Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-500

2.500 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-1678

2.1678 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-1409

2.1409 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-797

2.797 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Failure to initialize memory when allocating buffers for pixmaps using the AllocatePixmap call could cause the X client to leak memory contents from the heap when the X...

6.7CVSS7.8AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-523

2.523 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS7.9AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-1342

2.1342 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.8AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-458

2.458 Directory traversal in Apache Commons IO CVE-2021-29425 1. Vulnerability Description: The vulnerability allows a remote attacker to perform directory traversal attacks. The vulnerability exists due to an input validation error in the FileNameUtils.normalize method when processing directory...

9.8CVSS7.1AI score0.10608EPSS
Exploits8
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-917

2.917 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS7.9AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-470

2.470 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-494

2.494 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

9.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-468

2.468 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.8CVSS7.5AI score0.95785EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-683

2.683 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.2AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-968

2.968 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-477

2.477 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits9
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-837

2.837 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•28 views

ROS-2-1387

2.1387 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2025/05/21 12:0 a.m.•27 views

ROS-20250521-01

Vulnerability of drm/v3d components of Linux kernel is related to dereferencing of NULL pointer in the v3dirq and v3dhubirq functions in drivers/gpu/drm/v3d/v3dirq.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the video component of t...

7.8CVSS7.5AI score0.00571EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•27 views

ROS-2-484

2.484 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2025/03/26 12:0 a.m.•27 views

ROS-20250326-11

A vulnerability in the sqlghashsource component of the virtuoso-opensource web application development platform is related to the unconstrained and unregulated resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using special...

7.5CVSS7.7AI score0.0088EPSS
Exploits29
Redos
Redos
•added 2024/12/12 12:0 a.m.•27 views

ROS-20241212-04

Vulnerability of addRelatedObjects function of Zabbix universal monitoring system is related to failure to take measures to protect SQL query structure. to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges by...

9.9CVSS7.9AI score0.78831EPSS
Exploits13
Redos
Redos
•added 2024/10/22 12:0 a.m.•27 views

ROS-20241021-08

A vulnerability in the ad4130 component of the Linux operating system kernel is related to incorrect input validation in the ad4130setupintclk function in drivers/iio/adc/ad4130.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service Vulnerability of devlinkin...

7.8CVSS7.7AI score0.00828EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•27 views

ROS-20240828-03

Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the incorrect handling of exceptional conditions with improper handling of exceptional conditions. Exploitation of the vulnerability could allow a remote attacker to use memory after it has been...

9.8CVSS7.4AI score0.00598EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•27 views

ROS-20240806-01

A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop without sufficiently limiting the the number of times it can be executed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service by using specially crafted 7...

7.5CVSS7.3AI score0.13292EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•27 views

ROS-20240729-03

A vulnerability in the GLPI reports plugin of the GLPI reports system is related to incorrect neutralization of input data during web page generation. neutralization of input data during web page generation. Exploitation of the vulnerability could allow a remote attacker to conduct XSS attacks...

6.1CVSS6.2AI score0.00361EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•27 views

ROS-20240726-03

A vulnerability in the cjson and cmsgpack libraries of the Redis database management system DBMS is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted Lua...

8.8CVSS7.3AI score0.4292EPSS
Exploits1
Redos
Redos
•added 2024/07/26 12:0 a.m.•27 views

ROS-20240726-04

Vulnerability in Moodle virtual learning environment due to a risk in CSV import method XSS. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a cross-site scripting XSS attack. cross-site scripting XSS...

6.1CVSS5.7AI score0.00506EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•27 views

ROS-20240724-01

A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an intruder to execute arbitrary code through a specially crafted HTML page A vulnerability in th...

8.8CVSS7.6AI score0.00419EPSS
Exploits9
Redos
Redos
•added 2024/07/13 12:0 a.m.•27 views

ROS-20240712-01

Vulnerability in Multiline RFC 2231 component of Exim mail server is related to incorrect analysis of the the multiline RFC 2231 header file name. Exploitation of the vulnerability could allow an attacker, acting remotely, to deliver executable attachments to end-user mailboxes...

5.4CVSS6.8AI score0.41225EPSS
Exploits5
Redos
Redos
•added 2024/06/27 12:0 a.m.•27 views

ROS-20240627-03

A vulnerability in the QEMU hardware emulator is related to a memory re-release error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by performing a DMA re-entry...

8.2CVSS7.4AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2024/06/07 12:0 a.m.•27 views

ROS-20240607-01

Vulnerability of bgpcapabilitymsgparse functions of a software tool for implementing network routing on Unix-like FRRouting systems is related to reading outside memory boundaries of the BGP FRRouting daemon. Unix-like systems FRRouting is related to read outside memory boundaries in the BGP...

9.1CVSS8.6AI score0.01923EPSS
Exploits2
Redos
Redos
•added 2024/06/03 12:0 a.m.•27 views

ROS-20240603-01

A vulnerability in the PSP file parser of the GIMP graphics editor is related to number processing errors. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7AI score0.56404EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•27 views

ROS-20240503-12

Vulnerability in administration console of cross-platform real-time collaboration server Openfire is related to a path traversal capability. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

8.6CVSS7.2AI score0.99999EPSS
Exploits15
Redos
Redos
•added 2024/05/03 12:0 a.m.•27 views

ROS-20240503-07

A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.02707EPSS
Exploits0
Redos
Redos
•added 2024/04/22 12:0 a.m.•27 views

ROS-20240422-06

A vulnerability in the h.265 Libde265 video codec implementation is related to the size of allocated memory exceeding the the maximum supported size 0x100000000000000. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

3.3CVSS7.1AI score0.00232EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•27 views

ROS-20240408-02

A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...

6.1CVSS6.4AI score0.00843EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•27 views

ROS-20240405-01

A vulnerability in the fs/ntfs.c component of the Grub2 operating system boot loader is related to a buffer overflow in the dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the Trace View panel of the Grafana web data...

7.8CVSS7.7AI score0.00536EPSS
Exploits2
Redos
Redos
•added 2024/04/04 12:0 a.m.•27 views

ROS-20240404-12

A vulnerability in the MediaWiki hypertext implementation software tool is related to the ability to to exploit XSS in partial block functions. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform cross-site scripted attacks...

6.1CVSS5.9AI score0.00829EPSS
Exploits1
Redos
Redos
•added 2024/04/01 12:0 a.m.•27 views

ROS-20240401-03

A vulnerability in the CRI-O container mechanism is related to adding arbitrary lines to /etc/passwd using a a specially crafted environment variable. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of the CRI-O...

7.8CVSS6.7AI score0.00266EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•27 views

ROS-20240329-04

ASP.NET Core software platform vulnerability is due to security configuration errors. Exploitation The exploitation of the vulnerability may allow an intruder to disclose protected information...

6.2CVSS7AI score0.01085EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•27 views

ROS-20240328-01

GLPI's asset management and data center management software vulnerability is related to the SQL code injection through administration of dashboards. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries...

9.1CVSS8.5AI score0.00576EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•27 views

ROS-2-893

2.893 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•27 views

ROS-2-933

2.933 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS7.9AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•27 views

ROS-2-1206

2.1206 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS7.7AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•27 views

ROS-2-450

2.450 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

9.8CVSS8.5AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2024/03/13 12:0 a.m.•27 views

ROS-2-440

2.440 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Failure to initialize memory when allocating buffers for pixel maps using the AllocatePixmap call could cause the X client to leak memory contents from the heap when the X...

6.7CVSS7.6AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•27 views

ROS-2-894

2.894 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/09/08 12:0 a.m.•27 views

ROS-20230907-01

Ghostscript document processing toolkit vulnerability is related to a buffer overflow error in base / gdevdevn.c: 1973 in devnpcxwriterle. buffer overflow in base / gdevdevn.c: 1973 in devnpcxwriterle. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

5.5CVSS7.1AI score0.00447EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•27 views

ROS-2-955

2.955 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/06/22 12:0 a.m.•27 views

ROS-20230621-02

A vulnerability in the LZWDecode function of the LibTIFF library is related to a null pointer dereferencing error in the libtiff/tiflzw.c file. Exploitation of the vulnerability could allow an attacker to create certain input data that could cause a program to dereference a NULL pointer when...

5.5CVSS6.1AI score0.0051EPSS
Exploits2
Redos
Redos
•added 2023/06/15 12:0 a.m.•27 views

ROS-20230615-04

The vulnerability in Mozilla Firefox and Firefox ESR browsers is related to an operation exceeding buffer boundaries in memory. memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in Mozilla Firefox browser is related to...

9.8CVSS7.7AI score0.0093EPSS
Exploits0
Total number of security vulnerabilities5000