Lucene search
K
RedosMost viewed

8244 matches found

Redos
Redos
•added 2024/07/08 12:0 a.m.•24 views

ROS-20240708-02

A vulnerability in the TPMLPCRSELECTION functions of the source repository for Trusted Platform Module tools TPM2.0 is related to improper mapping of PCR slots, providing a misleading TPM state. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate output data...

9CVSS6.7AI score0.00984EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•24 views

ROS-20240626-10

A vulnerability in the getUnpushedChanges function of the dependency manager for PHP Composer is related to the use of the status and reinstall commands. status, reinstall and remove commands. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary command...

8.8CVSS7.7AI score0.03255EPSS
Exploits0
Redos
Redos
•added 2024/06/14 12:0 a.m.•24 views

ROS-20240614-02

The vulnerability in the Python programming language interpreter is related to errors in the conversion of int and str data types. int and str data types. Exploitation of the vulnerability could allow an attacker to cause a denial of service due to the algorithmic complexity...

7.5CVSS6.9AI score0.03213EPSS
Exploits0
Redos
Redos
•added 2024/06/13 12:0 a.m.•24 views

ROS-20240613-02

The vulnerability of the RelinquishDCMInfo function of the dcm.c component of the ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial ...

7.1CVSS7.3AI score0.01113EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•24 views

ROS-20240611-05

The vulnerability of the Zabbix Workstation universal monitoring system server is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow a remote attacker to execute an arbitrary code by injecting a specially crafted SQL query. arbitrary code by...

9.1CVSS8.4AI score0.76618EPSS
Exploits5
Redos
Redos
•added 2024/06/07 12:0 a.m.•24 views

ROS-20240607-05

The vulnerability of the system views pgstatsext, pgstatsextexprs of the PostgreSQL DBMS is related to errors in privilege management. in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges...

4.3CVSS4.1AI score0.00722EPSS
Exploits0
Redos
Redos
•added 2024/06/06 12:0 a.m.•24 views

ROS-20240606-09

A vulnerability in the HTTP2 protocol implementation network/access/http2/hpacktable.cpp of the cross-platform Qt software development framework is related to an integer overflow resulting from a a change in the typical order of expressions in a conditional statement "Yoda conditions". Exploitati...

9.8CVSS6.9AI score0.00986EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•24 views

ROS-20240521-03

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

9.8CVSS7AI score0.01869EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•24 views

ROS-20240507-04

A vulnerability in the Temp File Handler component of rc is related to the creation of temporary files. Exploitation The exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

7.5CVSS6.9AI score0.01317EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•24 views

ROS-20240503-08

Vulnerability in the ECDSA private key signature generation component of the client software for various Putty remote access protocols is related to the possibility of secret key recovery. key. Exploitation of the vulnerability could allow a remote intruder to hijack a session by recovering the...

5.9CVSS6.5AI score0.05773EPSS
Exploits0
Redos
Redos
•added 2024/04/25 12:0 a.m.•24 views

ROS-20240425-08

The OpenSearch software family vulnerability is related to a bug in the parser where an input string of small size can cause it to use an undefined amount of memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01449EPSS
Exploits1
Redos
Redos
•added 2024/04/25 12:0 a.m.•24 views

ROS-20240425-03

Vulnerability in the node::http2::Http2Session::Http2Session HTTP/2-server function of the software platform Node.js is related to uncontrolled resource consumption as a result of incorrect definition of the end of the header when processing CONTINUATION frames. Exploitation of the vulnerability...

8.2CVSS7.9AI score0.87211EPSS
Exploits1
Redos
Redos
•added 2024/04/23 12:0 a.m.•24 views

ROS-20240423-10

Unbound's DNS server vulnerability is related to an incorrect session expiration date. Exploiting the vulnerability allows a remote attacker to gain access to confidential data Unbound DNS server vulnerability is related to insufficient input data validation. Exploitation of the vulnerability cou...

6.5CVSS6.8AI score0.0085EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-12

The vulnerability in the SAML PySAML2 standard is related to the XML signature packaging variant, as it does not validate the SAML document against the XML schema. Exploitation of the vulnerability could allow an attacker, remotely bypass signature validation and gain access to protected informat...

6.5CVSS7.2AI score0.01078EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-14

A vulnerability in the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-23

A vulnerability in the opencryptoki package is related to the processing of RSA PKCS1 augmented ciphertexts. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

5.9CVSS7.1AI score0.00878EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-19

The MinIO object storage server vulnerability is related to flaws in access differentiation based on the UpdateServiceAccountAdminAction policy. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

8.8CVSS7.5AI score0.34086EPSS
Exploits4
Redos
Redos
•added 2024/04/09 12:0 a.m.•24 views

ROS-20240409-16

MariaDB spiderdbmbase::printwarnings function vulnerability is related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability allows a remote intruder to cause a denial of service. service...

6.5CVSS7.2AI score0.01486EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•24 views

ROS-20240409-14

A vulnerability in the protectdir pamnamespace.so function of the Linux-PAM authentication module is related to incorrect cleanup or release of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.5CVSS7.3AI score0.00459EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•24 views

ROS-20240408-09

GdkPixbuf image loading library vulnerability is related to writing beyond buffer boundaries. Exploitation exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service via a specially crafted GIF file. A...

8.8CVSS7.8AI score0.02346EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•24 views

ROS-20240404-11

A vulnerability in the libcapstrdup function of the Libcap package is related to an overflow if the input string is close to 4 GB. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7AI score0.00574EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•24 views

ROS-20240402-06

Vulnerability in the password protection mechanism of the Grub2 boot loader is related to the bypass of authentication by spoofing. Exploitation of the vulnerability could allow an attacker to bypass established access control...

6.8CVSS6.9AI score0.00542EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-950

2.950 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-871

2.871 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.6AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-1162

2.1162 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...

6.1CVSS6.8AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-817

2.817 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-988

2.988 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2023/11/21 12:0 a.m.•24 views

ROS-20231121-03

OpenSearch software package vulnerability related to improper permission saving. Exploitation exploitation of the vulnerability could allow an attacker to affect data integrity...

5.4CVSS6.9AI score0.0041EPSS
Exploits0
Redos
Redos
•added 2023/11/20 12:0 a.m.•24 views

ROS-20231120-01

Vulnerability in the gfisomgetuserdata function of the GPAC multimedia platform is related to a buffer overflow in the gpac MP4Box v.2.3-DEV-rev573-g201320819-master. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.9AI score0.00309EPSS
Exploits1
Redos
Redos
•added 2023/10/23 12:0 a.m.•24 views

ROS-20231020-10

Vulnerability in the GNU C Library glibc iconv utility due to insufficient validation of input data. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by invoking the iconv utility with the "-c" option. by invoking the iconv utility with the "-c" option...

5.9CVSS6.9AI score0.04006EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•24 views

ROS-20230915-14

Vulnerability in the AES-SIV encryption algorithm of the OpenSSL library is related to flaws in the procedure of authentication procedure. Exploitation of the vulnerability could allow a remote attacker to bypass the authentication process. the authentication process...

5.3CVSS7.1AI score0.00525EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•24 views

ROS-2-639

2.639 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.1AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2023/07/06 12:0 a.m.•24 views

ROS-2-1269

2.1269 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS7.6AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2023/06/22 12:0 a.m.•24 views

ROS-20230621-03

A vulnerability in the GPAC multimedia platform is related to null pointer dereferencing in gfisomfragmentaddsampleexisomedia/moviefragments.c:2883. Exploitation of the vulnerability could allow an attacker to cause a denial of service DoS, causing the application to crash or render it...

9.8CVSS8.3AI score0.00652EPSS
Exploits2
Redos
Redos
•added 2023/04/28 12:0 a.m.•24 views

ROS-20230428-01

A vulnerability in the Python Charmers Future program is related to improper input validation when processing the the Set-Cookie header. Exploitation of the vulnerability could allow an attacker acting remotely to to send a specially crafted HTTP request to the application and perform a denial of...

7.5CVSS7.4AI score0.01804EPSS
Exploits1
Redos
Redos
•added 2023/04/18 12:0 a.m.•24 views

ROS-20230418-03

A vulnerability in the attribute definition mechanism for the gitattributes paths of the Git distributed version control system is related to an integer overflow. Git version control system is related to integer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely,...

9.8CVSS9.8AI score0.56334EPSS
Exploits0
Redos
Redos
•added 2023/04/13 12:0 a.m.•24 views

ROS-20230413-01

The Nextcloud software vulnerability is related to secure browsing for internal shared resources, which can be bypassed if re-sharing permissions are also granted. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to restricted functions. The...

7.5CVSS7AI score0.01373EPSS
Exploits2
Redos
Redos
•added 2023/03/20 12:0 a.m.•24 views

ROS-20230320-02

A vulnerability in libde265 involves copying an input buffer to an output buffer without checking that the size of the input buffer is less than the size of the output buffer, resulting in a buffer overflow in the of the input buffer is smaller than the output buffer, resulting in a buffer overfl...

7.8CVSS8AI score0.00325EPSS
Exploits2
Redos
Redos
•added 2023/01/24 12:0 a.m.•24 views

ROS-20230124-03

Vulnerability of LibTIFF set of libraries and utilities for viewing, editing and converting TIFF files is related to the processCropSelections function of the tools/tiffcrop.c file of the TIFF Image Handler component. Exploitation of the vulnerability could allow an attacker acting remotely to se...

5.5CVSS6.3AI score0.00461EPSS
Exploits1
Redos
Redos
•added 2022/12/07 12:0 a.m.•24 views

ROS-20221207-02

VLC media player vulnerability, related to a boundary error when playing a malicious URL in the vnc module. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into opening a specially crafted stream, causing memory corruption, and executing arbitrary...

7.8CVSS7.8AI score0.00649EPSS
Exploits1
Redos
Redos
•added 2022/08/09 12:0 a.m.•24 views

ROS-20220804-01

A vulnerability in the Rust language standard library is related to the race condition in the std::fs::removedirall function. Exploitation of the vulnerability could allow an attacker acting remotely to achieve deletion of arbitrary system files and directories that an attacker would not normally...

7.3CVSS6.8AI score0.01376EPSS
Exploits1
Redos
Redos
•added 2022/05/16 12:0 a.m.•24 views

ROS-20220516-02

A vulnerability in the gzip library is related to errors in file name processing. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files to the system using the command-line utilities zgrep and xzgrep command line utilities...

8.8CVSS8.9AI score0.04271EPSS
Exploits0
Redos
Redos
•added 2022/02/25 12:0 a.m.•24 views

ROS-20220225-03

Vulnerability in the zsh shell is related to improper neutralization of special elements, used in PROMPTSUBST recursive extension OS commands when processing malicious output. Exploitation of the vulnerability could allow an attacker acting remotely to enter and execute arbitrary commands on the...

7.8CVSS7.8AI score0.0198EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•24 views

ROS-20220217-02

Vulnerability in Mozilla Thunderbird email client, related to a boundary error in message processing email messages. Exploitation of the vulnerability could allow an attacker, acting remotely, to send an a specially crafted email to a victim, initiate an out-of-bounds entry, and execute arbitrary...

8.8CVSS9AI score0.00701EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-1384

2.1384 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-847

2.847 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS9.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-905

2.905 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-646

2.646 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6.4AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-1280

2.1280 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-812

2.812 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6CVSS7.5AI score0.00485EPSS
Exploits0
Total number of security vulnerabilities5000