Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1604

2.1604 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1375

2.1375 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1497

2.1497 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

8.1CVSS8.4AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-492

2.492 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01905EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-620

2.620 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS7.4AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1295

2.1295 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1322

2.1322 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1219

2.1219 Vulnerability in FreeRDP 1. Vulnerability description: Eight vulnerabilities have been addressed. Five issues can cause a crash or data leak due to reads from areas outside the allocated buffer. One issue results in an integer overflow. Three issues can lead to buffer overflows in the...

6.7CVSS7.9AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-561

2.561 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

8.6AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-515

2.515 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromise...

8.8CVSS9.9AI score0.01764EPSS
Exploits4
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-473

2.473 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

9.8CVSS8AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-551

2.551 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits7
Redos
Redos
•added 2026/05/29 12:0 a.m.•25 views

ROS-20260529-73-0015

The vulnerability in openbao is related to improper session management. Exploiting this vulnerability can allow a remote attacker to intercept a user’s session...

9.6CVSS5.8AI score0.00411EPSS
Exploits0
Redos
Redos
•added 2026/05/27 12:0 a.m.•25 views

ROS-20260527-73-0002

A vulnerability in the NFSv4.0 component of the Linux operating system kernel is related to incorrect calculations of the allocated buffer size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

9.8CVSS6.2AI score0.0049EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•25 views

ROS-20260524-73-0014

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2026/03/23 12:0 a.m.•25 views

ROS-20260323-73-0005

A vulnerability in the pagepoolrecycleinring function of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS6.3AI score0.00161EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•25 views

ROS-2-598

2.598 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS9.2AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•25 views

ROS-2-609

2.609 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•25 views

ROS-20250417-12

Vulnerability in cgi gem software tool due to insufficient input validation when processing unreliable input using regular expressions in CGI::UtilescapeElement. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the cgi gem...

7.5CVSS6.6AI score0.00784EPSS
Exploits0
Redos
Redos
•added 2025/03/20 12:0 a.m.•25 views

ROS-20250320-01

A vulnerability in the bpf component of the Linux kernel is related to resource management errors in the findequalscalars function in kernel/bpf/verifier.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the htcconnectservice function of...

7.8CVSS6.8AI score0.01325EPSS
Exploits1
Redos
Redos
•added 2024/12/09 12:0 a.m.•25 views

ROS-20241209-01

A vulnerability in AMD EPYCâ„¢ AGESAâ„¢ PI packages is related to incorrect input and range validation in the header of an AMD Secure Processor ASP bootloader image. of the AMD Secure Processor ASP bootloader image. Exploitation of the vulnerability could allow an attacker to, use attacker-controlled...

9.9CVSS7.5AI score0.0117EPSS
Exploits0
Redos
Redos
•added 2024/11/18 12:0 a.m.•25 views

ROS-20241118-02

A vulnerability in the bcmasp component of the Linux kernel is related to a memory leak in the functions umacinit, bcmasptxpoll, bcmaspinittx and bcmaspnetifdeinit functions in drivers/net/ethernet/broadcom/asp2/bcmaspintf.c. Exploitation of the vulnerability could allow an attacker to cause a...

7.8CVSS6.8AI score0.00654EPSS
Exploits0
Redos
Redos
•added 2024/11/18 12:0 a.m.•25 views

ROS-20241118-01

Vulnerability in the ena component of the Linux kernel is related to resource management errors in the enaunmaptxbuff and enafreetxbufs functions in drivers/net/ethernet/amazon/ena/ena/enanetdev.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

9.1CVSS7.3AI score0.01401EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•25 views

ROS-20241023-04

Vulnerability in ext4 component of Linux kernel is related to division by zero errors in function mbupdateavgfragmentsize in fs/ext4/mballoc.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the fsl-qdma component of the Linux operating...

7.1CVSS7.2AI score0.00301EPSS
Exploits0
Redos
Redos
•added 2024/10/09 12:0 a.m.•25 views

ROS-20241009-02

A vulnerability exists in Firefox ESR and Firefox due to a type error when searching for a property name in the "with" block. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Firefox browser vulnerability, Firefox ESR vulnerability is related to...

9.8CVSS8AI score0.04395EPSS
Exploits1
Redos
Redos
•added 2024/10/04 12:0 a.m.•25 views

ROS-20241004-05

A vulnerability in the s390/ptrace component of the Linux kernel is related to incorrect processing of the fpc register settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the sc16is7xx component of the Linux kernel is related to...

7.8CVSS8.9AI score0.01999EPSS
Exploits1
Redos
Redos
•added 2024/09/19 12:0 a.m.•25 views

ROS-20240918-12

A vulnerability in the Ruby REXML XML toolkit is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The XML Toolkit for Ruby REXML vulnerability is related to the presence of a DoS vulnerability in X...

7.5CVSS7AI score0.01283EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•25 views

ROS-20240917-01

A vulnerability in the user tabs of Google Chrome and Microsoft Edge browsers is related to an incorrect security checks for standard elements. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface with a specially crafted HTML page. generated HTM...

9.6CVSS8.5AI score0.19272EPSS
Exploits6
Redos
Redos
•added 2024/09/05 12:0 a.m.•25 views

ROS-20240905-04

Vulnerability of the dosetvfinfo function in the net/core/rtnetlink.c module of the TCP/IP protocol stack implementation of the Linux kernel of Linux operating system is related to reading memory outside the allocated buffer. Exploitation exploitation of the vulnerability may allow an intruder to...

8.1CVSS7.3AI score0.01305EPSS
Exploits1
Redos
Redos
•added 2024/09/02 12:0 a.m.•25 views

ROS-20240902-11

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to too soft memory allocation checks in Angle for GLSL shaders. with too soft memory allocation checks in Angle for GLSL shaders. Exploitation of the vulnerability could Allow an attacker acting...

9.8CVSS7.1AI score0.00977EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•25 views

ROS-20240820-02

Vulnerability of certstorestats and getcacerts functions of ssl module of programming language interpreter Python CPython is related to synchronization errors when using a shared resource. Exploitation The exploitation of the vulnerability may allow a remote intruder to gain unauthorized access t...

7.4CVSS6.9AI score0.00804EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•25 views

ROS-20240820-03

Vulnerability in the zipfile module of the Python programming language interpreter CPython is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

6.2CVSS6.8AI score0.00333EPSS
Exploits0
Redos
Redos
•added 2024/08/16 12:0 a.m.•25 views

ROS-20240816-07

A vulnerability in the Picture in Picture component of Google Chrome browser is related to the distortion of important information in the user interface. in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely, Spoof the contents of a URL string using a...

9.6CVSS6.2AI score0.00415EPSS
Exploits3
Redos
Redos
•added 2024/08/15 12:0 a.m.•25 views

ROS-20240815-01

A vulnerability in the glibc library of the Aurora operating system is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the iconv utility of the GNU C Library glibc syst...

7.1CVSS7.2AI score0.03538EPSS
Exploits1
Redos
Redos
•added 2024/08/02 12:0 a.m.•25 views

ROS-20240801-02

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could Allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS6.9AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•25 views

ROS-20240729-09

Vulnerability in Cargo package manager of Rust programming language is related to ignoring umask when extracting archives created on UNIX-like systems. when retrieving archives created on UNIX-like systems. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute...

7.9CVSS7.6AI score0.00763EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•25 views

ROS-20240729-12

A vulnerability in the Eclipse Jetty servlet container is related to length overflow errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.03754EPSS
Exploits1
Redos
Redos
•added 2024/07/25 12:0 a.m.•25 views

ROS-20240725-01

Vulnerability of HTTP/3 QUIC module ngxhttpv3module of NGINX Plus and NGINX OSS web servers is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service using specially craft...

5.3CVSS7.1AI score0.00917EPSS
Exploits0
Redos
Redos
•added 2024/07/19 12:0 a.m.•25 views

ROS-20240719-05

A vulnerability in the ejs web application development pattern for Node.Js is related to incorrect neutralization of special elements in the output data used by the input component. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting...

6.1CVSS7.7AI score0.00786EPSS
Exploits1
Redos
Redos
•added 2024/07/13 12:0 a.m.•25 views

ROS-20240712-02

A vulnerability in the ParseAddressList function of the net/mail package of the Go programming language is related to insufficient verification of display names in the function. verification of display names in the function. Exploitation of the vulnerability could allow an attacker acting remotel...

7.5CVSS6.5AI score0.01042EPSS
Exploits0
Redos
Redos
•added 2024/07/04 12:0 a.m.•25 views

ROS-20240704-09

Vulnerability of the chronyd daemon implementation of Network Time Protocol NTP Chrony is related to incorrect reference definition before accessing a file in /var/run/chrony directory. Exploitation the vulnerability could allow an attacker to cause a denial of service by using a specially crafte...

6CVSS6.6AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•25 views

ROS-20240702-02

A vulnerability in the V8 JavaScript script handler of the Google Chrome browser is related to accessing a resource via incompatible types. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code V8 JavaScript script handler vulnerability in Google Chro...

8.8CVSS7.6AI score0.40798EPSS
Exploits3
Redos
Redos
•added 2024/07/03 12:0 a.m.•25 views

ROS-20240702-03

A vulnerability in the libxml2 library's xmllint.c file is related to the formatting of error messages with xmllint --htmlout. Exploiting the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS6.7AI score0.02298EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•25 views

ROS-20240626-12

A vulnerability in the Sphinx search engine is related to a path traversal error. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the protected information using the CALL SNIPPETS statement or the loadfile function...

7.5CVSS7AI score0.02166EPSS
Exploits2
Redos
Redos
•added 2024/06/26 12:0 a.m.•25 views

ROS-20240625-04

A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the registervfs function hw/pci/pciesriov.c of the QEMU hardware emulator is related to a buffer overflo...

6.5CVSS6.8AI score0.01261EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•25 views

ROS-20240611-02

The vulnerability of Tss2RCDecode and Tss2RCSetHandler functions of TCG TPM2 TPM2 Software Stack implementation is related to buffer copying without input data validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, violate its integrity, and cause ...

6.4CVSS7.3AI score0.00519EPSS
Exploits1
Redos
Redos
•added 2024/06/07 12:0 a.m.•25 views

ROS-20240607-02

Vulnerability of closealtfile function for text terminals of UNIX-like Less systems is related to skipping Shellquote calls for LESSCLOSE in filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

7.8CVSS8.9AI score0.01059EPSS
Exploits0
Redos
Redos
•added 2024/06/06 12:0 a.m.•25 views

ROS-20240606-07

Vulnerability in the MULTIPARTPARTHEADERS component of the open source web application firewall ModSecurity is related to improper analysis of HTTP requests. Exploitation of the vulnerability could allow an an attacker acting remotely to bypass the firewall's protections...

7.5CVSS6.7AI score0.01169EPSS
Exploits0
Redos
Redos
•added 2024/05/22 12:0 a.m.•25 views

ROS-20240522-02

A vulnerability in the SSSD remote authentication mechanism is related to a race condition error that causes the GPO policy is not applied consistently for authenticated users. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.1CVSS6.8AI score0.01033EPSS
Exploits1
Redos
Redos
•added 2024/05/03 12:0 a.m.•25 views

ROS-20240503-06

Vulnerability in the GLPI request and incident handling system related to incorrect input neutralization during web page creation. during the creation of a web page. Exploitation of the vulnerability could allow an attacker acting remotely, perform an XSS attack...

4.8CVSS6.1AI score0.00665EPSS
Exploits0
Total number of security vulnerabilities5000