Lucene search
K
RedosMost viewed

8244 matches found

Redos
Redos
•added 2024/10/01 12:0 a.m.•26 views

ROS-20241001-05

A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...

9.1CVSS6.8AI score0.66594EPSS
Exploits1
Redos
Redos
•added 2024/09/27 12:0 a.m.•26 views

ROS-20240927-05

Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...

9.1CVSS7.5AI score0.26864EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•26 views

ROS-20240916-09

The vulnerability of the x86 HVM Hypercall Handler component of the Xen kernel's x86 HVM hypervisor is related to the ability to freely switch between 64-bit and other system modes. Linux kernel hypervisor is related to the ability to freely switch between 64-bit and other system modes...

6.5CVSS7AI score0.0853EPSS
Exploits0
Redos
Redos
•added 2024/09/09 12:0 a.m.•26 views

ROS-20240909-01

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

7.5CVSS6.6AI score0.00656EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•26 views

ROS-20240826-04

A vulnerability exists in the Apache Derby database management system due to failure to take measures to to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the database. remotely to gain unauthorized access to t...

9.8CVSS7.3AI score0.01418EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•26 views

ROS-20240815-08

Vulnerability in the ANGLE component of Google Chrome browser is related to out-of-bounds recording. Exploitation of the of the vulnerability could allow an attacker acting remotely to exploit the heap corruption with a a specially crafted HTML page V8 JavaScript script handler V8 vulnerability i...

8.8CVSS6.4AI score0.00783EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•26 views

ROS-20240806-03

A vulnerability in the Java Apache Commons BCEL bytecode processing library is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code...

9.8CVSS7.6AI score0.02836EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•26 views

ROS-20240729-15

A vulnerability in the django.utils.text.Truncator.words function of the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

5.3CVSS6.7AI score0.01854EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•26 views

ROS-20240729-01

Vulnerability in Forms Authentication in Application Server Web Application Examples Apache Tomcat exists due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...

6.1CVSS5.9AI score0.06156EPSS
Exploits0
Redos
Redos
•added 2024/07/25 12:0 a.m.•26 views

ROS-20240725-03

A vulnerability in Google Chrome browser's JavaScript script handler V8 is related to reading outside the boundaries of memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform access outside the outside of the allocated memory space using a specially crafted...

6.5CVSS6.3AI score0.00247EPSS
Exploits1
Redos
Redos
•added 2024/07/24 12:0 a.m.•26 views

ROS-20240723-03

Vulnerability of Ruby interpreter's Net::FTP class implementation is related to flaws in service data protection using the PASV command. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. remotely, to gain unauthorized...

7.4CVSS7.2AI score0.0305EPSS
Exploits2
Redos
Redos
•added 2024/07/19 12:0 a.m.•26 views

ROS-20240719-04

A vulnerability in the Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability...

8.1CVSS6.7AI score0.02915EPSS
Exploits0
Redos
Redos
•added 2024/07/17 12:0 a.m.•26 views

ROS-20240717-05

A vulnerability in the implementation of PKCS1 v1.5, OAEP, and RSASVP standards in the NSS Network Security Services library set is associated with insufficient protection of service data due to time discrepancy. Exploitation of the vulnerability allows an attacker acting remotely to implement th...

6.5CVSS7.1AI score0.00816EPSS
Exploits0
Redos
Redos
•added 2024/07/13 12:0 a.m.•26 views

ROS-20240709-02

Vulnerability in the tempfile.TemporaryDirectory component of the Python programming language interpreter CPython is related to dereferencing symbolic links while clearing permission-related errors. Exploitation of the vulnerability could allow an attacker to increase their privileges...

7.8CVSS6.8AI score0.00313EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•26 views

ROS-20240702-01

Vulnerabilities in Microsoft Visual Studio software development tool and Microsoft.NET Framework are related to uncontrolled resource consumption. Microsoft.NET Framework is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotel...

7.5CVSS6.9AI score0.15519EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•26 views

ROS-20240626-09

Vulnerability of opj2decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir comman...

5.5CVSS7AI score0.0156EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•26 views

ROS-20240625-02

A vulnerability in the lxc-user-nic component of the LXC virtualization system is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the protected information...

3.3CVSS6.6AI score0.00702EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•26 views

ROS-20240611-13

Vulnerability in clone/clonefrom components of Python library for interacting with git repositories GitPython is associated with errors in input processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting a specially crafted URL int...

9.8CVSS7.8AI score0.00984EPSS
Exploits0
Redos
Redos
•added 2024/05/22 12:0 a.m.•26 views

ROS-20240522-01

A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host system...

7.2CVSS7.1AI score0.01418EPSS
Exploits0
Redos
Redos
•added 2024/05/14 12:0 a.m.•26 views

ROS-20240514-03

The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS8.1AI score0.99615EPSS
Exploits7
Redos
Redos
•added 2024/05/08 12:0 a.m.•26 views

ROS-20240508-01

Vulnerability in the Rack module of the Ruby interpreter is related to incorrect implementation of the Ruby programming language of handling invalid URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS7AI score0.35376EPSS
Exploits2
Redos
Redos
•added 2024/05/03 12:0 a.m.•26 views

ROS-20240503-04

A vulnerability in the mbedtlsx509setextension function of the Mbed TLS software is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto...

8.2CVSS6.7AI score0.0112EPSS
Exploits0
Redos
Redos
•added 2024/04/25 12:0 a.m.•26 views

ROS-20240425-07

A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...

3.3CVSS7.5AI score0.02242EPSS
Exploits3
Redos
Redos
•added 2024/04/25 12:0 a.m.•26 views

ROS-20240425-06

A vulnerability in the util-linux package of the Linux operating system is related to incorrect privilege assignment. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to passwords or change a user's clipboard using the setgid command. access to...

3.3CVSS7.6AI score0.02242EPSS
Exploits3
Redos
Redos
•added 2024/04/25 12:0 a.m.•26 views

ROS-20240425-02

A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...

6.2CVSS6.6AI score0.00283EPSS
Exploits0
Redos
Redos
•added 2024/04/12 12:0 a.m.•26 views

ROS-20240412-01

Vulnerability of authfile.c file of memcached data caching software is related to buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service using a specially crafted authentication file...

9.8CVSS8.3AI score0.00778EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•26 views

ROS-20240410-08

A vulnerability in the function bfdmachogetsyntheticsymtab match-o.c of the GNU software development tool Binutils is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service or other impact...

7.8CVSS7.1AI score0.00461EPSS
Exploits1
Redos
Redos
•added 2024/04/09 12:0 a.m.•26 views

ROS-20240409-08

A vulnerability in the cpStripToTile function tools/tiffcp.c of the LibTIFF library is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00399EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-17

Vulnerability in Flask-Security-Too security management tool is related to URL redirection to an untrusted site when processing the "next" request parameter. to an untrusted site when processing the "next" request parameter. Exploitation of the vulnerability could allow an attacker acting remotel...

6.1CVSS6.8AI score0.01079EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-16

A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...

5.3CVSS6.9AI score0.01073EPSS
Exploits2
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-05

RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...

7.5CVSS7AI score0.02383EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-06

A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...

6.3CVSS8.2AI score0.07879EPSS
Exploits8
Redos
Redos
•added 2024/04/05 12:0 a.m.•26 views

ROS-20240405-02

Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to reveal protected information...

8.1CVSS7.9AI score0.01207EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•26 views

ROS-20240404-10

A vulnerability in the Rack module of the Ruby programming language interpreter is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.6AI score0.0183EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•26 views

ROS-20240403-16

A vulnerability in the TCP modules of the Rsyslog log processing software utility is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS7AI score0.03821EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•26 views

ROS-20240403-12

A vulnerability in the Range header analysis component of the modular interface between web servers and the Rack web applications is related to the creation of input data that could cause the analysis of the Content-Disposition header in Rack to take an unexpected amount of time...

7.5CVSS6.7AI score0.01626EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•26 views

ROS-20240402-11

A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...

7.1CVSS6.7AI score0.00309EPSS
Exploits2
Redos
Redos
•added 2024/03/29 12:0 a.m.•26 views

ROS-20240329-21

Vulnerability of readSeparateTilesIntoBuffer function of LibTIFF library is related to integer overflow on tiff files processing. overflow when processing tiff files. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the...

6.5CVSS7.4AI score0.01131EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•26 views

ROS-20240328-13

A vulnerability in the mzpathresolve function in zlib-ng minizip-ng is related to a buffer overflow via the created file of the mzpathhasslash function in the mzos.c file. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the...

8.8CVSS8.5AI score0.0126EPSS
Exploits2
Redos
Redos
•added 2024/03/28 12:0 a.m.•26 views

ROS-20240328-15

A vulnerability in the Web Browser UI of Google Chrome and Microsoft Edge browsers is related to incorrectly implemented security checks for standard elements. implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to conduct...

8.8CVSS7.2AI score0.01268EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•26 views

ROS-2-1372

2.1372 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•26 views

ROS-2-972

2.972 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/11/21 12:0 a.m.•26 views

ROS-20231115-02

Vulnerability of the GetPacket function of VideoLAN VLC media player program is related to incorrect reading of the offset, which leads to heap buffer overflow in GetPacket function. Exploitation of the vulnerability could allow an attacker acting remotely to corrupt memory A vulnerability in the...

9.8CVSS7.9AI score0.01096EPSS
Exploits2
Redos
Redos
•added 2023/11/02 12:0 a.m.•26 views

ROS-20231102-01

A buc Traceroute vulnerability related to improper handling of lines of code. Exploitation of the vulnerability could allow an attacker acting locally to execute arbitrary code...

5.5CVSS8AI score0.00367EPSS
Exploits2
Redos
Redos
•added 2023/10/24 12:0 a.m.•26 views

ROS-20231024-01

Vulnerability of exfatgetuninamefromextentry function in fs/exfat/dir.c module of exFAT file system in Linux kernel is related to memory access outside the allocated buffer kernel of the Linux operating system is related to accessing memory outside of the allocated buffer. Exploitation of the...

6.7CVSS6.6AI score0.00664EPSS
Exploits1
Redos
Redos
•added 2023/10/16 12:0 a.m.•26 views

ROS-20231016-01

Vulnerability of XpmCreateXpmImageFromBuffer function of libXpm image file library is related to a read error call. is related to a read error outside the valid range. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...

5.5CVSS6.8AI score0.00365EPSS
Exploits0
Redos
Redos
•added 2023/10/13 12:0 a.m.•26 views

ROS-20231013-06

Memory leak vulnerability in the RTPS dissector of the Wireshark computer network traffic analyzer. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service by injecting packets or creating a capture file...

6.5CVSS7AI score0.00485EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1568

2.1568 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS7.5AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1389

2.1389 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS10AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1199

2.1199 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

8.6AI score0.83406EPSS
Exploits0
Total number of security vulnerabilities5000