Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2024/04/02 12:0 a.m.•31 views

ROS-20240402-04

A vulnerability in the MemIOCallback.cpp file of the C++ libebml library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.01087EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•31 views

ROS-20240329-18

The vulnerability of the pkiverifydatasignature function of the LibSSH client authentication library is related to the flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely bypass security restrictions and gain unauthorized access to...

6.5CVSS7.7AI score0.01314EPSS
Exploits2
Redos
Redos
•added 2024/03/29 12:0 a.m.•31 views

ROS-20240329-19

A vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to the unrestricted resource allocation, Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01812EPSS
Exploits0
Redos
Redos
•added 2024/01/23 12:0 a.m.•31 views

ROS-20240123-01

The vulnerability of the Atril multi-page document viewer is related to incorrect neutralization of special elements used in the OS command. neutralization of special elements used in the OS command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary co...

9.6CVSS7.8AI score0.0234EPSS
Exploits2
Redos
Redos
•added 2023/10/13 12:0 a.m.•31 views

ROS-20231011-01

A vulnerability in the HTTP API of the pgAdmin 4 database management tool is related to insufficient input data validation. verification of input data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary commands on the server...

8.8CVSS7.7AI score0.0147EPSS
Exploits0
Redos
Redos
•added 2023/09/20 12:0 a.m.•31 views

ROS-20230919-01

Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...

8.8CVSS7.5AI score0.00756EPSS
Exploits0
Redos
Redos
•added 2023/09/12 12:0 a.m.•31 views

ROS-20230911-05

Vulnerability in the document processing, conversion and generation software suite Ghostscript exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by using t...

7.8CVSS7.2AI score0.03236EPSS
Exploits4
Redos
Redos
•added 2023/09/08 12:0 a.m.•31 views

ROS-20230908-05

ImageMagick graphics editor vulnerability is related to a memory leak in Magick::Draw. Exploitation The vulnerability could allow an attacker acting remotely to force the application to cause a memory leak and execute a denial-of-service attack...

3.3CVSS6.9AI score0.00312EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•31 views

ROS-20230825-03

A vulnerability in the Libarchive library is related to the umask call inside archivewritediskposix.c, which changes the umask of the entire process for a very short period of time, this results in a permanent setting of umask 0, which will cause the hidden creation of a directory with permission...

5.3CVSS6.8AI score0.00192EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•31 views

ROS-2-589

2.589 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS7.7AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/04/19 12:0 a.m.•31 views

ROS-20230419-02

The vulnerability in the Dnsmasq DNS server is related to the maximum EDNS.0 UDP packet size by default it was set to 4096, but should be 1232. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS7.4AI score0.01334EPSS
Exploits0
Redos
Redos
•added 2023/04/18 12:0 a.m.•31 views

ROS-20230418-02

A vulnerability in the PHP programming language is related to the kernel's path resolution function, which allocates a buffer one bytes less than necessary, if paths are resolved with a length close to the MAXPATHLEN system parameter, this can cause the byte after the allocated buffer to be...

8.1CVSS6.7AI score0.01408EPSS
Exploits1
Redos
Redos
•added 2023/04/18 12:0 a.m.•31 views

ROS-20230418-01

Nextcloud server vulnerability is related to an application that does not properly control the consumption of of internal resources. Exploitation of the vulnerability could allow an attacker acting remotely, to initiate resource exhaustion and perform a denial of service attack. The Nextcloud...

9CVSS8.3AI score0.04176EPSS
Exploits3
Redos
Redos
•added 2023/04/17 12:0 a.m.•31 views

ROS-20230417-02

A vulnerability in the Kerberos5 heimdal protocol implementation is related to changing memcmp values for constant time and a workaround for a compiler error by adding "!= 0" comparisons to the memcmp result. Exploitation of the vulnerability could allow an attacker acting remotely to perform a...

7.5CVSS6.8AI score0.00491EPSS
Exploits0
Redos
Redos
•added 2023/03/21 12:0 a.m.•31 views

ROS-20230321-01

A vulnerability in libde265 is related to null pointer dereferencing in the mcchroma function in motion.cc. Exploitation of the vulnerability could allow an attacker to cause a denial of service DoS with a a crafted input file. The vulnerability in libde265 is related to the dereferencing of a nu...

6.5CVSS5.8AI score0.00774EPSS
Exploits7
Redos
Redos
•added 2022/11/03 12:0 a.m.•31 views

ROS-20221103-04

Libtasn1 library vulnerability is related to ETYPEOK error in asn1encodesimpleder function. Exploitation The vulnerability could allow an attacker acting remotely, passing specially crafted data, cause a one-by-one error, and perform a denial-of-service DoS attack...

9.1CVSS8.8AI score0.02062EPSS
Exploits1
Redos
Redos
•added 2022/07/19 12:0 a.m.•31 views

ROS-20220619-01

A vulnerability in the nftexprinit function net/netfilter/nftablesapi.c of the Netfilter packet filtering software of the Linux kernel is related to the possibility of memory usage after the packet filtering software has been installed. Netfilter packet filtering software of the Linux kernel is...

7.8CVSS7.7AI score0.02881EPSS
Exploits6
Redos
Redos
•added 2022/04/07 12:0 a.m.•31 views

ROS-20220407-02

Vim text editor vulnerability, related to memory usage error after release in function utfptr2char in regexpbt.c. Exploitation of the vulnerability could allow an attacker acting remotely, trick a victim into opening a specially crafted file, raise a post-release usage error, and execute arbitrar...

7.8CVSS8.5AI score0.01462EPSS
Exploits1
Redos
Redos
•added 2022/03/15 12:0 a.m.•31 views

ROS-20220315-01

A vulnerability in the libxml2 XML document parsing library is related to a post-release memory usage error when processing ID and IDREF attributes in the valid.c file. release when processing ID and IDREF attributes in valid.c file. Exploitation of the vulnerability could allow an attacker actin...

7.5CVSS9.1AI score0.0601EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•31 views

ROS-20220125-14

Lxml library vulnerability is related to insufficient cleansing of user data in the cleanup program HTML in the lxml.html file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a victim to click on a specially crafted link and execute arbitrary HTML code and scri...

8.2CVSS7.6AI score0.02456EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•31 views

ROS-2-816

2.816 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

7.5CVSS7.3AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•31 views

ROS-2-627

2.627 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

8.4AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-929

2.929 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9.1AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-651

2.651 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: A vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7.4AI score0.02719EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-1281

2.1281 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-448

2.448 Vulnerability in OpenVPN CVE-2020-11810 1. Vulnerability Description: A corrective release of the OpenVPN Virtual Private Networking Package 2.4.9 has been generated. The new version addresses a vulnerability CVE-2020-11810 that allows a client session to be transferred to a new IP address...

6.9AI score0.01609EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-698

2.698 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-694

2.694 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-454

2.454 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.4AI score0.18114EPSS
Exploits16
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-640

2.640 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

9.3CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-1293

2.1293 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits12
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-585

2.585 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits4
Redos
Redos
•added 2021/09/08 12:0 a.m.•31 views

ROS-2-619

2.619 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2026/05/26 12:0 a.m.•30 views

ROS-20260526-73-0022

Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.1CVSS5.8AI score0.00468EPSS
Exploits1
Redos
Redos
•added 2026/05/25 12:0 a.m.•30 views

ROS-20260525-73-0001

Vulnerability in python-sqlparse related to insufficient control of a resource while it exists. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.8AI score
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•30 views

ROS-20260524-73-0016

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00124EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•30 views

ROS-20260524-73-0019

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00124EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•30 views

ROS-20260508-73-0003

Vulnerability in rubygem-activestorage related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.1CVSS6.2AI score0.00646EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•30 views

ROS-2-588

2.588 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•30 views

ROS-2-626

2.626 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2024/11/19 12:0 a.m.•30 views

ROS-20241119-01

A vulnerability in the ath11k component of the SUNRPC kernel of the Linux system is related to use-after-use errors release in the rpcclntremovepipedir and rpcsetuppipedir functions in net/sunrpc/clnt.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the syste...

8.8CVSS7.3AI score0.01EPSS
Exploits0
Redos
Redos
•added 2024/10/31 12:0 a.m.•30 views

ROS-20241031-02

A vulnerability in the qcom component of the Linux operating system kernel is related to read errors outside of bounds in the F function in drivers/clk/qcom/gcc-ipq9574.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mm/memory-failu...

5.5CVSS7AI score0.00241EPSS
Exploits0
Redos
Redos
•added 2024/10/25 12:0 a.m.•30 views

ROS-20241024-02

Vulnerability in the drm component of the Linux operating system kernel is related to use-after-use errors in the drmgemprimemmap release in the drmgemprimemmap function in drivers/gpu/drm/drmprime.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...

7.8CVSS7.5AI score0.00983EPSS
Exploits0
Redos
Redos
•added 2024/10/15 12:0 a.m.•30 views

ROS-20241015-12

A vulnerability in the tunnels component of the Linux operating system kernel is related to read errors outside the bounds in the iptunnelpmtudbuildicmpv6 function in net/ipv4/iptunnelcore.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...

7.8CVSS8AI score0.00254EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•30 views

ROS-20240917-09

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/09/09 12:0 a.m.•30 views

ROS-20240909-02

Vulnerability in the cryptography package of the Python programming language interpreter is related to errors in the procedure of to authenticate a certificate. Exploitation of the vulnerability could allow an attacker acting remotely to perform a man-in-the-middle attack. remotely to execute a...

7.5CVSS6.8AI score0.00613EPSS
Exploits1
Redos
Redos
•added 2024/08/12 12:0 a.m.•30 views

ROS-20240812-04

A vulnerability in the Collapsed Forwarding Handler component of the Squid proxy server is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the Squid proxy server component is...

8.6CVSS7AI score0.88818EPSS
Exploits0
Redos
Redos
•added 2024/08/07 12:0 a.m.•30 views

ROS-20240807-05

A vulnerability in the PostPolicyBucket component of the MinIO object storage server is related to errors in privilege management. privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by sending specially crafted HTTP...

8.8CVSS7.1AI score0.83957EPSS
Exploits14
Redos
Redos
•added 2024/05/21 12:0 a.m.•30 views

ROS-20240521-08

A vulnerability in the API interface of the Grafana web-based data representation tool is related to insecure privilege management. privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to restricted functions A vulnerability in...

8.8CVSS7.4AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/05/06 12:0 a.m.•30 views

ROS-20240506-01

A vulnerability in the libexpat XML parser library is related to incorrect restriction of XML references to external objects. XML references to external objects. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting specially crafte...

7.5CVSS7.2AI score0.02006EPSS
Exploits1
Total number of security vulnerabilities5000