Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2023/01/24 12:0 a.m.•34 views

ROS-20230124-01

Vulnerability of sudoedit function of Sudo system administration program is related to errors in processing of additional arguments in environment variables. additional arguments in environment variables. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate...

7.8CVSS7.9AI score0.55367EPSS
Exploits20
Redos
Redos
•added 2023/01/24 12:0 a.m.•34 views

ROS-20230124-04

The vulnerability in the Mozilla Firefox browser is due to the fact that a deprecated library libusrsctp contained a vulnerability that could potentially be exploited. vulnerabilities that could potentially be exploited. Exploitation of the vulnerability could allow an attacker acting remotely to...

8.8CVSS7.2AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2022/12/23 12:0 a.m.•34 views

ROS-20221223-01

The containerd container runtime vulnerability is related to a bug in the CRI containerd thread server when handling terminal resize events. Exploitation of the vulnerability could allow an attacker, acting remotely, to query the TTY and cause it to crash by sending an invalid command and running...

6.5CVSS7AI score0.01022EPSS
Exploits0
Redos
Redos
•added 2022/10/20 12:0 a.m.•34 views

ROS-20221020-02

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to a problem analyzing binary data. Exploitation of the vulnerability could allow an attacker acting remotely to send data containing multiple instances of non-repeating embedded messages to the application's...

7.5CVSS7.6AI score0.01048EPSS
Exploits0
Redos
Redos
•added 2022/07/01 12:0 a.m.•34 views

ROS-20220701-02

A vulnerability in the Mozilla Firefox browser is related to improper handling of the CSP sandbox header without the the "allow scripts" parameter. Exploitation of the vulnerability could allow an attacker acting remotely to use an iframe to bypass an implemented CSP restriction and exploit it...

9.8CVSS8.5AI score0.23941EPSS
Exploits1
Redos
Redos
•added 2022/04/05 12:0 a.m.•34 views

ROS-20220405-01

A vulnerability in the Python Paramiko implementation of the SSHv2 protocol, is related to the race condition in the function writeprivatekeyfile between create and chmod operations. Exploitation of the vulnerability could allow an an attacker to exploit the race condition and gain unauthorized...

5.9CVSS6.1AI score0.0208EPSS
Exploits1
Redos
Redos
•added 2022/03/24 12:0 a.m.•34 views

ROS-20220324-02

A vulnerability in the QEMU emulator is related to an incorrect implementation of the QEMU shared file system daemon virtio-fs virtiofsd. Exploitation of the vulnerability could allow an attacker, in a guest OS, to create files in directories shared by virtio-fs, with unintended group ownership i...

7.8CVSS7.4AI score0.00332EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•34 views

ROS-2-544

2.544 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•34 views

ROS-2-1251

2.1251 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-569

2.569 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

7.9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-456

2.456 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker t...

7.4AI score0.01047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-830

2.830 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.1AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-649

2.649 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-1001

2.1001 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-563

2.563 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS10AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-973

2.973 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-534

2.534 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

7.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-553

2.553 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS7.6AI score0.01764EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-462

2.462 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

6.1CVSS7AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2026/04/17 12:0 a.m.•33 views

ROS-20260417-73-0013

A vulnerability in the commonprefix function of the pip module of the Python programming language is related to an incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to add and modify arbitrary files...

2CVSS5.9AI score0.0039EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•33 views

ROS-2-594

2.594 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•33 views

ROS-2-668

2.668 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS8AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2024/11/20 12:0 a.m.•33 views

ROS-20241120-02

A vulnerability in the locking/wwmutex/test components of the Linux operating system kernel is related to improper locking in the functions listforeachentrysafe, stressonework, and stress in the kernel/locking/test/test-wwmutex.c. Exploitation of the vulnerability could allow an attacker to cause...

7.8CVSS7.2AI score0.00263EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•33 views

ROS-20241113-01

A vulnerability in the sched/debug components of the Linux operating system kernel is related to information disclosure in the updatescheddomaindebugfs function in kernel/sched/debug.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A...

7.8CVSS7.4AI score0.00907EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•33 views

ROS-20241008-10

Vulnerability of u32initknode function in net/sched/clsu32.c module of Linux kernel is related to reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information or elevate their...

7.8CVSS7.2AI score0.00565EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•33 views

ROS-20240826-12

Vulnerability of Ruby programming language components rfc2396parser.rb and rfc3986parser.rb is related to incorrect implementation of processing invalid URLs. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability in the URI component of th...

5.3CVSS7.2AI score0.02637EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•33 views

ROS-20240726-01

A vulnerability in GLPI's request and incident handling system is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the system integrity A vulnerability in the GLPI request and incident handling system is associated with the...

10CVSS7.7AI score0.50889EPSS
Exploits6
Redos
Redos
•added 2024/07/04 12:0 a.m.•33 views

ROS-20240704-04

Vulnerability of the OpenSSL cryptographic library is related to a call of the OpenSSL API function SSLfreebuffers function, resulting in access to previously freed memory. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.02945EPSS
Exploits0
Redos
Redos
•added 2024/06/19 12:0 a.m.•33 views

ROS-20240619-01

A vulnerability in the OpenSSH ECDSA Key Handler component of the OpenSSH ECDSA Key Handler technology for signing and encrypting JavaScript objects in Python is related to the definition of a blacklist of prefixes for public keys. Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS6.7AI score0.00783EPSS
Exploits2
Redos
Redos
•added 2024/05/27 12:0 a.m.•33 views

ROS-20240527-04

A vulnerability in the Git distributed version control system exists due to a process control issue. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when cloning specially crafted local repositories A vulnerability in the Git distributed version control system ...

8.1CVSS7.9AI score0.01271EPSS
Exploits2
Redos
Redos
•added 2024/05/16 12:0 a.m.•33 views

ROS-20240516-01

Vulnerability of Less, a utility for UNIX-like text terminals, is related to incorrect processing of quotation marks in filename.c file. quotes in the filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

8.6CVSS6.9AI score0.00628EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•33 views

ROS-20240503-03

A vulnerability in the Containerd container runtime environment is related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. information...

7.5CVSS7.5AI score0.27392EPSS
Exploits4
Redos
Redos
•added 2024/04/23 12:0 a.m.•33 views

ROS-20240423-11

A vulnerability in the Libvirt virtualization management daemon is related to memory re-release. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. integrity, and cause a denial of service...

7.2CVSS6.7AI score0.00529EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•33 views

ROS-20240418-02

Vulnerabilities in Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool are related to security settings errors. Microsoft Visual Studio software development tool is related to errors in security settings. Exploitation vulnerability could allow ...

9.8CVSS7.3AI score0.02778EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•33 views

ROS-20240410-17

The vulnerability of the ImageBuild function of the Moby containerization software tool is related to a flaw in the data source validation mechanism for endpoint processing. is related to a flaw in the data source validation mechanism for endpoint processing. Exploitation of the vulnerability cou...

7.8CVSS7AI score0.00258EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•33 views

ROS-20240409-04

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/03 12:0 a.m.•33 views

ROS-20240403-13

Vulnerability of OpenIdAuthenticator class of Eclipse Jetty servlet container is related to flaws in the of the authentication procedure when processing the LoginService parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

4.3CVSS7.1AI score0.00753EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•33 views

ROS-20240402-09

A vulnerability in the loginpassword component of the FreeIpa server is related to sending user requests, that can perform actions on behalf of the user. Exploitation of the vulnerability could allow An attacker acting remotely to cause a loss of system confidentiality and integrity...

6.5CVSS6.6AI score0.0057EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•33 views

ROS-20240329-09

A vulnerability in the Privates Handler component of the X Window System X.Org Server implementation is related to an operation exceeding the buffer boundaries. operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

9.8CVSS8.2AI score0.02106EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•33 views

ROS-2-931

2.931 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•33 views

ROS-2-511

2.511 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

7.5CVSS7.7AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2024/02/29 12:0 a.m.•34 views

ROS-20240226-02

A vulnerability in Microsoft's .NET Framework software platform is related to incorrectly restricting XML links to external objects. external objects. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

5.9CVSS6.3AI score0.0192EPSS
Exploits0
Redos
Redos
•added 2023/10/30 12:0 a.m.•33 views

ROS-20231030-02

A vulnerability in the Django web application software platform, is related to regular expressions for text clipping that have linear backtrack complexity, which can be slow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service with certain HTML...

7.5CVSS6.8AI score0.01236EPSS
Exploits0
Redos
Redos
•added 2023/10/19 12:0 a.m.•33 views

ROS-20231018-04

Vulnerability in the XCreateImage function of the libX11 library is related to integer overflow. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges PutSubImage vulnerability in libX11 library is related to execution of a loop...

7.8CVSS8.2AI score0.00633EPSS
Exploits1
Redos
Redos
•added 2023/10/16 12:0 a.m.•33 views

ROS-20231016-03

A vulnerability in the tiff.c file of the ImageMagick console graphics editor is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to force a user to open a specially crafted file, resulting in application crash and denial of servi...

6.2CVSS7.3AI score0.00314EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•33 views

ROS-20230912-01

The vulnerability of Wireshark traffic analysis software is related to insufficient verification of user input data in the CBOR protocol dissector. data entered by the user in the CBOR protocol dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, pass specially...

7.5CVSS7.3AI score0.00486EPSS
Exploits2
Redos
Redos
•added 2023/09/08 12:0 a.m.•33 views

ROS-20230908-07

A vulnerability in Firefox browser, Firefox ESR is related to a bug in the calculation of pop-up notification delay. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to grant permissions. Full-screen notification vulnerability in Mozilla Firefox,...

9.8CVSS8.1AI score0.13694EPSS
Exploits1
Redos
Redos
•added 2023/09/08 12:0 a.m.•33 views

ROS-20230907-02

Vulnerability in the Core component of Oracle VM VirtualBox virtual machine is related to resource release errors resources. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or gain full control of an application using the RDP protocol. arbitrary code or...

8.1CVSS7.8AI score0.0102EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•33 views

ROS-20230825-04

Redis database management system DBMS vulnerability is related to buffer overflow. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

8.8CVSS7.7AI score0.74822EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-562

2.562 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits0
Total number of security vulnerabilities5000