Lucene search
K
RedosMost viewed

8419 matches found

Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-01

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the...

8.8CVSS6.6AI score0.00804EPSS
Exploits4
Redos
Redos
•added 2024/04/05 12:0 a.m.•32 views

ROS-20240405-12

A vulnerability in the Commons FileUpload component of Apache Tomcat application server exists due to incomplete cleanup of temporary or auxiliary resources. clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker , acting remotely, to cause a denia...

7.5CVSS6.5AI score0.05848EPSS
Exploits2
Redos
Redos
•added 2024/04/04 12:0 a.m.•32 views

ROS-20240404-17

Vulnerability in the SMTP protocol implementation of Exim mail server is related to operation out of buffer boundaries in memory during request processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

9.8CVSS8.3AI score0.51474EPSS
Exploits5
Redos
Redos
•added 2024/04/01 12:0 a.m.•32 views

ROS-20240401-05

A vulnerability in the NVIDIA Tegra XUSB Pad driver of the Linux kernel is related to pointer dereferencing errors. in pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.5AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-15

A vulnerability in the lsi53c895a.c component of the QEMU hardware emulator is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsidiskreset function hw/scsi/scsi-disk.c of the...

6.5CVSS7.3AI score0.0114EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-12

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.5AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•32 views

ROS-20240328-17

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...

5.3CVSS6.5AI score0.00953EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•32 views

ROS-20240328-16

Vulnerability in vim text editor is related to memory usage after it is freed. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code...

4.7CVSS7.6AI score0.00441EPSS
Exploits1
Redos
Redos
•added 2024/03/22 12:0 a.m.•32 views

ROS-20240322-01

Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...

8CVSS8.2AI score0.01465EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•32 views

ROS-2-860

2.860 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•32 views

ROS-2-846

2.846 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.82367EPSS
Exploits0
Redos
Redos
•added 2024/02/08 12:0 a.m.•32 views

ROS-20240208-02

Vulnerability of handleimage function of UEFI shim loader is related to operation overrun of buffer boundaries in memory when processing EFI files taking into account SizeOfRawData field. when processing EFI files with SizeOfRawData field. Exploitation of the vulnerability could allow an attacker...

7.8CVSS8.3AI score0.00332EPSS
Exploits0
Redos
Redos
•added 2023/11/16 12:0 a.m.•32 views

ROS-20231116-02

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the decoder component of the Golang programming language...

6.5CVSS6.8AI score0.0086EPSS
Exploits0
Redos
Redos
•added 2023/10/13 12:0 a.m.•32 views

ROS-20231013-02

Vulnerability of the convertstrings function of the tinfo/readentry.c component of the Ncurses I/O control library is related to reading beyond the allowed data buffer boundaries. terminal Ncurses is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability...

7.1CVSS7.2AI score0.01341EPSS
Exploits1
Redos
Redos
•added 2023/09/18 12:0 a.m.•32 views

ROS-20230913-02

Nextcloud server vulnerability is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to access files within a subfolder of an accessible group folder, even if extended permissions block access to the subfolder. of a group folder, even if...

8.1CVSS7.1AI score0.00822EPSS
Exploits0
Redos
Redos
•added 2023/09/12 12:0 a.m.•32 views

ROS-20230911-07

A vulnerability in the Moodle virtual learning environment is related to insufficient validation of user input data. data, an attacker could send a specially crafted HTTP request and make the application initiate requests to arbitrary systems. Exploitation of the vulnerability could allow an...

7.5CVSS6.9AI score0.00825EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•32 views

ROS-2-543

2.543 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.5AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2023/06/22 12:0 a.m.•32 views

ROS-20230621-01

A vulnerability in the Django web application framework is related to the fact that the application does not perform file validation when using a single form field to upload multiple files. files when using a single form field to upload multiple files. Exploiting the vulnerability could allow an...

9.8CVSS9.1AI score0.0138EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•32 views

ROS-20230619-03

A vulnerability in Certifi's specialized certificate collection is related to the presence of a TrustCor certificate in the list of root certificates, the certificate was removed because TrustCor was also in the business of in the spyware business. Exploitation of the vulnerability could allow an...

7.5CVSS7.5AI score0.00535EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•32 views

ROS-20230619-02

A vulnerability in the Redis database is related to insufficient validation of user-entered data, a user could use the HINCRBYFLOAT command to create an invalid hash field. Exploitation of the vulnerability could allow an attacker acting remotely to cause Redis to crash when accessing the affecte...

6.5CVSS6.7AI score0.00963EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•32 views

ROS-20230616-04

Libxml2 library vulnerability is related to NULL pointer dereferencing error in the xmlSchemaFixupComplexType. Exploitation of the vulnerability could allow an attacker acting remotely, to transmit specially crafted data to an application and perform a denial of service attack. The Libxml2 librar...

6.5CVSS6.7AI score0.01086EPSS
Exploits1
Redos
Redos
•added 2023/06/15 12:0 a.m.•32 views

ROS-20230615-01

LibRaw image processing library vulnerability is related to heap buffer overflow in raw2imageex. Exploitation of the vulnerability could allow an attacker acting remotely to cause an application to application crash due to a maliciously crafted input file...

6.5CVSS6.9AI score0.01289EPSS
Exploits1
Redos
Redos
•added 2023/02/13 12:0 a.m.•32 views

ROS-20230213-01

A vulnerability in the ImageMagick graphical editor is related to errors in input data processing. Exploitation of the vulnerability may allow a remote intruder to gain access to protected information using the profile parameter. information using the profile parameter Vulnerability of ImageMagic...

6.5CVSS6.8AI score0.89855EPSS
Exploits31
Redos
Redos
•added 2022/04/07 12:0 a.m.•32 views

ROS-20220407-02

Vim text editor vulnerability, related to memory usage error after release in function utfptr2char in regexpbt.c. Exploitation of the vulnerability could allow an attacker acting remotely, trick a victim into opening a specially crafted file, raise a post-release usage error, and execute arbitrar...

7.8CVSS8.5AI score0.01462EPSS
Exploits1
Redos
Redos
•added 2022/04/07 12:0 a.m.•32 views

ROS-20220407-01

Vulnerability of libsndfile audio file reading and writing library is related to memory leak in function cafreadheader. Exploitation of the vulnerability could allow an attacker acting remotely to force an application to incorrectly free memory before deleting the last link and executing an attac...

8.2AI score
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•32 views

ROS-20220125-01

The HTTP client vulnerability for Python urllib3 is related to incorrect input validation when processing URLs with multiple "@" characters in the credentials component. Exploitation of the vulnerability could allow an attacker, remotely, cause resource exhaustion and perform a denial of service...

7.5CVSS7.5AI score0.03273EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•32 views

ROS-2-435

2.435 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...

6.5AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•32 views

ROS-2-1352

2.1352 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-833

2.833 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

9.8CVSS8.4AI score0.53461EPSS
Exploits17
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-799

2.799 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...

7.8CVSS8.4AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-640

2.640 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

9.3CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-633

2.633 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Lack of memory initialization when allocating buffers for pixmaps using the AllocatePixmap call can cause the X client to leak the memory contents from the heap when the X...

6.7CVSS6.8AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-585

2.585 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits4
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-807

2.807 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

9.8CVSS8.8AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-1178

2.1178 Denial of Service in Open vSwitch CVE-2020-35498 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial of service DoS attack.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01134 2. Possible measures to...

7.5CVSS7.4AI score0.08026EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-451

2.451 Denial of Service in Open vSwitch CVE-2020-35498 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01134 2. Possible measures to...

7.8CVSS7AI score0.08026EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-698

2.698 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-694

2.694 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-628

2.628 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-809

2.809 Multiple Vulnerabilities in LibTIFF 1. Vulnerability description: CVE-2020-35524 CVE-2020-35523 CVE-2020-35522 CVE-2020-35522 CVE-2020-35521 The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a boundary error in TIFF...

7.8CVSS8.3AI score0.01922EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•32 views

ROS-2-714

2.714 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
•added 1976/01/01 12:0 a.m.•32 views

ROS-2-464

2.464 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS9.1AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2026/05/24 12:0 a.m.•31 views

ROS-20260524-73-0016

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00124EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•31 views

ROS-20260508-73-0003

Vulnerability in rubygem-activestorage related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.1CVSS6.2AI score0.00646EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•31 views

ROS-2-570

2.570 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS7.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2025/02/14 12:0 a.m.•31 views

ROS-20250214-02

A vulnerability in the go-git library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or...

9.8CVSS8.2AI score0.01261EPSS
Exploits0
Redos
Redos
•added 2024/12/11 12:0 a.m.•31 views

ROS-20241211-14

A vulnerability in the shell command of the IPython interactive computing shell command is related to access control errors. access delimitation errors. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

8.8CVSS7.5AI score0.00657EPSS
Exploits1
Redos
Redos
•added 2024/11/25 12:0 a.m.•31 views

ROS-20241125-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to a memory corruption in the function f2fsinitpagearraycache in f2fs/compress.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the sim...

9.1CVSS7.6AI score0.01219EPSS
Exploits0
Redos
Redos
•added 2024/11/19 12:0 a.m.•31 views

ROS-20241119-01

A vulnerability in the ath11k component of the SUNRPC kernel of the Linux system is related to use-after-use errors release in the rpcclntremovepipedir and rpcsetuppipedir functions in net/sunrpc/clnt.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the syste...

8.8CVSS7.3AI score0.01EPSS
Exploits0
Redos
Redos
•added 2024/11/15 12:0 a.m.•31 views

ROS-20241115-02

A vulnerability in the octeontx2-pf component of the Linux kernel is related to a memory leak in the function otx2qosreadtxschqcfgtl in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

7.8CVSS7.5AI score0.00227EPSS
Exploits0
Total number of security vulnerabilities5000