Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1375

2.1375 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1604

2.1604 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2026/05/27 12:0 a.m.•25 views

ROS-20260527-73-0002

A vulnerability in the NFSv4.0 component of the Linux operating system kernel is related to incorrect calculations of the allocated buffer size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

9.8CVSS6.2AI score0.0049EPSS
Exploits0
Redos
Redos
•added 2026/05/26 12:0 a.m.•25 views

ROS-20260526-73-0022

Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.1CVSS5.8AI score0.00468EPSS
Exploits1
Redos
Redos
•added 2026/05/08 12:0 a.m.•25 views

ROS-20260508-73-0003

Vulnerability in rubygem-activestorage related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.1CVSS6.2AI score0.00646EPSS
Exploits0
Redos
Redos
•added 2026/04/01 12:0 a.m.•25 views

ROS-20260401-73-0011

A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...

7.1CVSS6AI score0.00172EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•25 views

ROS-2-609

2.609 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•25 views

ROS-2-598

2.598 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS9.2AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•25 views

ROS-20250417-12

Vulnerability in cgi gem software tool due to insufficient input validation when processing unreliable input using regular expressions in CGI::UtilescapeElement. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the cgi gem...

7.5CVSS6.6AI score0.00784EPSS
Exploits0
Redos
Redos
•added 2025/03/20 12:0 a.m.•25 views

ROS-20250320-01

A vulnerability in the bpf component of the Linux kernel is related to resource management errors in the findequalscalars function in kernel/bpf/verifier.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the htcconnectservice function of...

7.8CVSS6.8AI score0.01325EPSS
Exploits1
Redos
Redos
•added 2024/12/09 12:0 a.m.•25 views

ROS-20241209-01

A vulnerability in AMD EPYCâ„¢ AGESAâ„¢ PI packages is related to incorrect input and range validation in the header of an AMD Secure Processor ASP bootloader image. of the AMD Secure Processor ASP bootloader image. Exploitation of the vulnerability could allow an attacker to, use attacker-controlled...

9.9CVSS7.5AI score0.0117EPSS
Exploits0
Redos
Redos
•added 2024/11/18 12:0 a.m.•25 views

ROS-20241118-02

A vulnerability in the bcmasp component of the Linux kernel is related to a memory leak in the functions umacinit, bcmasptxpoll, bcmaspinittx and bcmaspnetifdeinit functions in drivers/net/ethernet/broadcom/asp2/bcmaspintf.c. Exploitation of the vulnerability could allow an attacker to cause a...

7.8CVSS6.8AI score0.00654EPSS
Exploits0
Redos
Redos
•added 2024/11/18 12:0 a.m.•25 views

ROS-20241118-01

Vulnerability in the ena component of the Linux kernel is related to resource management errors in the enaunmaptxbuff and enafreetxbufs functions in drivers/net/ethernet/amazon/ena/ena/enanetdev.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

9.1CVSS7.3AI score0.01401EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•25 views

ROS-20241023-04

Vulnerability in ext4 component of Linux kernel is related to division by zero errors in function mbupdateavgfragmentsize in fs/ext4/mballoc.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the fsl-qdma component of the Linux operating...

7.1CVSS7.2AI score0.00301EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•25 views

ROS-20241021-01

A vulnerability in the XML toolkit for Ruby REXML is related to parsing XML containing a large number of characters. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service The Ruby REXML XML toolkit vulnerability is related to parsing XML containing a...

5.3CVSS7.1AI score0.02064EPSS
Exploits1
Redos
Redos
•added 2024/10/09 12:0 a.m.•25 views

ROS-20241009-02

A vulnerability exists in Firefox ESR and Firefox due to a type error when searching for a property name in the "with" block. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Firefox browser vulnerability, Firefox ESR vulnerability is related to...

9.8CVSS8AI score0.04395EPSS
Exploits1
Redos
Redos
•added 2024/10/04 12:0 a.m.•25 views

ROS-20241004-05

A vulnerability in the s390/ptrace component of the Linux kernel is related to incorrect processing of the fpc register settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the sc16is7xx component of the Linux kernel is related to...

7.8CVSS8.9AI score0.01999EPSS
Exploits1
Redos
Redos
•added 2024/09/19 12:0 a.m.•25 views

ROS-20240918-12

A vulnerability in the Ruby REXML XML toolkit is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The XML Toolkit for Ruby REXML vulnerability is related to the presence of a DoS vulnerability in X...

7.5CVSS7AI score0.01283EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•25 views

ROS-20240917-01

A vulnerability in the user tabs of Google Chrome and Microsoft Edge browsers is related to an incorrect security checks for standard elements. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface with a specially crafted HTML page. generated HTM...

9.6CVSS8.5AI score0.19272EPSS
Exploits6
Redos
Redos
•added 2024/09/02 12:0 a.m.•25 views

ROS-20240902-11

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to too soft memory allocation checks in Angle for GLSL shaders. with too soft memory allocation checks in Angle for GLSL shaders. Exploitation of the vulnerability could Allow an attacker acting...

9.8CVSS7.1AI score0.00977EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•25 views

ROS-20240820-03

Vulnerability in the zipfile module of the Python programming language interpreter CPython is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

6.2CVSS6.8AI score0.00333EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•25 views

ROS-20240820-02

Vulnerability of certstorestats and getcacerts functions of ssl module of programming language interpreter Python CPython is related to synchronization errors when using a shared resource. Exploitation The exploitation of the vulnerability may allow a remote intruder to gain unauthorized access t...

7.4CVSS6.9AI score0.00804EPSS
Exploits0
Redos
Redos
•added 2024/08/16 12:0 a.m.•25 views

ROS-20240816-07

A vulnerability in the Picture in Picture component of Google Chrome browser is related to the distortion of important information in the user interface. in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely, Spoof the contents of a URL string using a...

9.6CVSS6.2AI score0.00415EPSS
Exploits3
Redos
Redos
•added 2024/08/15 12:0 a.m.•25 views

ROS-20240815-01

A vulnerability in the glibc library of the Aurora operating system is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the iconv utility of the GNU C Library glibc syst...

7.1CVSS7.2AI score0.03538EPSS
Exploits1
Redos
Redos
•added 2024/08/02 12:0 a.m.•25 views

ROS-20240801-02

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could Allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS6.9AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•25 views

ROS-20240729-12

A vulnerability in the Eclipse Jetty servlet container is related to length overflow errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.03754EPSS
Exploits1
Redos
Redos
•added 2024/07/29 12:0 a.m.•25 views

ROS-20240729-09

Vulnerability in Cargo package manager of Rust programming language is related to ignoring umask when extracting archives created on UNIX-like systems. when retrieving archives created on UNIX-like systems. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute...

7.9CVSS7.6AI score0.00763EPSS
Exploits0
Redos
Redos
•added 2024/07/25 12:0 a.m.•25 views

ROS-20240725-01

Vulnerability of HTTP/3 QUIC module ngxhttpv3module of NGINX Plus and NGINX OSS web servers is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service using specially craft...

5.3CVSS7.1AI score0.00917EPSS
Exploits0
Redos
Redos
•added 2024/07/25 12:0 a.m.•25 views

ROS-20240725-03

A vulnerability in Google Chrome browser's JavaScript script handler V8 is related to reading outside the boundaries of memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform access outside the outside of the allocated memory space using a specially crafted...

6.5CVSS6.3AI score0.00247EPSS
Exploits1
Redos
Redos
•added 2024/07/19 12:0 a.m.•25 views

ROS-20240719-05

A vulnerability in the ejs web application development pattern for Node.Js is related to incorrect neutralization of special elements in the output data used by the input component. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting...

6.1CVSS7.7AI score0.00786EPSS
Exploits1
Redos
Redos
•added 2024/07/13 12:0 a.m.•25 views

ROS-20240712-02

A vulnerability in the ParseAddressList function of the net/mail package of the Go programming language is related to insufficient verification of display names in the function. verification of display names in the function. Exploitation of the vulnerability could allow an attacker acting remotel...

7.5CVSS6.5AI score0.01042EPSS
Exploits0
Redos
Redos
•added 2024/07/04 12:0 a.m.•25 views

ROS-20240704-09

Vulnerability of the chronyd daemon implementation of Network Time Protocol NTP Chrony is related to incorrect reference definition before accessing a file in /var/run/chrony directory. Exploitation the vulnerability could allow an attacker to cause a denial of service by using a specially crafte...

6CVSS6.6AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•25 views

ROS-20240702-02

A vulnerability in the V8 JavaScript script handler of the Google Chrome browser is related to accessing a resource via incompatible types. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code V8 JavaScript script handler vulnerability in Google Chro...

8.8CVSS7.6AI score0.40798EPSS
Exploits3
Redos
Redos
•added 2024/07/03 12:0 a.m.•25 views

ROS-20240702-03

A vulnerability in the libxml2 library's xmllint.c file is related to the formatting of error messages with xmllint --htmlout. Exploiting the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS6.7AI score0.02298EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•25 views

ROS-20240626-12

A vulnerability in the Sphinx search engine is related to a path traversal error. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the protected information using the CALL SNIPPETS statement or the loadfile function...

7.5CVSS7AI score0.02166EPSS
Exploits2
Redos
Redos
•added 2024/06/26 12:0 a.m.•25 views

ROS-20240625-04

A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the registervfs function hw/pci/pciesriov.c of the QEMU hardware emulator is related to a buffer overflo...

6.5CVSS6.8AI score0.01261EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•25 views

ROS-20240611-02

The vulnerability of Tss2RCDecode and Tss2RCSetHandler functions of TCG TPM2 TPM2 Software Stack implementation is related to buffer copying without input data validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, violate its integrity, and cause ...

6.4CVSS7.3AI score0.00519EPSS
Exploits1
Redos
Redos
•added 2024/06/07 12:0 a.m.•25 views

ROS-20240607-02

Vulnerability of closealtfile function for text terminals of UNIX-like Less systems is related to skipping Shellquote calls for LESSCLOSE in filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

7.8CVSS8.9AI score0.01059EPSS
Exploits0
Redos
Redos
•added 2024/06/06 12:0 a.m.•25 views

ROS-20240606-07

Vulnerability in the MULTIPARTPARTHEADERS component of the open source web application firewall ModSecurity is related to improper analysis of HTTP requests. Exploitation of the vulnerability could allow an an attacker acting remotely to bypass the firewall's protections...

7.5CVSS6.7AI score0.01169EPSS
Exploits0
Redos
Redos
•added 2024/05/22 12:0 a.m.•25 views

ROS-20240522-02

A vulnerability in the SSSD remote authentication mechanism is related to a race condition error that causes the GPO policy is not applied consistently for authenticated users. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.1CVSS6.8AI score0.01033EPSS
Exploits1
Redos
Redos
•added 2024/05/03 12:0 a.m.•25 views

ROS-20240503-06

Vulnerability in the GLPI request and incident handling system related to incorrect input neutralization during web page creation. during the creation of a web page. Exploitation of the vulnerability could allow an attacker acting remotely, perform an XSS attack...

4.8CVSS6.1AI score0.00665EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•25 views

ROS-20240503-04

A vulnerability in the mbedtlsx509setextension function of the Mbed TLS software is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto...

8.2CVSS6.7AI score0.0112EPSS
Exploits0
Redos
Redos
•added 2024/04/12 12:0 a.m.•25 views

ROS-20240412-07

A vulnerability in the tiffreadrgbatileext function of the LibTIFF library is related to writing beyond buffer boundaries in the memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service...

7.5CVSS6.8AI score0.02187EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•25 views

ROS-20240409-05

Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...

7.5CVSS7.1AI score0.00976EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•25 views

ROS-20240409-07

A vulnerability in the shadow-utils package is related to requesting the password twice and not clearing the memory buffer. Exploitation of the vulnerability could allow an attacker to gain access to the device...

5.5CVSS7.5AI score0.00257EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•25 views

ROS-20240408-04

Vulnerability of cttsboxread function of Golang programming language is related to resource release errors. resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the file src/mediatools/avilib.c of the GPAC multimedia platform, is relat...

9.8CVSS7.8AI score0.01121EPSS
Exploits1
Redos
Redos
•added 2024/04/05 12:0 a.m.•25 views

ROS-20240405-04

A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS9.1AI score0.02107EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•25 views

ROS-20240405-08

A vulnerability in the SSH dissector of the computer network traffic analyzer Wireshark is related to insufficient cleaning of special elements in the output data used by the input component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by...

6.5CVSS7.4AI score0.00746EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•25 views

ROS-20240405-02

Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to reveal protected information...

8.1CVSS7.9AI score0.01207EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•25 views

ROS-20240404-10

A vulnerability in the Rack module of the Ruby programming language interpreter is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.6AI score0.0183EPSS
Exploits0
Total number of security vulnerabilities5000