Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-16

A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...

5.3CVSS6.9AI score0.01073EPSS
Exploits2
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-17

Vulnerability in Flask-Security-Too security management tool is related to URL redirection to an untrusted site when processing the "next" request parameter. to an untrusted site when processing the "next" request parameter. Exploitation of the vulnerability could allow an attacker acting remotel...

6.1CVSS6.8AI score0.01079EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-06

A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...

6.3CVSS8.2AI score0.07879EPSS
Exploits8
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-05

RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...

7.5CVSS7AI score0.02383EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•26 views

ROS-20240402-11

A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...

7.1CVSS6.7AI score0.00309EPSS
Exploits2
Redos
Redos
•added 2024/03/29 12:0 a.m.•26 views

ROS-20240329-21

Vulnerability of readSeparateTilesIntoBuffer function of LibTIFF library is related to integer overflow on tiff files processing. overflow when processing tiff files. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the...

6.5CVSS7.4AI score0.01131EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•26 views

ROS-20240328-15

A vulnerability in the Web Browser UI of Google Chrome and Microsoft Edge browsers is related to incorrectly implemented security checks for standard elements. implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to conduct...

8.8CVSS7.2AI score0.01286EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•26 views

ROS-20240328-13

A vulnerability in the mzpathresolve function in zlib-ng minizip-ng is related to a buffer overflow via the created file of the mzpathhasslash function in the mzos.c file. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the...

8.8CVSS8.5AI score0.0126EPSS
Exploits2
Redos
Redos
•added 2024/03/13 12:0 a.m.•26 views

ROS-2-1372

2.1372 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•26 views

ROS-2-1261

2.1261 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•26 views

ROS-2-972

2.972 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/11/22 12:0 a.m.•26 views

ROS-20231122-01

A vulnerability in the kubelet utility of the Kubernetes virtual machine cluster management software tool is related to insufficient verification of input data. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges to administrator level...

8.8CVSS7.1AI score0.03578EPSS
Exploits0
Redos
Redos
•added 2023/11/02 12:0 a.m.•26 views

ROS-20231102-01

A buc Traceroute vulnerability related to improper handling of lines of code. Exploitation of the vulnerability could allow an attacker acting locally to execute arbitrary code...

5.5CVSS8AI score0.00367EPSS
Exploits2
Redos
Redos
•added 2023/10/19 12:0 a.m.•26 views

ROS-20231018-03

The vulnerability of the SetAll method of the D-Bus interprocess communication system of the Red Hat Enterprise Linux is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.8CVSS7AI score0.00253EPSS
Exploits0
Redos
Redos
•added 2023/10/16 12:0 a.m.•26 views

ROS-20231016-01

Vulnerability of XpmCreateXpmImageFromBuffer function of libXpm image file library is related to a read error call. is related to a read error outside the valid range. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...

5.5CVSS6.8AI score0.00365EPSS
Exploits0
Redos
Redos
•added 2023/10/13 12:0 a.m.•26 views

ROS-20231013-06

Memory leak vulnerability in the RTPS dissector of the Wireshark computer network traffic analyzer. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service by injecting packets or creating a capture file...

6.5CVSS7AI score0.00485EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1568

2.1568 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS7.5AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1389

2.1389 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS10AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1199

2.1199 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

8.6AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-501

2.501 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1176

2.1176 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-881

2.881 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1482

2.1482 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•26 views

ROS-20230620-01

Ffmpeg multimedia library vulnerability is related to NULL pointer dereferencing error in function decodemainheader in libavformat/nutdec.c. Exploitation of the vulnerability could allow an attacker, remotely, trick a victim into opening a specially crafted file and performing a denial-of-service...

5.3CVSS5.9AI score0.00817EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•26 views

ROS-20230620-07

A vulnerability in the Python library for Redis redis-py is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

6.5CVSS6AI score0.01034EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•26 views

ROS-20230620-04

The vulnerability of the traffic analysis program Wireshark is related to the failure to properly control the consumption of internal resources in the LISP dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause resource exhaustion and perform a...

7.5CVSS6.7AI score0.0462EPSS
Exploits2
Redos
Redos
•added 2023/06/16 12:0 a.m.•26 views

ROS-20230616-01

The npm package manager vulnerability is related to the npm package ignoring the file exclusion directives .gitignore and .npmignore root-level file exclusions when run in a workspace or with the workspace flag e.g., --workspaces, --workspace=. Exploitation of the vulnerability could allow an...

7.5CVSS7.7AI score0.03465EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•26 views

ROS-20230616-03

Vim text editor vulnerability is related to using pointer offset outside the allowed range in mbcharlen function in mbyte.c. range in the mbcharlen function in mbyte.c. Exploitation of the vulnerability could allow an attacker, remotely, trick the victim into opening a specially crafted file and...

6.8CVSS5.9AI score0.00409EPSS
Exploits1
Redos
Redos
•added 2023/06/15 12:0 a.m.•26 views

ROS-20230615-03

A vulnerability in the HEIF and AVIF libheif file format decoder is related to a floating point exception in the heif::Fraction::round function in box.cc Exploitation of the vulnerability could allow an attacker, remotely to perform a denial of service attack...

6.5CVSS6.2AI score0.00927EPSS
Exploits1
Redos
Redos
•added 2023/03/22 12:0 a.m.•26 views

ROS-20230322-01

A vulnerability in the HEIF and AVIF libheif file format decoder is related to the data parsing code of strided images in the emscripten wrapper for libheif. Exploitation of the vulnerability could allow an attacker acting remotely to use a specially crafted image file to cause a buffer overflow ...

7.8CVSS7.7AI score0.00307EPSS
Exploits0
Redos
Redos
•added 2023/02/17 12:0 a.m.•26 views

ROS-20230217-02

A vulnerability in the Mozilla Firefox browser is related to a memory corruption bug. Exploitation of the vulnerability could allow a remote attacker to cause a buffer overflow and run arbitrary code...

8.8CVSS9.3AI score0.00668EPSS
Exploits0
Redos
Redos
•added 2023/01/24 12:0 a.m.•26 views

ROS-20230127-01

A vulnerability in the Mozilla Thunderbird email client is related to the fact that the browser's full-screen notification could have been delayed or suppressed, which could lead to data spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to direct a user to a...

8.8CVSS7.2AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2022/03/18 12:0 a.m.•26 views

ROS-20220318-03

A vulnerability in the Polkit library is related to process file descriptor exhaustion in polkit. Exploitation exploitation of the vulnerability could allow an attacker to perform a denial of service DoS attack...

5.5CVSS5.9AI score0.0053EPSS
Exploits1
Redos
Redos
•added 2022/02/01 12:0 a.m.•26 views

ROS-20220125-18

A vulnerability in the Xen hypervisor is related to the incorrect configuration of a number of devices and the incorrect data structure release, including I/O page tables. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service and other issues,...

7.6CVSS7.7AI score0.00427EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•26 views

ROS-20220125-12

Vulnerability in the executable environment for running containerd containers is due to incorrect default permissions for the container root directories and some plugins. default permissions for container root directories and some plugins. Exploitation of the vulnerability could allow an attacker...

7.8CVSS7.6AI score0.00482EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•26 views

ROS-2-874

2.874 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.7AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2021/12/24 12:0 a.m.•26 views

ROS-2-558

2.558 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-635

2.635 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...

7.8CVSS8.4AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-677

2.677 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-473

2.473 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

9.8CVSS8AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-898

2.898 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS8.7AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-547

2.547 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.2AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-460

2.460 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1612

2.1612 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-926

2.926 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

9.8CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-463

2.463 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromise...

9.8CVSS9.2AI score0.02377EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-853

2.853 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1324

2.1324 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-620

2.620 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS7.4AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1697

2.1697 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

9.8CVSS8.5AI score0.52838EPSS
Exploits10
Total number of security vulnerabilities5000