Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2024/04/12 12:0 a.m.•25 views

ROS-20240412-07

A vulnerability in the tiffreadrgbatileext function of the LibTIFF library is related to writing beyond buffer boundaries in the memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service...

7.5CVSS6.8AI score0.02187EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•25 views

ROS-20240409-07

A vulnerability in the shadow-utils package is related to requesting the password twice and not clearing the memory buffer. Exploitation of the vulnerability could allow an attacker to gain access to the device...

5.5CVSS7.5AI score0.00257EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•25 views

ROS-20240409-05

Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...

7.5CVSS7.1AI score0.00976EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•25 views

ROS-20240408-04

Vulnerability of cttsboxread function of Golang programming language is related to resource release errors. resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the file src/mediatools/avilib.c of the GPAC multimedia platform, is relat...

9.8CVSS7.8AI score0.01121EPSS
Exploits1
Redos
Redos
•added 2024/04/05 12:0 a.m.•25 views

ROS-20240405-04

A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS9.1AI score0.02107EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•25 views

ROS-20240403-15

Vulnerability of alloca and strdup functions of Systemd service initialization and management subsystem is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in systemd-tmpfiles of the Systemd...

6.1CVSS7.1AI score0.0865EPSS
Exploits4
Redos
Redos
•added 2024/03/28 12:0 a.m.•25 views

ROS-20240328-09

A vulnerability in the Linux Relax-and-Recover ReaR disaster recovery tool is related to the information disclosure. Exploitation of the vulnerability allows an attacker to gain access to sensitive data. data...

5.5CVSS6.8AI score0.00291EPSS
Exploits1
Redos
Redos
•added 2023/10/30 12:0 a.m.•25 views

ROS-20231030-03

Vulnerability in lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c files. zchunk is related to integer overflow . Exploitation of the vulnerability could allow an attacker acting locally to gain unauthorized access to protected information...

7.8CVSS7.3AI score0.00261EPSS
Exploits0
Redos
Redos
•added 2023/10/30 12:0 a.m.•25 views

ROS-20231030-06

The Unix socket vulnerability of the Redis database management system Redis is related to the use of a permissive mask, which creates a race condition that allows for a short period of time for another process to establish an unauthorized connection. Exploitation of the vulnerability could allow ...

3.6CVSS6.7AI score0.00444EPSS
Exploits0
Redos
Redos
•added 2023/10/26 12:0 a.m.•25 views

ROS-20231025-01

Vulnerability of program/lib/Roundcube/rcubewashtml.php component of RoundCube mail client is related to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to download arbitrary JavaScript code...

6.1CVSS7.2AI score0.73445EPSS
Exploits2
Redos
Redos
•added 2023/09/28 12:0 a.m.•25 views

ROS-20230928-01

A vulnerability in the Logstash log management system is related to a flaw in TLS certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to launch a man-in-the-middle attack on Logstash monitoring data. "man-in-the-middle" attack on Logstash monitoring d...

4.3CVSS6.7AI score0.00459EPSS
Exploits0
Redos
Redos
•added 2023/09/19 12:0 a.m.•25 views

ROS-20230918-03

GPAC multimedia platform vulnerability is related to stack overflow in gfbtcheckline scenemanager/loaderbt.c:408. Exploitation of the vulnerability could allow an attacker to cause the application to crash of the application. GPAC multimedia platform vulnerability is related to an inaccessible re...

5.9CVSS7.3AI score0.00297EPSS
Exploits4
Redos
Redos
•added 2023/09/18 12:0 a.m.•25 views

ROS-20230914-04

A vulnerability in the nasm assembler involves copying to a buffer without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...

5.5CVSS6.8AI score0.00527EPSS
Exploits1
Redos
Redos
•added 2023/09/12 12:0 a.m.•25 views

ROS-20230911-02

Vulnerability of the KeePass password manager password text field is related to storing credentials in unencrypted form. Exploitation of the vulnerability could allow an attacker acting remotely, to recover the master password in plaintext...

7.5CVSS7AI score0.04655EPSS
Exploits5
Redos
Redos
•added 2023/07/06 12:0 a.m.•25 views

ROS-2-1165

2.1165 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2023/07/06 12:0 a.m.•25 views

ROS-2-1250

2.1250 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/06/28 12:0 a.m.•25 views

ROS-20230628-01

The Nextcloud server vulnerability is related to a lack of brute force protection at the password reset endpoint. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the password reset links. password. The Nextcloud server vulnerability is related to the fact...

9.1CVSS7.3AI score0.00981EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•25 views

ROS-20230616-02

Vulnerability in libavcodec/pthreadframe.c component of FFmpeg multimedia library is related to memory usage after it is freed when processing worker threads with hwaccel decoder. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.3AI score0.01512EPSS
Exploits1
Redos
Redos
•added 2023/04/28 12:0 a.m.•25 views

ROS-20230428-02

A vulnerability in the Sqlalchemy mako Python template library is related to insufficient input validation when processing regular expressions in the Lexer class. Exploitation of the vulnerability could allow an attacker, acting remotely, pass specially crafted data to an application and perform ...

7.5CVSS7.5AI score0.01718EPSS
Exploits1
Redos
Redos
•added 2023/04/19 12:0 a.m.•25 views

ROS-20230419-01

Vulnerability of HFS+ partition file analyzer of ClamAV antivirus software package is related to an operation exceeding the memory buffer boundaries. operation beyond the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS8.3AI score0.29314EPSS
Exploits5
Redos
Redos
•added 2023/03/20 12:0 a.m.•25 views

ROS-20230320-02

A vulnerability in libde265 involves copying an input buffer to an output buffer without checking that the size of the input buffer is less than the size of the output buffer, resulting in a buffer overflow in the of the input buffer is smaller than the output buffer, resulting in a buffer overfl...

7.8CVSS8AI score0.00325EPSS
Exploits2
Redos
Redos
•added 2023/01/24 12:0 a.m.•25 views

ROS-20230124-03

Vulnerability of LibTIFF set of libraries and utilities for viewing, editing and converting TIFF files is related to the processCropSelections function of the tools/tiffcrop.c file of the TIFF Image Handler component. Exploitation of the vulnerability could allow an attacker acting remotely to se...

5.5CVSS6.3AI score0.00461EPSS
Exploits1
Redos
Redos
•added 2022/12/07 12:0 a.m.•25 views

ROS-20221207-02

VLC media player vulnerability, related to a boundary error when playing a malicious URL in the vnc module. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into opening a specially crafted stream, causing memory corruption, and executing arbitrary...

7.8CVSS7.8AI score0.00649EPSS
Exploits1
Redos
Redos
•added 2022/05/16 12:0 a.m.•25 views

ROS-20220516-02

A vulnerability in the gzip library is related to errors in file name processing. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files to the system using the command-line utilities zgrep and xzgrep command line utilities...

8.8CVSS8.9AI score0.04271EPSS
Exploits0
Redos
Redos
•added 2022/02/26 12:0 a.m.•25 views

ROS-2-708

2.708 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.1AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2022/02/26 12:0 a.m.•25 views

ROS-2-1013

2.1013 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-1305

2.1305 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-900

2.900 Mozilla Thunderbird email client vulnerability CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-1384

2.1384 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1235

2.1235 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-701

2.701 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.7CVSS6.6AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•26 views

ROS-2-1236

2.1236 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7.1AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1506

2.1506 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-908

2.908 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS9.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-883

2.883 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-590

2.590 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1804

2.1804 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-624

2.624 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8.1AI score0.01368EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1184

2.1184 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.5CVSS7.2AI score0.18114EPSS
Exploits15
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-798

2.798 Vulnerability in Curl CVE-2020-8177 1. Vulnerability Description: The vulnerability allows a local file on the system to be overwritten when accessing an attacker-controlled server. The problem only occurs when the "-J" "--remote-header-name" and "-i" "--head" options are used...

7.8CVSS7.2AI score0.01236EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-873

2.873 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1007

2.1007 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-934

2.934 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-612

2.612 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.1AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1470

2.1470 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-910

2.910 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS9.8AI score0.05984EPSS
Exploits1
Redos
Redos
•added 1976/01/01 12:0 a.m.•25 views

ROS-2-1847

2.1847 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2026/05/29 12:0 a.m.•24 views

ROS-20260529-73-0008

The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...

7.5CVSS6.2AI score0.01052EPSS
Exploits1
Redos
Redos
•added 2026/05/24 12:0 a.m.•24 views

ROS-20260524-73-0018

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00124EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•24 views

ROS-20260524-73-0036

A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

7.1CVSS6.1AI score0.00126EPSS
Exploits0
Total number of security vulnerabilities5000