/11/07 12:0 a.m.•35 views

ROS-20241107-01

A vulnerability in the imx component of the Linux kernel is associated with a memory leak in the function ipucscscalerrelease in drivers/staging/media/imx/imx-media-csc-scaler.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in Linux kernel...

7.8CVSS7.6AI score0.0033EPSS
Exploits0
Redos
Redos
•added 2024/11/06 12:0 a.m.•35 views

ROS-20241106-01

Vulnerability of the supply component of the Linux kernel is related to resource management errors in the bq27xxxbatteryi2cremove function in drivers/power/supply/bq27xxxbatteryi2c.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...

7.8CVSS8.7AI score0.00622EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•35 views

ROS-20241002-06

A vulnerability in the iommu/arm-smmu-v3 component of the Linux operating system kernel is related to soft locking, caused by armsmmumminvalidaterange. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the erofs component of the Linux...

7.8CVSS8.6AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2024/08/13 12:0 a.m.•35 views

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...

8CVSS8.3AI score0.36685EPSS
Exploits2
Redos
Redos
•added 2024/07/04 12:0 a.m.•35 views

ROS-20240704-08

A vulnerability in the curl program line utility is related to the storage of HSTS data in a file with a too long name, curl can delete the entire contents, causing subsequent requests using the file to be unaware of the HSTS status they should have used. file will be unaware of the status of the...

5.3CVSS6.7AI score0.01133EPSS
Exploits1
Redos
Redos
•added 2024/05/24 12:0 a.m.•35 views

ROS-20240424-01

A vulnerability in the ImageIO component of Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A vulnerability ...

7.5CVSS7.3AI score0.14839EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•35 views

ROS-20240507-08

Vulnerability of nghttp2 library in part of HTTP/2 protocol implementation is related to uncontrolled resource consumption as a result of incorrect header termination detection during CONTINUATION frames processing. resources as a result of incorrect header termination detection during CONTINUATI...

5.3CVSS7.9AI score0.8496EPSS
Exploits1
Redos
Redos
•added 2024/04/23 12:0 a.m.•35 views

ROS-20240423-06

Envoy proxy vulnerability is due to the fact that regular expressions are compiled for each request and can lead to high CPU utilization and increased request latency. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. The Envoy proxy...

8.6CVSS7.5AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/04/23 12:0 a.m.•35 views

ROS-20240423-02

Vulnerability of gnew0 function of Libvirt virtualization management library is related to incorrect checking of negative array length before memory allocation. checking for negative array length before allocating memory. Exploitation of the vulnerability could allow an attacker to cause a denial...

6.2CVSS6.3AI score0.00364EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•35 views

ROS-20240409-12

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Eclipse Jetty servlet container vulnerability is related to errors in processi...

9.8CVSS8AI score0.1593EPSS
Exploits2
Redos
Redos
•added 2024/04/09 12:0 a.m.•35 views

ROS-20240409-04

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.93305EPSS
Exploits4
Redos
Redos
•added 2024/04/04 12:0 a.m.•35 views

ROS-20240404-14

The vulnerability of the library for controlling input/output to the terminal ncurses is related to the possibility of writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected...

7.8CVSS6.9AI score0.00923EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•35 views

ROS-20240329-10

Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...

9.8CVSS9.5AI score0.03796EPSS
Exploits1
Redos
Redos
•added 2024/03/28 12:0 a.m.•35 views

ROS-20240328-08

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its freeing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service using specially crafted malware. arbitrary code or cause a...

9.6CVSS9.3AI score0.43238EPSS
Exploits4
Redos
Redos
•added 2024/03/13 12:0 a.m.•35 views

ROS-2-876

2.876 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2024/02/29 12:0 a.m.•36 views

ROS-20240226-02

A vulnerability in Microsoft's .NET Framework software platform is related to incorrectly restricting XML links to external objects. external objects. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

5.9CVSS6.3AI score0.0192EPSS
Exploits0
Redos
Redos
•added 2024/02/08 12:0 a.m.•35 views

ROS-20240208-03

Grub loader vulnerability is related to out-of-bounds writes when processing delimited headers HTTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the grubcmdchainloader function of the Grub operating system...

8.1CVSS8.6AI score0.01284EPSS
Exploits0
Redos
Redos
•added 2023/10/31 12:0 a.m.•35 views

ROS-20231031-01

A vulnerability in the Runc isolated container launch tool is related to improper saving of permissions. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. Vulnerability in the Runc isolated container too...

7.8CVSS7.1AI score0.00343EPSS
Exploits1
Redos
Redos
•added 2023/10/30 12:0 a.m.•35 views

ROS-20231030-04

The HPACK decoder vulnerability is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting locally to cause a denial of service...

7.5CVSS7AI score0.04561EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•35 views

ROS-20230915-09

A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information and escalate privileges. protected information and...

7.8CVSS7.3AI score0.01944EPSS
Exploits5
Redos
Redos
•added 2023/09/12 12:0 a.m.•35 views

ROS-20230911-03

A vulnerability in the XMLExternalEntityParserCreate function of the XML parser library libexpat is related to a post-release exploit. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.02241EPSS
Exploits1
Redos
Redos
•added 2023/08/25 12:0 a.m.•35 views

ROS-20230824-02

A vulnerability in Git's distributed version control system is related to flaws in the path name limitation to the directory. Exploitation of the vulnerability allows an attacker acting remotely to impact the data integrity using a specially crafted command. The vulnerability in the...

7.8CVSS9AI score0.52164EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•35 views

ROS-2-578

2.578 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.1AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2023/06/20 12:0 a.m.•35 views

ROS-20230620-06

Vulnerability of the GENERALNAMEcmp function of OpenSSL library is related to a flaw in the mechanism of data type conversion data type conversion mechanism when processing x400 addresses. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A...

9.1CVSS7.9AI score0.59501EPSS
Exploits2
Redos
Redos
•added 2023/04/14 12:0 a.m.•35 views

ROS-20230414-02

DNS server BIND vulnerability is related to reachable assertion in DNS query processing. Exploitation The vulnerability allows an attacker acting remotely to send repeated patterns of specific requests to servers with DNSSEC-Validated Cache synth-from-rom enabled. queries to servers with the...

7.5CVSS6.3AI score0.0325EPSS
Exploits0
Redos
Redos
•added 2023/03/24 12:0 a.m.•35 views

ROS-20230324-01

Vulnerability of Samba networking software package is related to errors in symbolic links processing. links. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server's server file system Vulnerability of unwrapdes and unwrapdes3 functions of GSSAPI...

6.5CVSS7.3AI score0.0369EPSS
Exploits0
Redos
Redos
•added 2023/03/16 12:0 a.m.•35 views

ROS-20230316-01

Vulnerability in C library related to c-ares package, where aressetsortlist lacks input string validation, allowing possible stack overflow. package in which aressetsortlist lacks input string validation, which allows possible stack overflow of arbitrary length. Exploitation of the vulnerability...

8.6CVSS8.4AI score0.01232EPSS
Exploits1
Redos
Redos
•added 2023/02/03 12:0 a.m.•35 views

ROS-20230203-02

Vim text editor vulnerability is related to division by zero error in 'smoothscroll' function at small window size. window size. Exploitation of the vulnerability could allow an attacker acting remotely to cause the program to crash. program crash...

7.8CVSS7.5AI score0.0049EPSS
Exploits1
Redos
Redos
•added 2023/01/17 12:0 a.m.•35 views

ROS-20230117-02

A vulnerability in the Open vSwitch software tiered switch is related to loss of integer significance when parsing Auto Attach TLVs. integer when parsing Auto Attach TLVs. Exploitation of the vulnerability could allow an attacker acting remotely to send specially crafted LLDP messages. remotely,...

9.8CVSS9.3AI score0.01324EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•35 views

ROS-20221103-02

PJSIP multimedia library vulnerability is related to a buffer overflow error in the PJSIP parser PJSIP parser, PJMEDIA RTP decoder and PJMEDIA SDP parser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a flow failure and gain access to potentially sensitive...

9.8CVSS9.3AI score0.01084EPSS
Exploits0
Redos
Redos
•added 2022/10/20 12:0 a.m.•35 views

ROS-20221020-02

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to a problem analyzing binary data. Exploitation of the vulnerability could allow an attacker acting remotely to send data containing multiple instances of non-repeating embedded messages to the application's...

7.5CVSS7.6AI score0.01048EPSS
Exploits0
Redos
Redos
•added 2022/07/01 12:0 a.m.•35 views

ROS-20220701-02

A vulnerability in the Mozilla Firefox browser is related to improper handling of the CSP sandbox header without the the "allow scripts" parameter. Exploitation of the vulnerability could allow an attacker acting remotely to use an iframe to bypass an implemented CSP restriction and exploit it...

9.8CVSS8.5AI score0.23941EPSS
Exploits1
Redos
Redos
•added 2022/06/22 12:0 a.m.•35 views

ROS-20220622-02

Vulnerability of the library implementing Perl PCRE2 style regular expressions is related to boundary conditions in the compilexclassmatchingpath function of the pcre2jitcompile.c file. conditions in the compilexclassmatchingpath function of the pcre2jitcompile.c file. Exploitation of the...

9.1CVSS8.9AI score0.02993EPSS
Exploits0
Redos
Redos
•added 2022/03/24 12:0 a.m.•35 views

ROS-20220324-02

A vulnerability in the QEMU emulator is related to an incorrect implementation of the QEMU shared file system daemon virtio-fs virtiofsd. Exploitation of the vulnerability could allow an attacker, in a guest OS, to create files in directories shared by virtio-fs, with unintended group ownership i...

7.8CVSS7.4AI score0.00332EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-544

2.544 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-1251

2.1251 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-569

2.569 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

7.9AI score0.01368EPSS
Exploits0
Total number of security vulnerabilities5000