Lucene search
K
RedosMost viewed

8157 matches found

Redos
Redos
•added 2024/09/17 12:0 a.m.•30 views

ROS-20240917-09

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/09/09 12:0 a.m.•30 views

ROS-20240909-02

Vulnerability in the cryptography package of the Python programming language interpreter is related to errors in the procedure of to authenticate a certificate. Exploitation of the vulnerability could allow an attacker acting remotely to perform a man-in-the-middle attack. remotely to execute a...

7.5CVSS6.8AI score0.00613EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•30 views

ROS-20240904-08

Vulnerability in the MHDcreatepostprocessor function of the HTTP libmicrohttpd web server implementation is related to a improper parsing of the multipart/form-data boundary. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

5.9CVSS6.7AI score0.01243EPSS
Exploits1
Redos
Redos
•added 2024/08/12 12:0 a.m.•30 views

ROS-20240812-04

A vulnerability in the Collapsed Forwarding Handler component of the Squid proxy server is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the Squid proxy server component is...

8.6CVSS7AI score0.88818EPSS
Exploits0
Redos
Redos
•added 2024/08/07 12:0 a.m.•30 views

ROS-20240807-05

A vulnerability in the PostPolicyBucket component of the MinIO object storage server is related to errors in privilege management. privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by sending specially crafted HTTP...

8.8CVSS7.1AI score0.83957EPSS
Exploits14
Redos
Redos
•added 2024/05/06 12:0 a.m.•30 views

ROS-20240506-01

A vulnerability in the libexpat XML parser library is related to incorrect restriction of XML references to external objects. XML references to external objects. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting specially crafte...

7.5CVSS7.2AI score0.02006EPSS
Exploits1
Redos
Redos
•added 2024/04/23 12:0 a.m.•30 views

ROS-20240423-08

A vulnerability in the Open vSwitch OvS software multilayer switch allows ICMPv6 packets to announce neighbors between virtual machines to bypass OpenFlow rules. Exploitation of the vulnerability could allow an attacker, to create special packets with a modified or spoofed target IP address field...

7.1CVSS7.5AI score0.00389EPSS
Exploits0
Redos
Redos
•added 2024/04/22 12:0 a.m.•30 views

ROS-20240422-04

A vulnerability in the JpegEncoder::Encode function of the libheif file format decoder and encoder is related to a memory leak. memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.8AI score0.00687EPSS
Exploits1
Redos
Redos
•added 2024/04/12 12:0 a.m.•30 views

ROS-20240412-02

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/11 12:0 a.m.•30 views

ROS-20240411-02

The Etcd configuration parameter store vulnerability is related to sending an authentication request to the etcdserver with a username and password. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

9.8CVSS7.6AI score0.01605EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•30 views

ROS-20240410-21

A vulnerability in the RPM Package Manager of Red Hat Enterprise Linux operating systems is related to the lack of RPM signature verification of subsection binding before importing them. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges A...

6.7CVSS7.3AI score0.00491EPSS
Exploits3
Redos
Redos
•added 2024/04/05 12:0 a.m.•30 views

ROS-20240405-06

A vulnerability in the GnuTLS transport layer security library is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

5.9CVSS7.4AI score0.01257EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•30 views

ROS-20240404-13

A vulnerability in the 7z file analyzer component of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

7.8CVSS7.7AI score0.7104EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•30 views

ROS-20240329-19

A vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to the unrestricted resource allocation, Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01812EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•30 views

ROS-20240329-18

The vulnerability of the pkiverifydatasignature function of the LibSSH client authentication library is related to the flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely bypass security restrictions and gain unauthorized access to...

6.5CVSS7.7AI score0.01314EPSS
Exploits2
Redos
Redos
•added 2024/03/29 12:0 a.m.•30 views

ROS-20240329-22

Vulnerability in the Heerces C++ library of the BigFix Platform IT hardware co-management platform is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, to execute arbitrary code by sending a specially crafted HTTP request...

8.8CVSS8AI score0.01381EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•30 views

ROS-2-1439

2.1439 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•30 views

ROS-2-1188

2.1188 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7AI score0.02719EPSS
Exploits0
Redos
Redos
•added 2024/01/23 12:0 a.m.•30 views

ROS-20240123-01

The vulnerability of the Atril multi-page document viewer is related to incorrect neutralization of special elements used in the OS command. neutralization of special elements used in the OS command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary co...

9.6CVSS7.8AI score0.0234EPSS
Exploits2
Redos
Redos
•added 2023/11/15 12:0 a.m.•30 views

ROS-20231114-02

Vulnerability of XIChangeDeviceProperty Xi/xiproperty.c and RRChangeOutputProperty functions randr/rrrproperty.c of X Window System Xorg-server is related to the possibility of writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cau...

7.8CVSS7.3AI score0.00715EPSS
Exploits0
Redos
Redos
•added 2023/11/10 12:0 a.m.•30 views

ROS-20231110-01

A vulnerability in the smbd library of the Samba networking software package is related to an incorrect restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service Vulnerability in the...

5.5CVSS7.1AI score0.00206EPSS
Exploits0
Redos
Redos
•added 2023/10/16 12:0 a.m.•30 views

ROS-20231016-02

Vulnerability of libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special format video data. when processing certain special-format video data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.5CVSS6.7AI score0.01936EPSS
Exploits0
Redos
Redos
•added 2023/10/13 12:0 a.m.•30 views

ROS-20231011-01

A vulnerability in the HTTP API of the pgAdmin 4 database management tool is related to insufficient input data validation. verification of input data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary commands on the server...

8.8CVSS7.7AI score0.0147EPSS
Exploits0
Redos
Redos
•added 2023/09/12 12:0 a.m.•30 views

ROS-20230911-05

Vulnerability in the document processing, conversion and generation software suite Ghostscript exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by using t...

7.8CVSS7.2AI score0.03236EPSS
Exploits3
Redos
Redos
•added 2023/09/08 12:0 a.m.•30 views

ROS-20230908-05

ImageMagick graphics editor vulnerability is related to a memory leak in Magick::Draw. Exploitation The vulnerability could allow an attacker acting remotely to force the application to cause a memory leak and execute a denial-of-service attack...

3.3CVSS6.9AI score0.00312EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•30 views

ROS-2-583

2.583 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS7.7AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•30 views

ROS-2-568

2.568 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS6.4AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/04/19 12:0 a.m.•30 views

ROS-20230419-02

The vulnerability in the Dnsmasq DNS server is related to the maximum EDNS.0 UDP packet size by default it was set to 4096, but should be 1232. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS7.4AI score0.01334EPSS
Exploits0
Redos
Redos
•added 2023/04/18 12:0 a.m.•30 views

ROS-20230418-02

A vulnerability in the PHP programming language is related to the kernel's path resolution function, which allocates a buffer one bytes less than necessary, if paths are resolved with a length close to the MAXPATHLEN system parameter, this can cause the byte after the allocated buffer to be...

8.1CVSS6.7AI score0.01408EPSS
Exploits1
Redos
Redos
•added 2023/04/18 12:0 a.m.•30 views

ROS-20230418-01

Nextcloud server vulnerability is related to an application that does not properly control the consumption of of internal resources. Exploitation of the vulnerability could allow an attacker acting remotely, to initiate resource exhaustion and perform a denial of service attack. The Nextcloud...

9CVSS8.3AI score0.04176EPSS
Exploits3
Redos
Redos
•added 2023/04/17 12:0 a.m.•30 views

ROS-20230417-02

A vulnerability in the Kerberos5 heimdal protocol implementation is related to changing memcmp values for constant time and a workaround for a compiler error by adding "!= 0" comparisons to the memcmp result. Exploitation of the vulnerability could allow an attacker acting remotely to perform a...

7.5CVSS6.8AI score0.00491EPSS
Exploits0
Redos
Redos
•added 2023/03/21 12:0 a.m.•30 views

ROS-20230321-01

A vulnerability in libde265 is related to null pointer dereferencing in the mcchroma function in motion.cc. Exploitation of the vulnerability could allow an attacker to cause a denial of service DoS with a a crafted input file. The vulnerability in libde265 is related to the dereferencing of a nu...

6.5CVSS5.8AI score0.00774EPSS
Exploits7
Redos
Redos
•added 2022/11/03 12:0 a.m.•30 views

ROS-20221103-04

Libtasn1 library vulnerability is related to ETYPEOK error in asn1encodesimpleder function. Exploitation The vulnerability could allow an attacker acting remotely, passing specially crafted data, cause a one-by-one error, and perform a denial-of-service DoS attack...

9.1CVSS8.8AI score0.02062EPSS
Exploits1
Redos
Redos
•added 2022/08/09 12:0 a.m.•30 views

ROS-20220721-02

A vulnerability in the Harfbuzz text conversion library involves an integer overflow in the hb-ot-shape-fallback.cc file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause the applicatio...

5.5CVSS5.8AI score0.01134EPSS
Exploits1
Redos
Redos
•added 2022/05/30 12:0 a.m.•30 views

ROS-20220530-02

Vulnerabilities in the Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck components of the PostgreSQL database management system are related to a maintenance error in one component. pgamcheck components of PostgreSQL database management system are related to...

8.8CVSS9AI score0.12403EPSS
Exploits0
Redos
Redos
•added 2022/04/07 12:0 a.m.•30 views

ROS-20220407-02

Vim text editor vulnerability, related to memory usage error after release in function utfptr2char in regexpbt.c. Exploitation of the vulnerability could allow an attacker acting remotely, trick a victim into opening a specially crafted file, raise a post-release usage error, and execute arbitrar...

7.8CVSS8.5AI score0.01462EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-591

2.591 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-919

2.919 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-667

2.667 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

7.6AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-457

2.457 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.2AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-1008

2.1008 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-615

2.615 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-929

2.929 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9.1AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-642

2.642 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

9AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-1293

2.1293 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits12
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-833

2.833 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

9.8CVSS8.4AI score0.52838EPSS
Exploits17
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-454

2.454 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.4AI score0.18114EPSS
Exploits16
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-453

2.453 Buffer Overflow in Python3 CVE-2021-3177 1. Vulnerability Description: CVE-2021-3177 The vulnerability is capable of causing code execution when processing unchecked floating point numbers in handlers that call C functions using the ctypes mechanism. 2. Possible measures to eliminate the...

9.8CVSS7.8AI score0.23293EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-1281

2.1281 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-451

2.451 Denial of Service in Open vSwitch CVE-2020-35498 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01134 2. Possible measures to...

7.8CVSS7AI score0.08026EPSS
Exploits1
Total number of security vulnerabilities5000