Lucene search
K
RedosMost viewed

8157 matches found

Redos
Redos
•added 2024/04/05 12:0 a.m.•32 views

ROS-20240405-12

A vulnerability in the Commons FileUpload component of Apache Tomcat application server exists due to incomplete cleanup of temporary or auxiliary resources. clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker , acting remotely, to cause a denia...

7.5CVSS6.5AI score0.05848EPSS
Exploits2
Redos
Redos
•added 2024/04/01 12:0 a.m.•32 views

ROS-20240401-05

A vulnerability in the NVIDIA Tegra XUSB Pad driver of the Linux kernel is related to pointer dereferencing errors. in pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.5AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-12

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.5AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-24

Vulnerability in Google Chrome browser's JavaScript script handler V8 is related to type mixing errors data types. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7AI score0.01738EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-15

A vulnerability in the lsi53c895a.c component of the QEMU hardware emulator is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsidiskreset function hw/scsi/scsi-disk.c of the...

6.5CVSS7.3AI score0.0114EPSS
Exploits1
Redos
Redos
•added 2024/03/28 12:0 a.m.•32 views

ROS-20240328-07

The vulnerability in the RDMA component of the QEMU hardware emulator is related to the allocation and initialization of a large number of page tables to be used as a ring of descriptors for CQ and asynchronous events. Exploitation of the vulnerability could allow an attacker to cause a denial of...

6.3CVSS6.5AI score0.00309EPSS
Exploits0
Redos
Redos
•added 2024/03/27 12:0 a.m.•32 views

ROS-20240327-01

The golang package vulnerability is related to the ability to correlate consecutive connections by comparing the ticket ages during session resumption. Exploitation of the vulnerability could allow an intruder, acting remotely, an intruder could gain unauthorized access to session identifiers The...

5.3CVSS7.2AI score0.05623EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•32 views

ROS-2-846

2.846 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•32 views

ROS-2-860

2.860 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/11/16 12:0 a.m.•32 views

ROS-20231116-02

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the decoder component of the Golang programming language...

6.5CVSS6.8AI score0.0086EPSS
Exploits0
Redos
Redos
•added 2023/10/20 12:0 a.m.•32 views

ROS-20231018-05

A vulnerability in the SQLite database management system API library is related to unchecked array indexing. array indexing. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or execute arbitrary code during the processing of a long sequence of o...

7.5CVSS8AI score0.19193EPSS
Exploits2
Redos
Redos
•added 2023/10/16 12:0 a.m.•32 views

ROS-20231016-06

Squid proxy server vulnerability is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Squid proxy vulnerability is related to insufficient input validation. Exploitation exploitation of the vulnerability could allow...

6.5CVSS6.9AI score0.79583EPSS
Exploits2
Redos
Redos
•added 2023/10/13 12:0 a.m.•32 views

ROS-20231013-04

A vulnerability in the bfdelfslurpversiontables method of the GNU Binutils software development tool is related with a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the binutils-gdb/bfd/libbfd.c...

7.8CVSS7.4AI score0.00895EPSS
Exploits1
Redos
Redos
•added 2023/10/09 12:0 a.m.•32 views

ROS-20231009-02

Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...

5.7CVSS6.8AI score0.00553EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•32 views

ROS-20230915-09

A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information and escalate privileges. protected information and...

7.8CVSS7.3AI score0.01944EPSS
Exploits5
Redos
Redos
•added 2023/09/18 12:0 a.m.•32 views

ROS-20230914-07

VMware Tools suite vulnerability is related to the ability to bypass SAML token signature. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges by implementing a man-in-the-middle attack. a man-in-the-middle attack...

7.5CVSS6.9AI score0.01193EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•32 views

ROS-20230915-11

A vulnerability in the Base plugin gst-plugins-base of the Gstreamer multimedia framework is related to a buffer overrun during the parsing and decoding of subtitles from SRT files. operation outside the memory buffer when parsing and decoding subtitles from SRT files. Exploitation exploitation o...

8.8CVSS7.3AI score0.01451EPSS
Exploits0
Redos
Redos
•added 2023/09/12 12:0 a.m.•32 views

ROS-20230911-07

A vulnerability in the Moodle virtual learning environment is related to insufficient validation of user input data. data, an attacker could send a specially crafted HTTP request and make the application initiate requests to arbitrary systems. Exploitation of the vulnerability could allow an...

7.5CVSS6.9AI score0.00825EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•32 views

ROS-20230619-03

A vulnerability in Certifi's specialized certificate collection is related to the presence of a TrustCor certificate in the list of root certificates, the certificate was removed because TrustCor was also in the business of in the spyware business. Exploitation of the vulnerability could allow an...

7.5CVSS7.5AI score0.00535EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•32 views

ROS-20230616-04

Libxml2 library vulnerability is related to NULL pointer dereferencing error in the xmlSchemaFixupComplexType. Exploitation of the vulnerability could allow an attacker acting remotely, to transmit specially crafted data to an application and perform a denial of service attack. The Libxml2 librar...

6.5CVSS6.7AI score0.01086EPSS
Exploits1
Redos
Redos
•added 2023/06/15 12:0 a.m.•32 views

ROS-20230615-01

LibRaw image processing library vulnerability is related to heap buffer overflow in raw2imageex. Exploitation of the vulnerability could allow an attacker acting remotely to cause an application to application crash due to a maliciously crafted input file...

6.5CVSS6.9AI score0.01289EPSS
Exploits1
Redos
Redos
•added 2023/03/22 12:0 a.m.•32 views

ROS-20230322-02

The Containerd container execution environment vulnerability is related to a flaw whereby additional groups are not properly configured within the container, when an attacker has direct access to the container and manipulates its optional group access, it can use optional group access to bypass t...

7.8CVSS7.2AI score0.00542EPSS
Exploits1
Redos
Redos
•added 2023/03/17 12:0 a.m.•32 views

ROS-20230317-01

Vulnerability in Redis database related to string mapping commands e.g. SCAN or KEYS with a specially crafted template. Exploitation of the vulnerability could allow an attacker acting remotely to launch a "denial of service" attack. remotely to launch a denial-of-service attack...

5.5CVSS5.7AI score0.59706EPSS
Exploits0
Redos
Redos
•added 2023/02/13 12:0 a.m.•32 views

ROS-20230213-01

A vulnerability in the ImageMagick graphical editor is related to errors in input data processing. Exploitation of the vulnerability may allow a remote intruder to gain access to protected information using the profile parameter. information using the profile parameter Vulnerability of ImageMagic...

6.5CVSS6.8AI score0.89855EPSS
Exploits31
Redos
Redos
•added 2022/12/27 12:0 a.m.•32 views

ROS-20221227-02

A vulnerability in the PJSIP multimedia library is related to a boundary error in the decoding of STUN messages. Exploitation of the vulnerability could allow an attacker acting remotely to transmit a specially crafted STUN message to an application, cause a heap buffer overflow, and execute...

9.8CVSS9.5AI score0.01026EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•32 views

ROS-20221007-03

Vim text editor vulnerability is related to a memory release error in the function didsetstringoption of the optionstr.c file. Exploitation of the vulnerability could allow an attacker, acting remotely, trick the victim into opening a specially crafted file, crashing the program, and executing...

7.8CVSS8.1AI score0.00489EPSS
Exploits1
Redos
Redos
•added 2022/09/09 12:0 a.m.•32 views

ROS-20220909-01

A vulnerability in the vimvsnprintftypval function of the Vim text editor is related to the use of memory after it has been freed. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information Vim text editor vulnerability i...

7.8CVSS6.7AI score0.00787EPSS
Exploits5
Redos
Redos
•added 2021/12/24 12:0 a.m.•32 views

ROS-2-435

2.435 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...

6.5AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•32 views

ROS-2-1352

2.1352 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-799

2.799 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...

7.8CVSS8.4AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-859

2.859 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-554

2.554 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-713

2.713 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-449

2.449 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8AI score0.99295EPSS
Exploits82
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-549

2.549 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7AI score0.10634EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-807

2.807 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

9.8CVSS8.8AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-688

2.688 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-914

2.914 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-714

2.714 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-633

2.633 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Lack of memory initialization when allocating buffers for pixmaps using the AllocatePixmap call can cause the X client to leak the memory contents from the heap when the X...

6.7CVSS6.8AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-521

2.521 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS7.8AI score0.10047EPSS
Exploits2
Redos
Redos
•added 1976/01/01 12:0 a.m.•32 views

ROS-2-464

2.464 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS9.1AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2025/05/15 12:0 a.m.•31 views

ROS-20250515-06

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a request flow within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementation is...

7.5CVSS8.4AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2025/05/13 12:0 a.m.•31 views

ROS-2-514

2.514 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

4.3CVSS7AI score0.01092EPSS
Exploits0
Redos
Redos
•added 2025/02/14 12:0 a.m.•31 views

ROS-20250214-02

A vulnerability in the go-git library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or...

9.8CVSS8.2AI score0.0124EPSS
Exploits0
Redos
Redos
•added 2024/11/08 12:0 a.m.•31 views

ROS-20241108-01

A vulnerability in the mac80211 component of the Linux operating system kernel is related to information disclosure in the function stainfofree in net/mac80211/stainfo.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the As...

7.1CVSS6.8AI score0.00232EPSS
Exploits0
Redos
Redos
•added 2024/10/03 12:0 a.m.•31 views

ROS-20241003-01

Vulnerability of dmaentryalloccheckleak function of dma-debug component of Linux operating system kernel is related to incorrect locking. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in the vaddr-test component of the Linux operati...

7.8CVSS7.3AI score0.00805EPSS
Exploits1
Redos
Redos
•added 2024/09/16 12:0 a.m.•31 views

ROS-20240916-12

Vulnerability in the crypto.setEngine method of the Node.js software platform is related to flaws in access delimitation access. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the existing security restrictions...

7.5CVSS6.8AI score0.01348EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•31 views

ROS-20240910-06

A vulnerability in the Zabbix universal monitoring system is related to improper code generation controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Zabbix universal monitoring system vulnerability is related to the ability to directly...

9.1CVSS8.1AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•31 views

ROS-20240902-12

The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials...

6CVSS6.8AI score0.00358EPSS
Exploits0
Total number of security vulnerabilities5000