Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2021/12/24 12:0 a.m.•34 views

ROS-2-1426

2.1426 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/12/23 12:0 a.m.•34 views

ROS-2-718

2.718 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-567

2.567 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.2AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-681

2.681 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.3AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-623

2.623 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-1001

2.1001 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-553

2.553 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS7.6AI score0.01764EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-604

2.604 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8.2AI score0.10608EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-462

2.462 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

6.1CVSS7AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-647

2.647 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.4AI score0.18114EPSS
Exploits16
Redos
Redos
•added 2021/09/08 12:0 a.m.•34 views

ROS-2-534

2.534 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

7.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•33 views

ROS-20260524-73-0043

Vulnerability in mariadb related to security configuration errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.3CVSS7.1AI score0.00274EPSS
Exploits1
Redos
Redos
•added 2026/04/17 12:0 a.m.•33 views

ROS-20260417-73-0013

A vulnerability in the commonprefix function of the pip module of the Python programming language is related to an incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to add and modify arbitrary files...

2CVSS5.9AI score0.0039EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•33 views

ROS-2-594

2.594 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2025/01/17 12:0 a.m.•33 views

ROS-20250117-03

Vulnerability in modproxy module of Apache HTTP Server is related to incorrect writing of null pointer. pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service using a specially crafted request Apache HTTP Server WebSocket protocol...

7.5CVSS9.1AI score0.03153EPSS
Exploits0
Redos
Redos
•added 2024/11/20 12:0 a.m.•33 views

ROS-20241120-02

A vulnerability in the locking/wwmutex/test components of the Linux operating system kernel is related to improper locking in the functions listforeachentrysafe, stressonework, and stress in the kernel/locking/test/test-wwmutex.c. Exploitation of the vulnerability could allow an attacker to cause...

7.8CVSS7.2AI score0.00263EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•33 views

ROS-20241113-01

A vulnerability in the sched/debug components of the Linux operating system kernel is related to information disclosure in the updatescheddomaindebugfs function in kernel/sched/debug.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A...

7.8CVSS7.4AI score0.00907EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•33 views

ROS-20241008-10

Vulnerability of u32initknode function in net/sched/clsu32.c module of Linux kernel is related to reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information or elevate their...

7.8CVSS7.2AI score0.00565EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•33 views

ROS-20240826-12

Vulnerability of Ruby programming language components rfc2396parser.rb and rfc3986parser.rb is related to incorrect implementation of processing invalid URLs. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability in the URI component of th...

5.3CVSS7.2AI score0.02637EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•33 views

ROS-20240726-01

A vulnerability in GLPI's request and incident handling system is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the system integrity A vulnerability in the GLPI request and incident handling system is associated with the...

10CVSS7.7AI score0.50889EPSS
Exploits6
Redos
Redos
•added 2024/07/01 12:0 a.m.•33 views

ROS-20240701-03

Vulnerability in Moodle virtual learning environment related to improper validation of allowed event types in the calendar web service. events in the calendar web service. Exploitation of the vulnerability could allow an attacker acting remotely, to create events with types/audience for which the...

9.8CVSS6.5AI score0.00541EPSS
Exploits0
Redos
Redos
•added 2024/05/16 12:0 a.m.•33 views

ROS-20240516-01

Vulnerability of Less, a utility for UNIX-like text terminals, is related to incorrect processing of quotation marks in filename.c file. quotes in the filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

8.6CVSS6.9AI score0.00628EPSS
Exploits0
Redos
Redos
•added 2024/04/15 12:0 a.m.•33 views

ROS-20240415-03

Vulnerability of aprbase64 function of Apache Portable Runtime APR library is related to the ability to to write outside the buffer, act remotely, execute arbitrary code...

6.5CVSS7.8AI score0.01417EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•33 views

ROS-20240411-04

Vulnerability of sessionReadRecord function of ext/session/sqlite3session.c file of database management system SQLite is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availability...

7.3CVSS7.7AI score0.01249EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•33 views

ROS-20240410-17

The vulnerability of the ImageBuild function of the Moby containerization software tool is related to a flaw in the data source validation mechanism for endpoint processing. is related to a flaw in the data source validation mechanism for endpoint processing. Exploitation of the vulnerability cou...

7.8CVSS7AI score0.00258EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•33 views

ROS-20240409-01

A vulnerability in the urllib.parse component of the Python programming language interpreter is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass URL blocking starting with empty characters A vulnerability in the Python...

7.5CVSS7AI score0.20459EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•33 views

ROS-20240408-08

Vulnerability of xorg-x11-server package is related to memory usage after it is freed when processing Button Action objects. Button Action objects. Exploitation of the vulnerability could allow an attacker to elevate his privileges and execute arbitrary code in root context The xorg-server packag...

7.8CVSS7.4AI score0.01631EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•33 views

ROS-20240403-13

Vulnerability of OpenIdAuthenticator class of Eclipse Jetty servlet container is related to flaws in the of the authentication procedure when processing the LoginService parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

4.3CVSS7.1AI score0.00753EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•33 views

ROS-20240329-24

Vulnerability in Google Chrome browser's JavaScript script handler V8 is related to type mixing errors data types. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7AI score0.01738EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•33 views

ROS-20240328-07

The vulnerability in the RDMA component of the QEMU hardware emulator is related to the allocation and initialization of a large number of page tables to be used as a ring of descriptors for CQ and asynchronous events. Exploitation of the vulnerability could allow an attacker to cause a denial of...

6.3CVSS6.5AI score0.00309EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•33 views

ROS-2-511

2.511 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

7.5CVSS7.7AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•33 views

ROS-2-931

2.931 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/10/30 12:0 a.m.•33 views

ROS-20231030-02

A vulnerability in the Django web application software platform, is related to regular expressions for text clipping that have linear backtrack complexity, which can be slow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service with certain HTML...

7.5CVSS6.8AI score0.01236EPSS
Exploits0
Redos
Redos
•added 2023/10/20 12:0 a.m.•33 views

ROS-20231018-05

A vulnerability in the SQLite database management system API library is related to unchecked array indexing. array indexing. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or execute arbitrary code during the processing of a long sequence of o...

7.5CVSS8AI score0.19193EPSS
Exploits2
Redos
Redos
•added 2023/10/16 12:0 a.m.•33 views

ROS-20231016-06

Squid proxy server vulnerability is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Squid proxy vulnerability is related to insufficient input validation. Exploitation exploitation of the vulnerability could allow...

6.5CVSS6.9AI score0.79583EPSS
Exploits2
Redos
Redos
•added 2023/10/13 12:0 a.m.•33 views

ROS-20231013-04

A vulnerability in the bfdelfslurpversiontables method of the GNU Binutils software development tool is related with a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the binutils-gdb/bfd/libbfd.c...

7.8CVSS7.4AI score0.00895EPSS
Exploits1
Redos
Redos
•added 2023/10/09 12:0 a.m.•33 views

ROS-20231009-02

Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...

5.7CVSS6.8AI score0.00553EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•33 views

ROS-20230914-07

VMware Tools suite vulnerability is related to the ability to bypass SAML token signature. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges by implementing a man-in-the-middle attack. a man-in-the-middle attack...

7.5CVSS6.9AI score0.01193EPSS
Exploits0
Redos
Redos
•added 2023/09/08 12:0 a.m.•33 views

ROS-20230907-02

Vulnerability in the Core component of Oracle VM VirtualBox virtual machine is related to resource release errors resources. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or gain full control of an application using the RDP protocol. arbitrary code or...

8.1CVSS7.8AI score0.0102EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•33 views

ROS-20230825-04

Redis database management system DBMS vulnerability is related to buffer overflow. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

8.8CVSS7.7AI score0.74822EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-562

2.562 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-580

2.580 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.7AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•33 views

ROS-2-533

2.533 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS9.4AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•33 views

ROS-20230616-05

A vulnerability in the Flask framework is related to the ability to send one client's session cookie to other users. users. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to protected information...

7.5CVSS7.5AI score0.01261EPSS
Exploits1
Redos
Redos
•added 2023/04/17 12:0 a.m.•33 views

ROS-20230417-05

A vulnerability in the curl program is related to a problem when processing multiple queries resulting in the ignoring HSTS support. Exploitation of the vulnerability could allow an attacker acting remotely, to cause HSTS functionality to fail by sequentially requesting multiple URLs...

9.1CVSS7.7AI score0.00858EPSS
Exploits1
Redos
Redos
•added 2023/04/17 12:0 a.m.•33 views

ROS-20230417-01

The vulnerability in Redis database is related to integer overflow in "SRANDMEMBER" commands, "ZRANDMEMBER" and "HRANDFIELD." Exploitation of the vulnerability could allow an attacker to pass specially specially crafted data into an application, cause an integer overflow, and trigger a...

6.5CVSS6.9AI score0.00902EPSS
Exploits0
Redos
Redos
•added 2023/03/23 12:0 a.m.•34 views

ROS-20230322-03

A vulnerability in the Git program is related to the input of processed input data - a path outside the working tree can be overwritten by a user running "git apply". Exploiting the vulnerability could allow an attacker acting remotely to run the affected command against a malicious or compromise...

7.5CVSS6.7AI score0.01144EPSS
Exploits3
Redos
Redos
•added 2023/03/22 12:0 a.m.•33 views

ROS-20230322-02

The Containerd container execution environment vulnerability is related to a flaw whereby additional groups are not properly configured within the container, when an attacker has direct access to the container and manipulates its optional group access, it can use optional group access to bypass t...

7.8CVSS7.2AI score0.00542EPSS
Exploits1
Redos
Redos
•added 2023/03/17 12:0 a.m.•33 views

ROS-20230317-01

Vulnerability in Redis database related to string mapping commands e.g. SCAN or KEYS with a specially crafted template. Exploitation of the vulnerability could allow an attacker acting remotely to launch a "denial of service" attack. remotely to launch a denial-of-service attack...

5.5CVSS5.7AI score0.59706EPSS
Exploits0
Redos
Redos
•added 2023/03/15 12:0 a.m.•33 views

ROS-20230315-01

Vulnerability in Mozilla Thunderbird email client related to notifications that are not displayed, when the browser is in full screen mode, allowing an attacker to trick the victim into visiting a malicious website and performing a spoofing attack. to visit a malicious website and perform a...

8.8CVSS7.6AI score0.00817EPSS
Exploits0
Total number of security vulnerabilities5000