Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2025/05/13 12:0 a.m.•29 views

ROS-2-687

2.687 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2025/03/17 12:0 a.m.•29 views

ROS-20250317-01

Vulnerability of x86androidtabletprobe function in drivers/platform/x86/x86/x86-android-tablets/core.c of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of...

7.8CVSS8.4AI score0.01087EPSS
Exploits0
Redos
Redos
•added 2024/11/25 12:0 a.m.•29 views

ROS-20241125-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to a memory corruption in the function f2fsinitpagearraycache in f2fs/compress.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the sim...

9.1CVSS7.6AI score0.01219EPSS
Exploits0
Redos
Redos
•added 2024/11/15 12:0 a.m.•29 views

ROS-20241115-02

A vulnerability in the octeontx2-pf component of the Linux kernel is related to a memory leak in the function otx2qosreadtxschqcfgtl in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

7.8CVSS7.5AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2024/10/31 12:0 a.m.•29 views

ROS-20241031-01

A vulnerability in the nilfs2 component of the Linux operating system kernel is related to improper error handling in the nilfsgetblock function in fs/nilfs2/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the nilfs2 component of...

7.8CVSS7.3AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•29 views

ROS-20241028-03

The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...

7CVSS7.5AI score0.00689EPSS
Exploits0
Redos
Redos
•added 2024/10/11 12:0 a.m.•29 views

ROS-20241011-01

A vulnerability in the NFSD component of the Linux operating system kernel is related to a READDIR buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the dbgfs component of the Linux operating system kernel is related to...

7.8CVSS8.5AI score0.00451EPSS
Exploits8
Redos
Redos
•added 2024/08/28 12:0 a.m.•29 views

ROS-20240827-09

A vulnerability in GLPI's computer hardware requisition, incident, and inventory system is related to external file name or path control. Exploitation of the vulnerability could allow an attacker acting remotely, to upload a malicious PHP script and hijack the plugin loader to execute that...

8.8CVSS7.5AI score0.21078EPSS
Exploits1
Redos
Redos
•added 2024/08/21 12:0 a.m.•29 views

ROS-20240821-01

The vulnerability of the kobjectadd function in the md component of the Linux operating system kernel is related to the lack of releasing the previous state of a synchronization request before assigning a reference to a new one. Exploitation the vulnerability could allow an attacker to cause a...

5.9CVSS9.1AI score0.01287EPSS
Exploits0
Redos
Redos
•added 2024/08/21 12:0 a.m.•29 views

ROS-20240821-02

Vulnerability of the seg6init function in the net/ipv6/seg6.c module of the IPv6 protocol implementation of the Linux kernel is related to the reuse of previously freed memory. Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attack...

7.8CVSS9.4AI score0.01231EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•29 views

ROS-20240815-10

Vulnerability of the nsVacmAccessTable function in the OID Handler component of the Net-SNMP software suite of the Linux operating system is related to dereferencing of the NULL pointer. of Linux operating system is related to dereferencing of NULL pointer. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01299EPSS
Exploits0
Redos
Redos
•added 2024/08/14 12:0 a.m.•29 views

ROS-20240814-05

A vulnerability in the "Save As" function of Mozilla Firefox, Firefox ESR and Thunderbird email client on Windows operating systems is related to insufficient input data validation. Thunderbird email client of Windows operating systems is related to insufficient input data validation. Exploitatio...

8.1CVSS8.6AI score0.0107EPSS
Exploits3
Redos
Redos
•added 2024/08/12 12:0 a.m.•29 views

ROS-20240812-05

Squid proxy server followxforwardedfor function vulnerability is related to uncontrolled recursion when processing X-Forwarded-For HTTP request headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.6CVSS6.7AI score0.57627EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•29 views

ROS-20240806-17

The 389 Directory Server vulnerability is related to the creation of a special LDAP query, that has the potential to cause a failure on the directory server. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01256EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•29 views

ROS-20240730-01

A vulnerability in the freempimage function of the free media player Mplayer is related to writing outside of memory boundaries memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in free mpgetbits function of Mplayer media player is relate...

5.5CVSS7AI score0.00358EPSS
Exploits8
Redos
Redos
•added 2024/07/29 12:0 a.m.•29 views

ROS-20240729-20

Squid proxy server vulnerability is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.3CVSS6.8AI score0.06255EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•29 views

ROS-20240723-05

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an insecure privilege management vulnerability. insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate their privileges A vulnerability in the...

8.8CVSS7.9AI score0.01094EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•29 views

ROS-20240703-12

An Apache Tomcat application server vulnerability is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using specially crafted HTTP/2 requests...

7.5CVSS6.8AI score0.23072EPSS
Exploits1
Redos
Redos
•added 2024/06/27 12:0 a.m.•29 views

ROS-20240627-05

A vulnerability in the updatesctpchecksum function of the QEMU hardware emulator is related to a reachability assertion when attempting to calculate the checksum of a fragmented packet of small size. of reachability when attempting to compute the checksum of a fragmented small packet. Exploitatio...

5.5CVSS6.5AI score0.00445EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•29 views

ROS-20240620-17

Vulnerability of importmultispectralquantum function of ImageMagick console graphical editor is caused by by a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the ReadTIFFImage function of the ImageMagick...

7.5CVSS7.1AI score0.0272EPSS
Exploits1
Redos
Redos
•added 2024/06/11 12:0 a.m.•29 views

ROS-20240611-15

Vulnerability in archive-zip component of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create a potentially dangerous zip file A vulnerability in the net-netip component of the Golang programmi...

9.8CVSS6.7AI score0.01952EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•29 views

ROS-20240611-10

Vulnerability of uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of libuv asynchronous I/O library is related to insufficient checking of incoming requests. libuv asynchronous I/O is due to insufficient checking of incoming requests. Exploitation of the vulnerability could...

7.3CVSS6.8AI score0.02003EPSS
Exploits1
Redos
Redos
•added 2024/05/27 12:0 a.m.•29 views

ROS-20240527-03

Vulnerabilities in the idna.encode functions of the Internationalized Domain Names in Applications IDNA are associated with an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

7.5CVSS7.1AI score0.01386EPSS
Exploits1
Redos
Redos
•added 2024/05/07 12:0 a.m.•29 views

ROS-20240507-05

Vulnerability of setKey function of minimist command line argument parsing library is related to uncontrolled change of object prototype attributes. Exploitation of the vulnerability could allow an attacker to implement a "prototype pollution" attack...

9.8CVSS6.9AI score0.04581EPSS
Exploits1
Redos
Redos
•added 2024/04/26 12:0 a.m.•29 views

ROS-20240426-02

A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.3AI score0.024EPSS
Exploits0
Redos
Redos
•added 2024/04/23 12:0 a.m.•29 views

ROS-20240423-03

Vulnerability in the /krb5/src/lib/rpc/pmaprmt.c component of the Kerberos network protocol implementation is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in component...

7.5CVSS6.6AI score0.01128EPSS
Exploits3
Redos
Redos
•added 2024/04/15 12:0 a.m.•29 views

ROS-20240415-04

Wireshark computer network traffic analyzer vulnerability related to memory leak in USB dissector HID. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...

7.5CVSS6.7AI score0.02747EPSS
Exploits2
Redos
Redos
•added 2024/04/11 12:0 a.m.•29 views

ROS-20240411-01

A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrectly handling requests for non-existent URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.40075EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-15

A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.1AI score0.00563EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-10

Vulnerability of vmm-sys-util module set is related to the lack of checking if the length, stored in the header matches the length of the flexible array. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

9.8CVSS7.1AI score0.00652EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-04

The vulnerability of the aresreadline function of the C-ares asynchronous DNS query library is related to the operation exceeding the buffer boundaries in memory. beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of servi...

5.5CVSS7.2AI score0.00349EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-20

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS5.6AI score0.01072EPSS
Exploits1
Redos
Redos
•added 2024/04/04 12:0 a.m.•29 views

ROS-20240404-09

A vulnerability in Avahi's local network service discovery system is related to uncontrolled consumption of resources. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS6.4AI score0.00392EPSS
Exploits1
Redos
Redos
•added 2024/04/03 12:0 a.m.•29 views

ROS-20240403-09

Vulnerability of the peekforas4capability function of the software tool for implementing network routing on Unix-like systems FRRouting is related to flaws in the use of the assert function. Unix-like systems FRRouting is related to flaws in using assert function. Exploitation The vulnerability...

7.5CVSS7.3AI score0.02152EPSS
Exploits3
Redos
Redos
•added 2024/04/02 12:0 a.m.•29 views

ROS-20240402-16

Vulnerability of loadpempkcs7certificates and loadderpkcs7certificates package cryptography functions is related to NULL pointer dereferencing and segment failure. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.00985EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•29 views

ROS-20240329-16

Vulnerability in vim text editor is related to memory usage after it is freed. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vim text editor truncstring vulnerability is related to buffer overflow. Exploitation exploitation of this vulnerability...

7.8CVSS8.7AI score0.0119EPSS
Exploits7
Redos
Redos
•added 2024/03/13 12:0 a.m.•29 views

ROS-2-471

2.471 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.2AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2023/11/09 12:0 a.m.•29 views

ROS-20231109-02

Vulnerability in GLPI's request and incident handling system is related to information disclosure. Exploitation exploitation of the vulnerability could allow a remote attacker to obtain user logins. GLPI request and incident handling system vulnerability related to the lack of path filtering by...

9.8CVSS7.8AI score0.33874EPSS
Exploits0
Redos
Redos
•added 2023/10/19 12:0 a.m.•29 views

ROS-20231018-02

The libXpm image file library vulnerability is related to a read error call outside of memory boundaries. outside of memory boundaries. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.5AI score0.00352EPSS
Exploits0
Redos
Redos
•added 2023/10/13 12:0 a.m.•29 views

ROS-20231013-03

A vulnerability in the xmlUnlinkNode function in the tree.c file of the libxml2 library is related to a failure of a specific allocated memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.8AI score0.00826EPSS
Exploits0
Redos
Redos
•added 2023/09/12 12:0 a.m.•29 views

ROS-20230911-10

Vulnerability of EmailValidator and URLValidator components of Django web application software platform is related to the use of regular expression with inefficient computational complexity when processing domain name labels in emails and URLs. domain name labels in emails and URLs. Exploitation ...

7.5CVSS6.7AI score0.02978EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•29 views

ROS-20230621-06

The vulnerability in ImageMagick graphical editor is related to writing outside and buffer overflow on a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a crash of the of the application. The vulnerability in the ImageMagick graphical...

9.8CVSS7.5AI score0.08011EPSS
Exploits5
Redos
Redos
•added 2023/06/19 12:0 a.m.•29 views

ROS-20230619-07

Vulnerability of the beh Backend Error Handler component of the cups-filters print package exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.03697EPSS
Exploits1
Redos
Redos
•added 2023/04/20 12:0 a.m.•29 views

ROS-20230420-03

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding the memory buffer boundaries when checking the number of available bytes of regulated threads. operation exceeds buffer boundaries in memory when checking the number of available...

8.8CVSS8.7AI score0.00798EPSS
Exploits0
Redos
Redos
•added 2022/11/22 12:0 a.m.•29 views

ROS-20221122-01

Vulnerability of muttdecodeuuencoded function implementation in Mutt mail client is related to operation overflow out of memory buffer boundaries. Exploitation of the vulnerability could allow a remote intruder gain unauthorized access to protected information or cause a denial of service...

5.3CVSS6.1AI score0.01711EPSS
Exploits2
Redos
Redos
•added 2022/11/18 12:0 a.m.•29 views

ROS-20221118-03

The vulnerability of Pixman library's rasterizeedges8 function is related to the possibility of writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS8.8AI score0.0144EPSS
Exploits1
Redos
Redos
•added 2022/10/20 12:0 a.m.•29 views

ROS-20221020-01

Vulnerability of the library providing functions for X.509 LibKSBA certificates is related to the integer overflow in the CRL parser. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow and execute...

9.8CVSS9.7AI score0.01635EPSS
Exploits1
Redos
Redos
•added 2022/07/14 12:0 a.m.•29 views

ROS-20220714-01

A vulnerability in the BusyBox command line utility suite is related to incorrect input validation of PTR entries DNS records output in the netstat utility when run on a VT-compatible terminal. Exploitation vulnerability could allow an attacker acting remotely to trick the victim into launching t...

8.8CVSS8.9AI score0.03505EPSS
Exploits1
Redos
Redos
•added 2022/06/28 12:0 a.m.•29 views

ROS-20220628-03

A vulnerability in the Squid caching proxy server is related to assertion reachability when processing responses to the from the Gopher server. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted response to the proxy server and perform a denial o...

6.5CVSS6.6AI score0.0362EPSS
Exploits0
Redos
Redos
•added 2022/06/22 12:0 a.m.•29 views

ROS-20220622-01

Vulnerability of the E2fsprogs service utility set is related to a boundary error when processing unreliable input data. Exploitation of the vulnerability could allow an attacker to exploit a specially crafted file system, run an out-of-bounds entry, and execute arbitrary code on the target syste...

7.8CVSS9AI score0.01382EPSS
Exploits0
Total number of security vulnerabilities5000