Lucene search
K
RedosMost viewed

8159 matches found

Redos
Redos
•added 2023/07/06 12:0 a.m.•35 views

ROS-2-1545

2.1545 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2023/04/14 12:0 a.m.•35 views

ROS-20230414-02

DNS server BIND vulnerability is related to reachable assertion in DNS query processing. Exploitation The vulnerability allows an attacker acting remotely to send repeated patterns of specific requests to servers with DNSSEC-Validated Cache synth-from-rom enabled. queries to servers with the...

7.5CVSS6.3AI score0.0325EPSS
Exploits0
Redos
Redos
•added 2023/03/24 12:0 a.m.•35 views

ROS-20230324-01

Vulnerability of Samba networking software package is related to errors in symbolic links processing. links. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server's server file system Vulnerability of unwrapdes and unwrapdes3 functions of GSSAPI...

6.5CVSS7.3AI score0.0369EPSS
Exploits0
Redos
Redos
•added 2022/12/22 12:0 a.m.•35 views

ROS-20221222-04

A vulnerability in the PHP programming language interpreter is related to boundary conditions in the function imageloadfont. Exploitation of the vulnerability could allow an attacker acting remotely to pass the specially crafted data to a web application, cause a read error outside of the boundar...

7.1CVSS8.2AI score0.02197EPSS
Exploits3
Redos
Redos
•added 2022/12/07 12:0 a.m.•35 views

ROS-20221207-01

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS9.8AI score0.1593EPSS
Exploits1
Redos
Redos
•added 2022/11/03 12:0 a.m.•35 views

ROS-20221103-02

PJSIP multimedia library vulnerability is related to a buffer overflow error in the PJSIP parser PJSIP parser, PJMEDIA RTP decoder and PJMEDIA SDP parser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a flow failure and gain access to potentially sensitive...

9.8CVSS9.3AI score0.01084EPSS
Exploits0
Redos
Redos
•added 2022/07/01 12:0 a.m.•35 views

ROS-20220701-02

A vulnerability in the Mozilla Firefox browser is related to improper handling of the CSP sandbox header without the the "allow scripts" parameter. Exploitation of the vulnerability could allow an attacker acting remotely to use an iframe to bypass an implemented CSP restriction and exploit it...

9.8CVSS8.5AI score0.23941EPSS
Exploits1
Redos
Redos
•added 2022/03/30 12:0 a.m.•35 views

ROS-20220330-01

Vulnerability in the network block device implementation client library libnbd, related to the mechanism of error handling mechanism in the nbdcopy tool when executing multithreaded copies using asynchronous nbd nbd calls. Exploitation of the vulnerability could allow an attacker acting remotely ...

4.8CVSS5.7AI score0.00788EPSS
Exploits1
Redos
Redos
•added 2022/03/24 12:0 a.m.•35 views

ROS-20220324-02

A vulnerability in the QEMU emulator is related to an incorrect implementation of the QEMU shared file system daemon virtio-fs virtiofsd. Exploitation of the vulnerability could allow an attacker, in a guest OS, to create files in directories shared by virtio-fs, with unintended group ownership i...

7.8CVSS7.4AI score0.00332EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•35 views

ROS-20220125-04

Apache Log4j2 Java program logging library vulnerability is related to the lack of additional JNDI access controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using the JDBC Appender. remotely execute arbitrary code using the JDBC Appender...

8.5CVSS8.8AI score0.97906EPSS
Exploits9
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-1661

2.1661 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-544

2.544 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-1251

2.1251 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-489

2.489 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-456

2.456 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker t...

7.4AI score0.01047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-569

2.569 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

7.9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-795

2.795 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in th...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-552

2.552 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8.1AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-669

2.669 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

9.8CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-634

2.634 Vulnerability in Curl CVE-2020-8177 1. Vulnerability Description: The vulnerability allows a local file on the system to be overwritten when accessing an attacker-controlled server. The problem only occurs when the "-J" "--remote-header-name" and "-i" "--head" options are used...

7.8CVSS7.8AI score0.01236EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-830

2.830 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.1AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-649

2.649 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-973

2.973 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•35 views

ROS-2-563

2.563 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS10AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•34 views

ROS-2-652

2.652 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

7.5CVSS7.7AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•34 views

ROS-2-643

2.643 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

9.8CVSS10AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2025/05/13 12:0 a.m.•34 views

ROS-2-474

2.474 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS7.3AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2024/11/29 12:0 a.m.•34 views

ROS-20241129-02

A vulnerability in the openvswitch component of the Linux operating system kernel is related to incorrect input validation in the parseicmpv6 function in net/openvswitch/flow.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cppccpufr...

7.8CVSS8.4AI score0.01136EPSS
Exploits1
Redos
Redos
•added 2024/11/07 12:0 a.m.•34 views

ROS-20241107-01

A vulnerability in the imx component of the Linux kernel is associated with a memory leak in the function ipucscscalerrelease in drivers/staging/media/imx/imx-media-csc-scaler.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in Linux kernel...

7.8CVSS7.6AI score0.0033EPSS
Exploits0
Redos
Redos
•added 2024/11/06 12:0 a.m.•34 views

ROS-20241106-01

Vulnerability of the supply component of the Linux kernel is related to resource management errors in the bq27xxxbatteryi2cremove function in drivers/power/supply/bq27xxxbatteryi2c.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...

7.8CVSS8.7AI score0.00622EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•34 views

ROS-20241021-07

Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service or execute arbitrary code...

7.1CVSS7.7AI score0.03422EPSS
Exploits1
Redos
Redos
•added 2024/08/29 12:0 a.m.•34 views

ROS-20240829-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to resource release errors. resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the Core component of the Oracle V...

8.2CVSS6.3AI score0.00457EPSS
Exploits0
Redos
Redos
•added 2024/08/13 12:0 a.m.•34 views

ROS-20240813-01

The vulnerability of the nftsetrbtree function net/netfilter/nftsetrbtree.c of the Netfilter component of the Linux operating system is related to the operation exceeding the memory buffer boundaries. component of the Netfilter component of the Linux operating system is related to an operation...

8CVSS8.3AI score0.36685EPSS
Exploits2
Redos
Redos
•added 2024/07/04 12:0 a.m.•34 views

ROS-20240704-04

Vulnerability of the OpenSSL cryptographic library is related to a call of the OpenSSL API function SSLfreebuffers function, resulting in access to previously freed memory. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.02945EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•34 views

ROS-20240625-01

Vulnerability in tiff.c file of ImageMagick console graphics editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2024/06/19 12:0 a.m.•34 views

ROS-20240619-01

A vulnerability in the OpenSSH ECDSA Key Handler component of the OpenSSH ECDSA Key Handler technology for signing and encrypting JavaScript objects in Python is related to the definition of a blacklist of prefixes for public keys. Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS6.7AI score0.00783EPSS
Exploits2
Redos
Redos
•added 2024/05/27 12:0 a.m.•34 views

ROS-20240527-04

A vulnerability in the Git distributed version control system exists due to a process control issue. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when cloning specially crafted local repositories A vulnerability in the Git distributed version control system ...

8.1CVSS7.9AI score0.01271EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•34 views

ROS-20240514-01

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.4AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/07 12:0 a.m.•34 views

ROS-20240507-08

Vulnerability of nghttp2 library in part of HTTP/2 protocol implementation is related to uncontrolled resource consumption as a result of incorrect header termination detection during CONTINUATION frames processing. resources as a result of incorrect header termination detection during CONTINUATI...

5.3CVSS7.9AI score0.8496EPSS
Exploits1
Redos
Redos
•added 2024/05/07 12:0 a.m.•34 views

ROS-20240507-07

A vulnerability in the ProcRenderAddGlyphs function of the X Window System Xorg-server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted file Vulnerability of ProcXIPassiveGrabDevi...

7.8CVSS7.4AI score0.01843EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•34 views

ROS-20240503-03

A vulnerability in the Containerd container runtime environment is related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. information...

7.5CVSS7.5AI score0.27392EPSS
Exploits4
Redos
Redos
•added 2024/04/23 12:0 a.m.•34 views

ROS-20240423-11

A vulnerability in the Libvirt virtualization management daemon is related to memory re-release. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. integrity, and cause a denial of service...

7.2CVSS6.7AI score0.00529EPSS
Exploits0
Redos
Redos
•added 2024/04/23 12:0 a.m.•34 views

ROS-20240423-02

Vulnerability of gnew0 function of Libvirt virtualization management library is related to incorrect checking of negative array length before memory allocation. checking for negative array length before allocating memory. Exploitation of the vulnerability could allow an attacker to cause a denial...

6.2CVSS6.3AI score0.00364EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•34 views

ROS-20240418-02

Vulnerabilities in Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool are related to security settings errors. Microsoft Visual Studio software development tool is related to errors in security settings. Exploitation vulnerability could allow ...

9.8CVSS7.3AI score0.02778EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•34 views

ROS-20240411-06

A vulnerability in the xmalloc in function of the openvswitch module is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.1AI score0.00568EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•34 views

ROS-20240410-16

A vulnerability in the xmlValidatePopElement function of the XML Reader Interface component of the Libxml2 library is related to the memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a specially...

7.5CVSS7.1AI score0.01364EPSS
Exploits3
Redos
Redos
•added 2024/04/10 12:0 a.m.•34 views

ROS-20240410-05

The vulnerability of the Moby containerization software tool is related to the lack of validation of received requests. no validation of received requests. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain unauthorized access to protected information...

7.5CVSS7.2AI score0.0075EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•34 views

ROS-20240404-14

The vulnerability of the library for controlling input/output to the terminal ncurses is related to the possibility of writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected...

7.8CVSS6.9AI score0.00923EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-03

A vulnerability in the Redis database management system DBMS involves integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS7.6AI score0.02582EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-05

Vulnerability of TiXmlDeclaration::Parse function in tinyxmlparser.cpp component of TinyXML XML-parser is related to the use of assert operator when processing 0 character after space. using assert operator when processing 0 character after a space. Exploitation vulnerability could allow an...

7.5CVSS6.7AI score0.01372EPSS
Exploits0
Total number of security vulnerabilities5000