Lucene search
K
RedosMost viewed

8368 matches found

Redos
Redos
•added 2023/03/22 12:0 a.m.•33 views

ROS-20230322-02

The Containerd container execution environment vulnerability is related to a flaw whereby additional groups are not properly configured within the container, when an attacker has direct access to the container and manipulates its optional group access, it can use optional group access to bypass t...

7.8CVSS7.2AI score0.00542EPSS
Exploits1
Redos
Redos
•added 2023/03/17 12:0 a.m.•33 views

ROS-20230317-01

Vulnerability in Redis database related to string mapping commands e.g. SCAN or KEYS with a specially crafted template. Exploitation of the vulnerability could allow an attacker acting remotely to launch a "denial of service" attack. remotely to launch a denial-of-service attack...

5.5CVSS5.7AI score0.59706EPSS
Exploits0
Redos
Redos
•added 2023/03/15 12:0 a.m.•33 views

ROS-20230315-01

Vulnerability in Mozilla Thunderbird email client related to notifications that are not displayed, when the browser is in full screen mode, allowing an attacker to trick the victim into visiting a malicious website and performing a spoofing attack. to visit a malicious website and perform a...

8.8CVSS7.6AI score0.00817EPSS
Exploits0
Redos
Redos
•added 2022/12/27 12:0 a.m.•33 views

ROS-20221227-02

A vulnerability in the PJSIP multimedia library is related to a boundary error in the decoding of STUN messages. Exploitation of the vulnerability could allow an attacker acting remotely to transmit a specially crafted STUN message to an application, cause a heap buffer overflow, and execute...

9.8CVSS9.5AI score0.01026EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•33 views

ROS-20221118-05

A vulnerability in Mozilla Thunderbird email client is related to a memory usage error after a release in the InputStream implementation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a victim to visit a specially crafted website, trigger a post-release usage...

6.5CVSS8.8AI score0.00696EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•33 views

ROS-20221007-03

Vim text editor vulnerability is related to a memory release error in the function didsetstringoption of the optionstr.c file. Exploitation of the vulnerability could allow an attacker, acting remotely, trick the victim into opening a specially crafted file, crashing the program, and executing...

7.8CVSS8.1AI score0.00489EPSS
Exploits1
Redos
Redos
•added 2022/09/09 12:0 a.m.•33 views

ROS-20220909-01

A vulnerability in the vimvsnprintftypval function of the Vim text editor is related to the use of memory after it has been freed. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information Vim text editor vulnerability i...

7.8CVSS6.7AI score0.00787EPSS
Exploits5
Redos
Redos
•added 2022/06/20 12:0 a.m.•33 views

ROS-20220620-01

A vulnerability in the program monitoring the communication between the container manager and the conmon runtime environment is related to the fact that the application does not properly monitor the consumption of internal resources within the request ExecSync. Exploitation of the vulnerability...

7.8CVSS7.5AI score0.02827EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•33 views

ROS-2-436

2.436 VLC vulnerability CVE-2021-3185 1. Vulnerability description: Vulnerability in the implementation of the h264parse module developed by the GStreamer project included in the gstreamer-plugins-bad set. The issue is caused by a buffer overflow in the gsth264sliceparsedecrefpicmarking function...

8AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-914

2.914 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-713

2.713 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-688

2.688 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-549

2.549 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7AI score0.10634EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-806

2.806 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8.1AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-1218

2.1218 Vulnerabilities in Squid Proxy Server 1. Vulnerability description: Problems are present in the code processing the "@" block at the beginning of a URL "user@host" and allow bypassing access restriction rules, poisoning cache contents and performing a cross-site scripting attack.Identifier...

5.9CVSS6.9AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-554

2.554 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-556

2.556 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS7.7AI score0.05984EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•33 views

ROS-2-521

2.521 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS7.8AI score0.10047EPSS
Exploits2
Redos
Redos
•added 1976/01/01 12:0 a.m.•33 views

ROS-2-840

2.840 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2026/06/16 12:0 a.m.•32 views

ROS-20260616-73-0038

The vulnerability in ImageMagick 7 is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.3CVSS5.3AI score0.00384EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•32 views

ROS-20260524-73-0024

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00122EPSS
Exploits0
Redos
Redos
•added 2025/05/15 12:0 a.m.•32 views

ROS-20250515-06

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a request flow within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementation is...

7.5CVSS8.4AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2025/05/13 12:0 a.m.•32 views

ROS-2-514

2.514 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

4.3CVSS7AI score0.01092EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•32 views

ROS-2-452

2.452 Multiple Vulnerabilities in LibTIFF 1. Vulnerability description: CVE-2020-35524 CVE-2020-35523 CVE-2020-35522 CVE-2020-35522 CVE-2020-35521 The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a boundary error in TIFF...

7.8CVSS8AI score0.01922EPSS
Exploits0
Redos
Redos
•added 2024/10/03 12:0 a.m.•32 views

ROS-20241003-01

Vulnerability of dmaentryalloccheckleak function of dma-debug component of Linux operating system kernel is related to incorrect locking. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in the vaddr-test component of the Linux operati...

7.8CVSS7.3AI score0.00805EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•32 views

ROS-20241001-10

A vulnerability in the Parse function of the Go programming language is related to uncontrolled recursion. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. A vulnerability in the Decoder.Decode function of the Go programming language is...

7.5CVSS7.6AI score0.01127EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•32 views

ROS-20240828-05

Vulnerability in the Connector/J component of the MySQL Connectors driver of the Oracle database management system MySQL exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data...

5.3CVSS6.6AI score0.01286EPSS
Exploits1
Redos
Redos
•added 2024/08/12 12:0 a.m.•32 views

ROS-20240812-11

The GLPI Agent universal control agent vulnerability involves modifying GLPI-Agent code or allows a DLL to be used to modify the agent's logic. Exploitation of the vulnerability could allow an attacker to privilege escalation...

7.8CVSS7.1AI score0.00217EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•32 views

ROS-20240730-14

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM virtual machines for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to the lack of service data protection. Exploitation exploitation of the vulnerability could allow an...

7.4CVSS6.6AI score0.01026EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•32 views

ROS-20240730-08

Eclipse Jetty servlet container vulnerability is related to errors in processing input data length parameters. data length parameters. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "HTTP request smuggling" attack The Eclipse Jetty servlet container...

5.3CVSS7.7AI score0.01069EPSS
Exploits1
Redos
Redos
•added 2024/07/30 12:0 a.m.•32 views

ROS-20240730-09

Vulnerability of NTLM New Technology LAN Manager protocol implementation in Exim mail server is related to operation exceeding buffer boundaries in memory when processing requests. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to protected information...

5.3CVSS7.1AI score0.28084EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•32 views

ROS-20240729-21

Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is associated wi...

9.9CVSS6.9AI score0.16496EPSS
Exploits0
Redos
Redos
•added 2024/06/18 12:0 a.m.•32 views

ROS-20240618-01

A vulnerability in the SVG Handler component of the RoundCube email client is related to cross-site scripting attacks. Exploitation of the vulnerability could allow an attacker acting remotely to exploit XSS via the SVG animation attributes. Vulnerability in the User Preferences Handler component...

6.1CVSS5.4AI score0.73296EPSS
Exploits5
Redos
Redos
•added 2024/06/03 12:0 a.m.•32 views

ROS-20240603-03

A vulnerability in the XML parser library libexpat is related to incorrect restriction of recursive object references in DTDs. recursive object references in DTDs. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.1AI score0.00373EPSS
Exploits0
Redos
Redos
•added 2024/05/27 12:0 a.m.•32 views

ROS-20240527-02

A vulnerability in the CONNECT v5 component of the Mosquitto message broker is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...

7.5CVSS7.1AI score0.00675EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•33 views

ROS-20240521-05

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machine Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could Allow a remote attacker to disclose protected information A vulnerability in...

7.5CVSS7.1AI score0.17673EPSS
Exploits3
Redos
Redos
•added 2024/04/23 12:0 a.m.•32 views

ROS-20240423-09

A vulnerability in the espdonodma function in hw/scsi/esp.c of the QEMU hardware emulator is related to a buffer overflow via the TI command when the expected length of a non-DMA transfer is less than the length of the available FIFO data. Exploitation of the vulnerability could allow an attacker...

8.8CVSS8AI score0.01397EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•32 views

ROS-20240410-18

The vulnerability of Runc's isolated container launch tool is related to a flaw in the delimitations of the controlled area of the system. Exploitation of the vulnerability could allow an attacker to execute arbitrary code outside the isolated program environment by overwriting executable files...

8.6CVSS7.2AI score0.18087EPSS
Exploits18
Redos
Redos
•added 2024/04/10 12:0 a.m.•32 views

ROS-20240410-11

The vulnerability of the Grub2 operating system boot loader is related to incomplete clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

3.3CVSS7.1AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...

6.1CVSS6.8AI score0.02782EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-21

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS7.3AI score0.02598EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-01

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the...

8.8CVSS6.6AI score0.00804EPSS
Exploits4
Redos
Redos
•added 2024/04/05 12:0 a.m.•32 views

ROS-20240405-12

A vulnerability in the Commons FileUpload component of Apache Tomcat application server exists due to incomplete cleanup of temporary or auxiliary resources. clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker , acting remotely, to cause a denia...

7.5CVSS6.5AI score0.05848EPSS
Exploits2
Redos
Redos
•added 2024/04/04 12:0 a.m.•32 views

ROS-20240404-17

Vulnerability in the SMTP protocol implementation of Exim mail server is related to operation out of buffer boundaries in memory during request processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

9.8CVSS8.3AI score0.51474EPSS
Exploits5
Redos
Redos
•added 2024/04/01 12:0 a.m.•32 views

ROS-20240401-05

A vulnerability in the NVIDIA Tegra XUSB Pad driver of the Linux kernel is related to pointer dereferencing errors. in pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.5AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-12

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.5AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-15

A vulnerability in the lsi53c895a.c component of the QEMU hardware emulator is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsidiskreset function hw/scsi/scsi-disk.c of the...

6.5CVSS7.3AI score0.0114EPSS
Exploits1
Redos
Redos
•added 2024/03/28 12:0 a.m.•32 views

ROS-20240328-16

Vulnerability in vim text editor is related to memory usage after it is freed. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code...

4.7CVSS7.6AI score0.00441EPSS
Exploits1
Redos
Redos
•added 2024/03/28 12:0 a.m.•32 views

ROS-20240328-17

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...

5.3CVSS6.5AI score0.00953EPSS
Exploits0
Redos
Redos
•added 2024/03/22 12:0 a.m.•32 views

ROS-20240322-01

Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...

8CVSS8.2AI score0.01465EPSS
Exploits0
Total number of security vulnerabilities5000