Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2023/07/06 12:0 a.m.•25 views

ROS-2-1165

2.1165 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2023/06/20 12:0 a.m.•25 views

ROS-20230620-05

A vulnerability in the formatting functionality of the SQL parser module for Python Sqlparse is related to a regular expression that is vulnerable to reuse. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS7.7AI score0.0098EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•25 views

ROS-20230616-07

Vim text editor vulnerability is related to the error of dereferencing NULL pointer in the function getregister in the register.c file. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into opening a specially crafted file and remotely, trick the victim...

7.8CVSS5.9AI score0.00473EPSS
Exploits1
Redos
Redos
•added 2023/05/05 12:0 a.m.•25 views

ROS-20230505-02

The vulnerability in the Mozilla Firefox browser is due to the fact that Mozilla's service desk handles blocking records when downloading updates from an SMB server. Exploitation of the vulnerability could allow an attacker to to apply an unsigned update file by pointing the service to an update...

9.8CVSS8.2AI score0.00974EPSS
Exploits0
Redos
Redos
•added 2022/12/29 12:0 a.m.•25 views

ROS-20221229-03

A vulnerability in the Mozilla Thunderbird email client is related to the fact that a process can partially exit the sandbox and read arbitrary files using IPC messages associated with the clipboard. Exploitation of the vulnerability could allow an attacker acting remotely to open a given source...

8.6CVSS9.1AI score0.00772EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•25 views

ROS-20221118-01

A vulnerability in the LibTIFF set of libraries and utilities for viewing, editing and converting TIFF files is related to the TIFFReadRGBATileExt function of the libtiff/tifgetimage.c file Exploitation of the vulnerability could allow an attacker acting remotely to send a special file and perfor...

8.8CVSS8.4AI score0.01237EPSS
Exploits1
Redos
Redos
•added 2022/11/03 12:0 a.m.•25 views

ROS-20221103-01

Vim text editor vulnerability is related to memory release error in qfupdatebuffer function in the quickfix.c file of the autocmd Handler component. Exploitation of the vulnerability could allow an attacker, acting remotely, trick the victim into opening a specially crafted file, causing a progra...

7.5CVSS8.1AI score0.01196EPSS
Exploits0
Redos
Redos
•added 2022/07/14 12:0 a.m.•25 views

ROS-20220714-02

A vulnerability in the passdb account database of the Dovecot mail server is related to errors in the configuration. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

8.8CVSS8.5AI score0.01748EPSS
Exploits1
Redos
Redos
•added 2022/03/18 12:0 a.m.•25 views

ROS-20220318-02

The vulnerability of OpenSSL function BNmodsqrt is related to execution of a loop without sufficiently limiting the number of its executions. limit the number of times it can be executed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.8AI score0.70561EPSS
Exploits2
Redos
Redos
•added 2022/03/09 12:0 a.m.•25 views

ROS-20220309-01

A vulnerability in the cyrus-sasl authentication mechanism implementation is related to insufficient password cleansing in the SQL plug-in provided with Cyrus SASL. Exploitation of the vulnerability could allow an attacker, acting remotely, send a specially crafted query to a vulnerable applicati...

8.8CVSS9.1AI score0.04123EPSS
Exploits0
Redos
Redos
•added 2022/02/26 12:0 a.m.•25 views

ROS-2-708

2.708 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.1AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-900

2.900 Mozilla Thunderbird email client vulnerability CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-1305

2.1305 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1235

2.1235 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1506

2.1506 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-934

2.934 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1260

2.1260 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1212

2.1212 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-954

2.954 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1236

2.1236 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7.1AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-686

2.686 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

7.8CVSS7.6AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-883

2.883 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-475

2.475 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7AI score0.10634EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1295

2.1295 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-873

2.873 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-561

2.561 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

8.6AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-673

2.673 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.1AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1804

2.1804 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1497

2.1497 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

8.1CVSS8.4AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1322

2.1322 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-551

2.551 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1184

2.1184 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.5CVSS7.2AI score0.18114EPSS
Exploits15
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-515

2.515 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromise...

8.8CVSS9.9AI score0.01764EPSS
Exploits4
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1219

2.1219 Vulnerability in FreeRDP 1. Vulnerability description: Eight vulnerabilities have been addressed. Five issues can cause a crash or data leak due to reads from areas outside the allocated buffer. One issue results in an integer overflow. Three issues can lead to buffer overflows in the...

6.7CVSS7.9AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-492

2.492 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01905EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1470

2.1470 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1415

2.1415 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-910

2.910 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS9.8AI score0.05984EPSS
Exploits1
Redos
Redos
•added 1976/01/01 12:0 a.m.•25 views

ROS-2-1847

2.1847 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 1976/01/01 12:0 a.m.•25 views

ROS-2-1222

2.1222 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

9.3CVSS7.2AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2026/06/17 12:0 a.m.•24 views

ROS-20260617-73-0063

The vulnerability in ImageMagick 7 is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

5.5CVSS6.2AI score0.00141EPSS
Exploits0
Redos
Redos
•added 2026/05/26 12:0 a.m.•24 views

ROS-20260526-73-0022

Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

7.1CVSS5.8AI score0.00468EPSS
Exploits1
Redos
Redos
•added 2026/04/01 12:0 a.m.•24 views

ROS-20260401-73-0011

A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...

7.1CVSS6AI score0.00172EPSS
Exploits1
Redos
Redos
•added 2026/03/23 12:0 a.m.•24 views

ROS-20260323-73-0005

A vulnerability in the pagepoolrecycleinring function of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS6.3AI score0.00161EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•24 views

ROS-20251203-15

Vulnerability in Go library for decoding common map values into structures and vice versa mapstructure is related to incorrect neutralization of output data for logs. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

5.3CVSS6.5AI score0.00357EPSS
Exploits0
Redos
Redos
•added 2025/05/14 12:0 a.m.•24 views

ROS-20250514-01

A vulnerability in the iiosimpledummytriggerh function of driver drivers/iio/dummy/iiosimpledummybuffer.c of the Linux kernel's IIO stub driver support is related to the use of an uninitialized resource. an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain...

7.8CVSS8.2AI score0.0025EPSS
Exploits2
Redos
Redos
•added 2024/12/03 12:0 a.m.•24 views

ROS-20241203-08

Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to download larger-than-expected websites to find Open-Graph data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A...

8.2CVSS7.5AI score0.00779EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•24 views

ROS-20241203-16

A vulnerability in the ash.c file of the BusyBox set of UNIX command-line utilities is related to writing outside the buffer boundary in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code using specially crafted data. arbitrary code usin...

9.8CVSS7.6AI score0.02979EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•24 views

ROS-20241002-01

A vulnerability in the btsdioremove function of the drivers\bluetooth\btsdio.c module of the Bluetooth driver of the kernel of the of the Linux operating system is related to the reuse of previously freed memory due to the state of the race. Exploitation of the vulnerability could allow an attack...

7.1CVSS7AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•24 views

ROS-20240917-02

A vulnerability in the PyFindObjects function of the PyFindObjects library for the open-source Python programming language scipy is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and...

9.8CVSS6.7AI score0.0111EPSS
Exploits2
Total number of security vulnerabilities5000