Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2025/05/13 12:0 a.m.•34 views

ROS-2-668

2.668 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS8AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2024/11/29 12:0 a.m.•34 views

ROS-20241129-02

A vulnerability in the openvswitch component of the Linux operating system kernel is related to incorrect input validation in the parseicmpv6 function in net/openvswitch/flow.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cppccpufr...

7.8CVSS8.4AI score0.01136EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•34 views

ROS-20241113-01

A vulnerability in the sched/debug components of the Linux operating system kernel is related to information disclosure in the updatescheddomaindebugfs function in kernel/sched/debug.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A...

7.8CVSS7.4AI score0.00907EPSS
Exploits0
Redos
Redos
•added 2024/11/07 12:0 a.m.•34 views

ROS-20241107-01

A vulnerability in the imx component of the Linux kernel is associated with a memory leak in the function ipucscscalerrelease in drivers/staging/media/imx/imx-media-csc-scaler.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in Linux kernel...

7.8CVSS7.6AI score0.0033EPSS
Exploits0
Redos
Redos
•added 2024/11/06 12:0 a.m.•34 views

ROS-20241106-01

Vulnerability of the supply component of the Linux kernel is related to resource management errors in the bq27xxxbatteryi2cremove function in drivers/power/supply/bq27xxxbatteryi2c.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...

7.8CVSS8.7AI score0.00622EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•34 views

ROS-20241021-07

Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service or execute arbitrary code...

7.1CVSS7.7AI score0.03422EPSS
Exploits1
Redos
Redos
•added 2024/08/29 12:0 a.m.•34 views

ROS-20240829-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to resource release errors. resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the Core component of the Oracle V...

8.2CVSS6.3AI score0.00457EPSS
Exploits0
Redos
Redos
•added 2024/07/04 12:0 a.m.•34 views

ROS-20240704-04

Vulnerability of the OpenSSL cryptographic library is related to a call of the OpenSSL API function SSLfreebuffers function, resulting in access to previously freed memory. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.02945EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•34 views

ROS-20240625-01

Vulnerability in tiff.c file of ImageMagick console graphics editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2024/06/19 12:0 a.m.•34 views

ROS-20240619-01

A vulnerability in the OpenSSH ECDSA Key Handler component of the OpenSSH ECDSA Key Handler technology for signing and encrypting JavaScript objects in Python is related to the definition of a blacklist of prefixes for public keys. Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS6.7AI score0.00783EPSS
Exploits2
Redos
Redos
•added 2024/05/27 12:0 a.m.•34 views

ROS-20240527-04

A vulnerability in the Git distributed version control system exists due to a process control issue. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when cloning specially crafted local repositories A vulnerability in the Git distributed version control system ...

8.1CVSS7.9AI score0.01271EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•34 views

ROS-20240514-01

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.4AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/07 12:0 a.m.•34 views

ROS-20240507-07

A vulnerability in the ProcRenderAddGlyphs function of the X Window System Xorg-server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted file Vulnerability of ProcXIPassiveGrabDevi...

7.8CVSS7.4AI score0.01843EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•34 views

ROS-20240503-03

A vulnerability in the Containerd container runtime environment is related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. information...

7.5CVSS7.5AI score0.27392EPSS
Exploits4
Redos
Redos
•added 2024/04/23 12:0 a.m.•34 views

ROS-20240423-11

A vulnerability in the Libvirt virtualization management daemon is related to memory re-release. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. integrity, and cause a denial of service...

7.2CVSS6.7AI score0.00529EPSS
Exploits0
Redos
Redos
•added 2024/04/23 12:0 a.m.•34 views

ROS-20240423-02

Vulnerability of gnew0 function of Libvirt virtualization management library is related to incorrect checking of negative array length before memory allocation. checking for negative array length before allocating memory. Exploitation of the vulnerability could allow an attacker to cause a denial...

6.2CVSS6.3AI score0.00364EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•34 views

ROS-20240418-02

Vulnerabilities in Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool are related to security settings errors. Microsoft Visual Studio software development tool is related to errors in security settings. Exploitation vulnerability could allow ...

9.8CVSS7.3AI score0.02778EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•34 views

ROS-20240410-16

A vulnerability in the xmlValidatePopElement function of the XML Reader Interface component of the Libxml2 library is related to the memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a specially...

7.5CVSS7.1AI score0.01364EPSS
Exploits3
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-03

A vulnerability in the Redis database management system DBMS involves integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS7.6AI score0.02582EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-09

A vulnerability in the loginpassword component of the FreeIpa server is related to sending user requests, that can perform actions on behalf of the user. Exploitation of the vulnerability could allow An attacker acting remotely to cause a loss of system confidentiality and integrity...

6.5CVSS6.6AI score0.0057EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-05

Vulnerability of TiXmlDeclaration::Parse function in tinyxmlparser.cpp component of TinyXML XML-parser is related to the use of assert operator when processing 0 character after space. using assert operator when processing 0 character after a space. Exploitation vulnerability could allow an...

7.5CVSS6.7AI score0.01372EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•34 views

ROS-20240329-09

A vulnerability in the Privates Handler component of the X Window System X.Org Server implementation is related to an operation exceeding the buffer boundaries. operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

9.8CVSS8.2AI score0.02106EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•34 views

ROS-20240329-10

Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...

9.8CVSS9.5AI score0.03796EPSS
Exploits1
Redos
Redos
•added 2024/03/27 12:0 a.m.•34 views

ROS-20240327-01

The golang package vulnerability is related to the ability to correlate consecutive connections by comparing the ticket ages during session resumption. Exploitation of the vulnerability could allow an intruder, acting remotely, an intruder could gain unauthorized access to session identifiers The...

5.3CVSS7.2AI score0.05623EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•34 views

ROS-2-479

2.479 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•34 views

ROS-2-916

2.916 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•34 views

ROS-2-1571

2.1571 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.3AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/03/13 12:0 a.m.•34 views

ROS-2-1308

2.1308 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/10/20 12:0 a.m.•34 views

ROS-20231020-03

The ps utility vulnerability is related to out-of-field writes. Exploitation of the vulnerability could allow an attacker acting remotely to write unlimited amounts of unfiltered data to the heap of the process...

3.3CVSS7AI score0.00241EPSS
Exploits0
Redos
Redos
•added 2023/10/19 12:0 a.m.•34 views

ROS-20231018-04

Vulnerability in the XCreateImage function of the libX11 library is related to integer overflow. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges PutSubImage vulnerability in libX11 library is related to execution of a loop...

7.8CVSS8.2AI score0.00633EPSS
Exploits1
Redos
Redos
•added 2023/10/16 12:0 a.m.•34 views

ROS-20231016-03

A vulnerability in the tiff.c file of the ImageMagick console graphics editor is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to force a user to open a specially crafted file, resulting in application crash and denial of servi...

6.2CVSS7.3AI score0.00314EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•34 views

ROS-20230912-01

The vulnerability of Wireshark traffic analysis software is related to insufficient verification of user input data in the CBOR protocol dissector. data entered by the user in the CBOR protocol dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, pass specially...

7.5CVSS7.3AI score0.00486EPSS
Exploits2
Redos
Redos
•added 2023/09/18 12:0 a.m.•34 views

ROS-20230915-11

A vulnerability in the Base plugin gst-plugins-base of the Gstreamer multimedia framework is related to a buffer overrun during the parsing and decoding of subtitles from SRT files. operation outside the memory buffer when parsing and decoding subtitles from SRT files. Exploitation exploitation o...

8.8CVSS7.3AI score0.01643EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•34 views

ROS-20230915-09

A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information and escalate privileges. protected information and...

7.8CVSS7.3AI score0.01944EPSS
Exploits5
Redos
Redos
•added 2023/09/08 12:0 a.m.•34 views

ROS-20230908-07

A vulnerability in Firefox browser, Firefox ESR is related to a bug in the calculation of pop-up notification delay. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to grant permissions. Full-screen notification vulnerability in Mozilla Firefox,...

9.8CVSS8.1AI score0.13694EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•34 views

ROS-2-505

2.505 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS7.8AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•34 views

ROS-2-1203

2.1203 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2023/06/22 12:0 a.m.•34 views

ROS-20230621-04

A vulnerability in the curl program is related to incorrect certificate validation when matching wildcards in TLS certificates for IDNs. wildcards in TLS certificates for IDNs. Exploitation of the vulnerability could allow an attacker acting remotely to create a specially crafted certificate that...

7.5CVSS6.5AI score0.02489EPSS
Exploits2
Redos
Redos
•added 2023/06/22 12:0 a.m.•34 views

ROS-20230622-08

Mozilla Thunderbird email client vulnerability is related to a boundary error in FileReader::DoReadData when reading a file. Exploitation of the vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system. memory corruption and...

8.8CVSS8AI score0.00918EPSS
Exploits0
Redos
Redos
•added 2023/05/05 12:0 a.m.•34 views

ROS-20230505-01

Mozilla Thunderbird email client vulnerability involves invalid free operation from code JavaScript. Exploitation of the vulnerability could allow an attacker acting remotely to force the victim to to visit a specially crafted web page, cause memory corruption, and execute arbitrary code. The...

9.8CVSS8.4AI score0.00974EPSS
Exploits0
Redos
Redos
•added 2023/05/05 12:0 a.m.•34 views

ROS-20230504-03

A vulnerability in the minimatch package of the Node.js software development platform is related to a call to the braceExpand function with with certain arguments. Exploitation of the vulnerability could allow an attacker acting remotely, to cause a denial of service...

7.5CVSS7.8AI score0.01674EPSS
Exploits0
Redos
Redos
•added 2023/04/28 12:0 a.m.•34 views

ROS-20230428-05

A vulnerability in Python Packaging Authority installation tools is related to insufficient input validation when processing HTML content. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application and perform a denial of service...

5.9CVSS6.1AI score0.02617EPSS
Exploits1
Redos
Redos
•added 2023/04/20 12:0 a.m.•34 views

ROS-20230420-02

A vulnerability in the iconv function of the glibc library is related to a flaw in the use of the assert function. The vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS8.3AI score0.03093EPSS
Exploits0
Redos
Redos
•added 2023/04/19 12:0 a.m.•34 views

ROS-20230419-03

The X.Org Server vulnerability is related to a post-release exploit bug where, when handling the deletion of a of a window, Xserver leaves a dangling pointer to that window in the CompScreen structure. Exploitation of the vulnerability could allow an attacker to cause a post-release usage error a...

7.8CVSS7.9AI score0.0044EPSS
Exploits0
Redos
Redos
•added 2023/02/17 12:0 a.m.•34 views

ROS-20230217-01

Vulnerability in driver management software for multipath access organization multipath-tools is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to elevate privileges to root user...

7.8CVSS7.7AI score0.00606EPSS
Exploits4
Redos
Redos
•added 2023/01/24 12:0 a.m.•34 views

ROS-20230124-04

The vulnerability in the Mozilla Firefox browser is due to the fact that a deprecated library libusrsctp contained a vulnerability that could potentially be exploited. vulnerabilities that could potentially be exploited. Exploitation of the vulnerability could allow an attacker acting remotely to...

8.8CVSS7.2AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2023/01/24 12:0 a.m.•34 views

ROS-20230124-01

Vulnerability of sudoedit function of Sudo system administration program is related to errors in processing of additional arguments in environment variables. additional arguments in environment variables. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate...

7.8CVSS7.9AI score0.55367EPSS
Exploits20
Redos
Redos
•added 2022/12/23 12:0 a.m.•34 views

ROS-20221223-01

The containerd container runtime vulnerability is related to a bug in the CRI containerd thread server when handling terminal resize events. Exploitation of the vulnerability could allow an attacker, acting remotely, to query the TTY and cause it to crash by sending an invalid command and running...

6.5CVSS7AI score0.01022EPSS
Exploits0
Redos
Redos
•added 2022/08/09 12:0 a.m.•34 views

ROS-20220721-01

Vulnerability in the ProcXkbSetGeometry call handler of X.Org Server is related to improper protection of the of signal strength warnings during request length processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code or escalate privileges A...

7.8CVSS8.4AI score0.00573EPSS
Exploits0
Redos
Redos
•added 2022/05/24 12:0 a.m.•34 views

ROS-20220524-02

A vulnerability in the lightweight DNS, DHCP, and TFTP server Dnsmasq is related to a memory usage error after a release when processing DHCPv6 requests. Exploitation of the vulnerability could allow an attacker, acting remotely, send specially crafted DHCPv6 packets to a vulnerable application,...

7.5CVSS7.3AI score0.01487EPSS
Exploits0
Total number of security vulnerabilities5000