Lucene search
K
RedosMost viewed

8162 matches found

Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-642

2.642 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

9AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-833

2.833 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

9.8CVSS8.4AI score0.52838EPSS
Exploits17
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-453

2.453 Buffer Overflow in Python3 CVE-2021-3177 1. Vulnerability Description: CVE-2021-3177 The vulnerability is capable of causing code execution when processing unchecked floating point numbers in handlers that call C functions using the ctypes mechanism. 2. Possible measures to eliminate the...

9.8CVSS7.8AI score0.23293EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-451

2.451 Denial of Service in Open vSwitch CVE-2020-35498 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01134 2. Possible measures to...

7.8CVSS7AI score0.08026EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-977

2.977 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

3.7CVSS8.4AI score0.01609EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-1180

2.1180 Buffer Overflow in Python3 CVE-2021-3177 1. Vulnerability Description: CVE-2021-3177 The vulnerability is capable of causing code execution when processing unchecked floating point numbers in handlers that call C functions using the ctypes mechanism. 2. Possible measures to eliminate the...

9.8CVSS7.9AI score0.23293EPSS
Exploits4
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-694

2.694 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-441

2.441 Vulnerability in Curl CVE-2020-8177 1. Vulnerability Description: The vulnerability allows a local file on the system to be overwritten when accessing an attacker-controlled server. The problem only occurs when the "-J" "--remote-header-name" and "-i" "--head" options are used...

6.9AI score0.01236EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-483

2.483 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-532

2.532 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS5.5AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•30 views

ROS-2-879

2.879 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.1AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2026/05/24 12:0 a.m.•29 views

ROS-20260524-73-0019

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00124EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•29 views

ROS-20260508-73-0014

Vulnerability in nodejs-minimatch related to the use of regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00472EPSS
Exploits1
Redos
Redos
•added 2024/11/25 12:0 a.m.•29 views

ROS-20241125-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to a memory corruption in the function f2fsinitpagearraycache in f2fs/compress.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the sim...

9.1CVSS7.6AI score0.01219EPSS
Exploits0
Redos
Redos
•added 2024/11/15 12:0 a.m.•29 views

ROS-20241115-02

A vulnerability in the octeontx2-pf component of the Linux kernel is related to a memory leak in the function otx2qosreadtxschqcfgtl in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

7.8CVSS7.5AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2024/10/31 12:0 a.m.•29 views

ROS-20241031-01

A vulnerability in the nilfs2 component of the Linux operating system kernel is related to improper error handling in the nilfsgetblock function in fs/nilfs2/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the nilfs2 component of...

7.8CVSS7.3AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•29 views

ROS-20241028-03

The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...

7CVSS7.5AI score0.00689EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•29 views

ROS-20240827-09

A vulnerability in GLPI's computer hardware requisition, incident, and inventory system is related to external file name or path control. Exploitation of the vulnerability could allow an attacker acting remotely, to upload a malicious PHP script and hijack the plugin loader to execute that...

8.8CVSS7.5AI score0.21078EPSS
Exploits1
Redos
Redos
•added 2024/08/21 12:0 a.m.•29 views

ROS-20240821-02

Vulnerability of the seg6init function in the net/ipv6/seg6.c module of the IPv6 protocol implementation of the Linux kernel is related to the reuse of previously freed memory. Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attack...

7.8CVSS9.4AI score0.01231EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•29 views

ROS-20240815-10

Vulnerability of the nsVacmAccessTable function in the OID Handler component of the Net-SNMP software suite of the Linux operating system is related to dereferencing of the NULL pointer. of Linux operating system is related to dereferencing of NULL pointer. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01299EPSS
Exploits0
Redos
Redos
•added 2024/08/14 12:0 a.m.•29 views

ROS-20240814-05

A vulnerability in the "Save As" function of Mozilla Firefox, Firefox ESR and Thunderbird email client on Windows operating systems is related to insufficient input data validation. Thunderbird email client of Windows operating systems is related to insufficient input data validation. Exploitatio...

8.1CVSS8.6AI score0.0107EPSS
Exploits3
Redos
Redos
•added 2024/08/06 12:0 a.m.•29 views

ROS-20240806-17

The 389 Directory Server vulnerability is related to the creation of a special LDAP query, that has the potential to cause a failure on the directory server. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01256EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•29 views

ROS-20240730-01

A vulnerability in the freempimage function of the free media player Mplayer is related to writing outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in free mpgetbits function of Mplayer media player is relate...

5.5CVSS7AI score0.00358EPSS
Exploits8
Redos
Redos
•added 2024/07/29 12:0 a.m.•29 views

ROS-20240729-20

Squid proxy server vulnerability is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.3CVSS6.8AI score0.06255EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•29 views

ROS-20240703-12

An Apache Tomcat application server vulnerability is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using specially crafted HTTP/2 requests...

7.5CVSS6.8AI score0.23072EPSS
Exploits1
Redos
Redos
•added 2024/06/27 12:0 a.m.•29 views

ROS-20240627-05

A vulnerability in the updatesctpchecksum function of the QEMU hardware emulator is related to a reachability assertion when attempting to calculate the checksum of a fragmented packet of small size. of reachability when attempting to compute the checksum of a fragmented small packet. Exploitatio...

5.5CVSS6.5AI score0.00445EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•29 views

ROS-20240620-17

Vulnerability of importmultispectralquantum function of ImageMagick console graphical editor is caused by by a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the ReadTIFFImage function of the ImageMagick...

7.5CVSS7.1AI score0.0272EPSS
Exploits1
Redos
Redos
•added 2024/06/11 12:0 a.m.•29 views

ROS-20240611-15

Vulnerability in archive-zip component of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create a potentially dangerous zip file A vulnerability in the net-netip component of the Golang programmi...

9.8CVSS6.7AI score0.01952EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•29 views

ROS-20240611-10

Vulnerability of uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of libuv asynchronous I/O library is related to insufficient checking of incoming requests. libuv asynchronous I/O is due to insufficient checking of incoming requests. Exploitation of the vulnerability could...

7.3CVSS6.8AI score0.02003EPSS
Exploits1
Redos
Redos
•added 2024/05/27 12:0 a.m.•29 views

ROS-20240527-03

Vulnerabilities in the idna.encode functions of the Internationalized Domain Names in Applications IDNA are associated with an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

7.5CVSS7.1AI score0.01386EPSS
Exploits1
Redos
Redos
•added 2024/05/21 12:0 a.m.•29 views

ROS-20240521-07

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

7.5CVSS7AI score0.01118EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•29 views

ROS-20240521-08

A vulnerability in the API interface of the Grafana web-based data representation tool is related to insecure privilege management. privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to restricted functions A vulnerability in...

8.8CVSS7.4AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•29 views

ROS-20240507-05

Vulnerability of setKey function of minimist command line argument parsing library is related to uncontrolled change of object prototype attributes. Exploitation of the vulnerability could allow an attacker to implement a "prototype pollution" attack...

9.8CVSS6.9AI score0.04581EPSS
Exploits1
Redos
Redos
•added 2024/04/26 12:0 a.m.•29 views

ROS-20240426-02

A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.3AI score0.024EPSS
Exploits0
Redos
Redos
•added 2024/04/23 12:0 a.m.•29 views

ROS-20240423-03

Vulnerability in the /krb5/src/lib/rpc/pmaprmt.c component of the Kerberos network protocol implementation is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in component...

7.5CVSS6.6AI score0.01128EPSS
Exploits3
Redos
Redos
•added 2024/04/22 12:0 a.m.•29 views

ROS-20240422-09

Apache Tomcat application server vulnerability is related to incomplete cleanup of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

6.3CVSS7.2AI score0.02313EPSS
Exploits0
Redos
Redos
•added 2024/04/15 12:0 a.m.•30 views

ROS-20240415-02

Vulnerability of udevListInterfacesByStatus function in module src/interface/interfacebackendudev.c of libvirt library is caused by an off-by-one error. module of the libvirt library has an off-by-one error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00398EPSS
Exploits0
Redos
Redos
•added 2024/04/15 12:0 a.m.•29 views

ROS-20240415-04

Wireshark computer network traffic analyzer vulnerability related to memory leak in USB dissector HID. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...

7.5CVSS6.7AI score0.02747EPSS
Exploits2
Redos
Redos
•added 2024/04/11 12:0 a.m.•29 views

ROS-20240411-01

A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrectly handling requests for non-existent URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.37516EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-04

The vulnerability of the aresreadline function of the C-ares asynchronous DNS query library is related to the operation exceeding the buffer boundaries in memory. beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of servi...

5.5CVSS7.2AI score0.00349EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-10

Vulnerability of vmm-sys-util module set is related to the lack of checking if the length, stored in the header matches the length of the flexible array. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

9.8CVSS7.1AI score0.00652EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-15

A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.1AI score0.00563EPSS
Exploits1
Redos
Redos
•added 2024/04/09 12:0 a.m.•29 views

ROS-20240409-17

Vulnerability of linebytessplit function src/split.c of GNU Core Utilities GNU Coreutils is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.5AI score0.0049EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-20

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS5.6AI score0.01072EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-03

Vulnerability of derivatespatiallumavectorprediction function of h.265 Libde265 video codec implementation is related to with the ability to write beyond buffer boundaries in memory. Exploiting the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity an...

8.8CVSS7.6AI score0.00874EPSS
Exploits3
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-19

A vulnerability in the file include/logging/RightsLogFormatter.php of a software tool for implementing the MediaWiki hypertext environment is related to incorrect input neutralization during the creation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting...

6.1CVSS6.1AI score0.00681EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-10

GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...

7.8CVSS8.5AI score0.00508EPSS
Exploits3
Redos
Redos
•added 2024/04/05 12:0 a.m.•29 views

ROS-20240405-09

A vulnerability in the gdevprnopenprinterseekable function of the gdevprnopenprinterseekable interpreter of the Ghostscript suite of software for Ghostscript document processing, conversion and generation software set interpreter is related to memory usage after its release. Exploitation of the...

7.5CVSS7.5AI score0.0153EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•29 views

ROS-20240405-05

A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...

6.5CVSS8.3AI score0.01417EPSS
Exploits1
Redos
Redos
•added 2024/04/04 12:0 a.m.•29 views

ROS-20240404-18

Vulnerability in the OpenVAS database management system's OpenVAS scanning and vulnerability management tool MariaDB is associated with uncontrolled resource consumption when connecting to ports 3306 and 4567. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a...

7.5CVSS6.8AI score0.02021EPSS
Exploits0
Total number of security vulnerabilities5000