Lucene search
K
RedosMost viewed

8157 matches found

Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-562

2.562 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-580

2.580 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.7AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-533

2.533 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS9.4AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•33 views

ROS-20230622-08

Mozilla Thunderbird email client vulnerability is related to a boundary error in FileReader::DoReadData when reading a file. Exploitation of the vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system. memory corruption and...

8.8CVSS8AI score0.00918EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•33 views

ROS-20230620-06

Vulnerability of the GENERALNAMEcmp function of OpenSSL library is related to a flaw in the mechanism of data type conversion data type conversion mechanism when processing x400 addresses. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A...

9.1CVSS7.9AI score0.59501EPSS
Exploits2
Redos
Redos
•added 2023/05/05 12:0 a.m.•33 views

ROS-20230505-01

Mozilla Thunderbird email client vulnerability involves invalid free operation from code JavaScript. Exploitation of the vulnerability could allow an attacker acting remotely to force the victim to to visit a specially crafted web page, cause memory corruption, and execute arbitrary code. The...

9.8CVSS8.4AI score0.00974EPSS
Exploits0
Redos
Redos
•added 2023/04/28 12:0 a.m.•33 views

ROS-20230428-05

A vulnerability in Python Packaging Authority installation tools is related to insufficient input validation when processing HTML content. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application and perform a denial of service...

5.9CVSS6.1AI score0.02617EPSS
Exploits1
Redos
Redos
•added 2023/04/19 12:0 a.m.•33 views

ROS-20230419-03

The X.Org Server vulnerability is related to a post-release exploit bug where, when handling the deletion of a of a window, Xserver leaves a dangling pointer to that window in the CompScreen structure. Exploitation of the vulnerability could allow an attacker to cause a post-release usage error a...

7.8CVSS7.9AI score0.0044EPSS
Exploits0
Redos
Redos
•added 2023/04/17 12:0 a.m.•33 views

ROS-20230417-05

A vulnerability in the curl program is related to a problem when processing multiple queries resulting in the ignoring HSTS support. Exploitation of the vulnerability could allow an attacker acting remotely, to cause HSTS functionality to fail by sequentially requesting multiple URLs...

9.1CVSS7.7AI score0.00858EPSS
Exploits1
Redos
Redos
•added 2023/04/17 12:0 a.m.•33 views

ROS-20230417-01

The vulnerability in Redis database is related to integer overflow in "SRANDMEMBER" commands, "ZRANDMEMBER" and "HRANDFIELD." Exploitation of the vulnerability could allow an attacker to pass specially specially crafted data into an application, cause an integer overflow, and trigger a...

6.5CVSS6.9AI score0.00902EPSS
Exploits0
Redos
Redos
•added 2023/03/23 12:0 a.m.•34 views

ROS-20230322-03

A vulnerability in the Git program is related to the input of processed input data - a path outside the working tree can be overwritten by a user running "git apply". Exploiting the vulnerability could allow an attacker acting remotely to run the affected command against a malicious or compromise...

7.5CVSS6.7AI score0.01144EPSS
Exploits3
Redos
Redos
•added 2023/03/15 12:0 a.m.•33 views

ROS-20230315-01

Vulnerability in Mozilla Thunderbird email client related to notifications that are not displayed, when the browser is in full screen mode, allowing an attacker to trick the victim into visiting a malicious website and performing a spoofing attack. to visit a malicious website and perform a...

8.8CVSS7.6AI score0.00817EPSS
Exploits0
Redos
Redos
•added 2023/02/17 12:0 a.m.•33 views

ROS-20230217-01

Vulnerability in driver management software for multipath access organization multipath-tools is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to elevate privileges to root user...

7.8CVSS7.7AI score0.00606EPSS
Exploits4
Redos
Redos
•added 2023/01/17 12:0 a.m.•33 views

ROS-20230117-02

A vulnerability in the Open vSwitch software tiered switch is related to loss of integer significance when parsing Auto Attach TLVs. integer when parsing Auto Attach TLVs. Exploitation of the vulnerability could allow an attacker acting remotely to send specially crafted LLDP messages. remotely,...

9.8CVSS9.3AI score0.01324EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•33 views

ROS-20221118-05

A vulnerability in Mozilla Thunderbird email client is related to a memory usage error after a release in the InputStream implementation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a victim to visit a specially crafted website, trigger a post-release usage...

6.5CVSS8.8AI score0.00696EPSS
Exploits0
Redos
Redos
•added 2022/08/09 12:0 a.m.•33 views

ROS-20220721-01

Vulnerability in the ProcXkbSetGeometry call handler of X.Org Server is related to improper protection of the of signal strength warnings during request length processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code or escalate privileges A...

7.8CVSS8.4AI score0.00573EPSS
Exploits0
Redos
Redos
•added 2022/06/22 12:0 a.m.•33 views

ROS-20220622-02

Vulnerability of the library implementing Perl PCRE2 style regular expressions is related to boundary conditions in the compilexclassmatchingpath function of the pcre2jitcompile.c file. conditions in the compilexclassmatchingpath function of the pcre2jitcompile.c file. Exploitation of the...

9.1CVSS8.9AI score0.02993EPSS
Exploits0
Redos
Redos
•added 2022/06/20 12:0 a.m.•33 views

ROS-20220620-01

A vulnerability in the program monitoring the communication between the container manager and the conmon runtime environment is related to the fact that the application does not properly monitor the consumption of internal resources within the request ExecSync. Exploitation of the vulnerability...

7.8CVSS7.5AI score0.02827EPSS
Exploits1
Redos
Redos
•added 2022/05/24 12:0 a.m.•33 views

ROS-20220524-02

A vulnerability in the lightweight DNS, DHCP, and TFTP server Dnsmasq is related to a memory usage error after a release when processing DHCPv6 requests. Exploitation of the vulnerability could allow an attacker, acting remotely, send specially crafted DHCPv6 packets to a vulnerable application,...

7.5CVSS7.3AI score0.01487EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•33 views

ROS-2-1426

2.1426 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/12/24 12:0 a.m.•33 views

ROS-2-436

2.436 VLC vulnerability CVE-2021-3185 1. Vulnerability description: Vulnerability in the implementation of the h264parse module developed by the GStreamer project included in the gstreamer-plugins-bad set. The issue is caused by a buffer overflow in the gsth264sliceparsedecrefpicmarking function...

8AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/12/23 12:0 a.m.•33 views

ROS-2-718

2.718 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-623

2.623 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-556

2.556 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS7.7AI score0.05984EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-604

2.604 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8.2AI score0.10608EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-567

2.567 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.2AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-806

2.806 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8.1AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-681

2.681 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.3AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-647

2.647 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.4AI score0.18114EPSS
Exploits16
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-1218

2.1218 Vulnerabilities in Squid Proxy Server 1. Vulnerability description: Problems are present in the code processing the "@" block at the beginning of a URL "user@host" and allow bypassing access restriction rules, poisoning cache contents and performing a cross-site scripting attack.Identifier...

5.9CVSS6.9AI score0.04006EPSS
Exploits1
Redos
Redos
•added 1976/01/01 12:0 a.m.•33 views

ROS-2-840

2.840 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•32 views

ROS-20241001-10

A vulnerability in the Parse function of the Go programming language is related to uncontrolled recursion. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. A vulnerability in the Decoder.Decode function of the Go programming language is...

7.5CVSS7.6AI score0.01127EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•32 views

ROS-20240828-05

Vulnerability in the Connector/J component of the MySQL Connectors driver of the Oracle database management system MySQL exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data...

5.3CVSS6.6AI score0.01286EPSS
Exploits1
Redos
Redos
•added 2024/08/12 12:0 a.m.•32 views

ROS-20240812-11

The GLPI Agent universal control agent vulnerability involves modifying GLPI-Agent code or allows a DLL to be used to modify the agent's logic. Exploitation of the vulnerability could allow an attacker to privilege escalation...

7.8CVSS7.1AI score0.00217EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•32 views

ROS-20240730-08

Eclipse Jetty servlet container vulnerability is related to errors in processing input data length parameters. data length parameters. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "HTTP request smuggling" attack The Eclipse Jetty servlet container...

5.3CVSS7.7AI score0.01069EPSS
Exploits1
Redos
Redos
•added 2024/07/30 12:0 a.m.•32 views

ROS-20240730-09

Vulnerability of NTLM New Technology LAN Manager protocol implementation in Exim mail server is related to operation exceeding buffer boundaries in memory when processing requests. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...

5.3CVSS7.1AI score0.28084EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•32 views

ROS-20240729-21

Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is associated wi...

9.9CVSS6.9AI score0.16496EPSS
Exploits0
Redos
Redos
•added 2024/07/01 12:0 a.m.•32 views

ROS-20240701-03

Vulnerability in Moodle virtual learning environment related to improper validation of allowed event types in the calendar web service. events in the calendar web service. Exploitation of the vulnerability could allow an attacker acting remotely, to create events with types/audience for which the...

9.8CVSS6.5AI score0.00541EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•32 views

ROS-20240625-01

Vulnerability in tiff.c file of ImageMagick console graphics editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2024/06/18 12:0 a.m.•32 views

ROS-20240618-01

A vulnerability in the SVG Handler component of the RoundCube email client is related to cross-site scripting attacks. Exploitation of the vulnerability could allow an attacker acting remotely to exploit XSS via the SVG animation attributes. Vulnerability in the User Preferences Handler component...

6.1CVSS5.4AI score0.73296EPSS
Exploits5
Redos
Redos
•added 2024/05/27 12:0 a.m.•32 views

ROS-20240527-02

A vulnerability in the CONNECT v5 component of the Mosquitto message broker is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...

7.5CVSS7.1AI score0.00675EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•33 views

ROS-20240521-05

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machine Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could Allow a remote attacker to disclose protected information A vulnerability in...

7.5CVSS7.1AI score0.17673EPSS
Exploits3
Redos
Redos
•added 2024/04/15 12:0 a.m.•32 views

ROS-20240415-03

Vulnerability of aprbase64 function of Apache Portable Runtime APR library is related to the ability to to write outside the buffer, act remotely, execute arbitrary code...

6.5CVSS7.8AI score0.01417EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•32 views

ROS-20240411-04

Vulnerability of sessionReadRecord function of ext/session/sqlite3session.c file of database management system SQLite is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availability...

7.3CVSS7.7AI score0.01249EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•32 views

ROS-20240410-18

The vulnerability of Runc's isolated container launch tool is related to a flaw in the delimitations of the controlled area of the system. Exploitation of the vulnerability could allow an attacker to execute arbitrary code outside the isolated program environment by overwriting executable files...

8.6CVSS7.2AI score0.18087EPSS
Exploits18
Redos
Redos
•added 2024/04/09 12:0 a.m.•32 views

ROS-20240409-01

A vulnerability in the urllib.parse component of the Python programming language interpreter is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass URL blocking starting with empty characters A vulnerability in the Python...

7.5CVSS7AI score0.20459EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-08

Vulnerability of xorg-x11-server package is related to memory usage after it is freed when processing Button Action objects. Button Action objects. Exploitation of the vulnerability could allow an attacker to elevate his privileges and execute arbitrary code in root context The xorg-server packag...

7.8CVSS7.4AI score0.01631EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-01

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the...

8.8CVSS6.6AI score0.00804EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-21

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS7.3AI score0.02598EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...

6.1CVSS6.8AI score0.02782EPSS
Exploits1
Total number of security vulnerabilities5000