Lucene search
K
RedosMost viewed

8157 matches found

Redos
Redos
•added 2024/08/26 12:0 a.m.•23 views

ROS-20240826-20

Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file Vulnerability of net/http and net/http2 libraries of Go programming language in...

9.8CVSS8.3AI score0.91969EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•23 views

ROS-20240826-19

Vulnerability in Wheel Python Packaging Authority package installation tools is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.02659EPSS
Exploits1
Redos
Redos
•added 2024/08/20 12:0 a.m.•23 views

ROS-20240820-08

A vulnerability in the filtervar function of the PHP programming language interpreter is related to insufficient data authentication. data authentication. Exploitation of the vulnerability could allow an attacker acting remotely, spoof URLs with erroneous data...

5.3CVSS6.7AI score0.12117EPSS
Exploits1
Redos
Redos
•added 2024/08/20 12:0 a.m.•23 views

ROS-20240820-04

Vulnerability in XML parser library libexpat is related to uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS7.4AI score0.01815EPSS
Exploits1
Redos
Redos
•added 2024/08/07 12:0 a.m.•24 views

ROS-20240807-10

BIND DNS server vulnerability is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending multiple DNS messages over TCP The BIND DNS server vulnerability involves sending a large number of clie...

7.5CVSS6.6AI score0.0468EPSS
Exploits0
Redos
Redos
•added 2024/08/07 12:0 a.m.•23 views

ROS-20240807-09

A vulnerability in the V8 JavaScript script handler of the Google Chrome browser is related to an improperly implemented security checks for the standard. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform a sandbox exit using a specially crafted HTML page A...

9.6CVSS8.9AI score0.00865EPSS
Exploits11
Redos
Redos
•added 2024/08/05 12:0 a.m.•23 views

ROS-20240805-02

A vulnerability in the implementation of the application program interface of the Rust programming language interpreter for Windows operating systems is related to the introduction or modification of arguments. Windows operating systems is related to the introduction or modification of arguments...

10CVSS8.2AI score0.20342EPSS
Exploits10
Redos
Redos
•added 2024/08/05 12:0 a.m.•23 views

ROS-20240805-07

Vulnerability of oghttp codec in the part of HTTP/2 protocol implementation of Envoy proxy server is related to the bug request reset when header size limits are exceeded as a result of missing ENDHEADERS flag when processing CONTINUATION frames. Exploitation of the vulnerability could allow an...

7.5CVSS6.8AI score0.86746EPSS
Exploits1
Redos
Redos
•added 2024/08/05 12:0 a.m.•23 views

ROS-20240805-08

A vulnerability in the golang package of the Debian GNU/Linux operating system is related to a lack of protection for service data. data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A vulnerability in the golang package of the...

7.5CVSS7.9AI score0.01815EPSS
Exploits1
Redos
Redos
•added 2024/07/29 12:0 a.m.•23 views

ROS-20240729-12

A vulnerability in the Eclipse Jetty servlet container is related to length overflow errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.03754EPSS
Exploits1
Redos
Redos
•added 2024/07/29 12:0 a.m.•23 views

ROS-20240729-16

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

8.3CVSS8AI score0.01279EPSS
Exploits0
Redos
Redos
•added 2024/07/25 12:0 a.m.•23 views

ROS-20240725-03

A vulnerability in Google Chrome browser's JavaScript script handler V8 is related to reading outside the boundaries of memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform access outside the outside of the allocated memory space using a specially crafted...

6.5CVSS6.3AI score0.00247EPSS
Exploits1
Redos
Redos
•added 2024/07/13 12:0 a.m.•23 views

ROS-20240709-01

Vulnerability of the function UnicodeString::doAppend unistr.cpp of the International Components for Unicode library is related to integer overflow of the data structure. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to sensitive data, cause...

8.8CVSS7.6AI score0.02669EPSS
Exploits0
Redos
Redos
•added 2024/07/13 12:0 a.m.•23 views

ROS-20240711-03

Vulnerability of NTFS file handler NtfsHandler.cpp of 7-Zip archiver is related to the possibility of heap-based buffer overflow of a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, execute arbitrary code A vulnerability in the NTFS file...

8.4CVSS6.8AI score0.00989EPSS
Exploits1
Redos
Redos
•added 2024/07/04 12:0 a.m.•23 views

ROS-20240704-05

Vulnerability in the OpenSearch software package related to incorrectly restricting reference to an external XML entity. Exploitation of the vulnerability could allow an attacker to conduct XXE attacks...

5CVSS6.7AI score0.00386EPSS
Exploits1
Redos
Redos
•added 2024/07/04 12:0 a.m.•23 views

ROS-20240704-11

A vulnerability in the GnuTLS cryptographic library is related to the use of incorrect cryptography to encryption of a session ticket. Exploitation of the vulnerability could allow an attacker acting remotely, bypass TLS authentications and gain access to sensitive data...

7.4CVSS6.7AI score0.17507EPSS
Exploits3
Redos
Redos
•added 2024/06/14 12:0 a.m.•23 views

ROS-20240614-02

The vulnerability in the Python programming language interpreter is related to errors in the conversion of int and str data types. int and str data types. Exploitation of the vulnerability could allow an attacker to cause a denial of service due to the algorithmic complexity...

7.5CVSS6.9AI score0.03213EPSS
Exploits0
Redos
Redos
•added 2024/06/13 12:0 a.m.•23 views

ROS-20240613-02

The vulnerability of the RelinquishDCMInfo function of the dcm.c component of the ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial ...

7.1CVSS7.3AI score0.01113EPSS
Exploits0
Redos
Redos
•added 2024/06/07 12:0 a.m.•23 views

ROS-20240607-02

Vulnerability of closealtfile function for text terminals of UNIX-like Less systems is related to skipping Shellquote calls for LESSCLOSE in filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

7.8CVSS8.9AI score0.01059EPSS
Exploits0
Redos
Redos
•added 2024/06/06 12:0 a.m.•23 views

ROS-20240606-09

A vulnerability in the HTTP2 protocol implementation network/access/http2/hpacktable.cpp of the cross-platform Qt software development framework is related to an integer overflow resulting from a a change in the typical order of expressions in a conditional statement "Yoda conditions". Exploitati...

9.8CVSS6.9AI score0.00986EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•23 views

ROS-20240507-01

Vulnerability of ANSI Escape Sequence Handler component of WinRAR file archiver is related to errors in input data processing. input data processing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or tamper with screen output...

7.1CVSS6.9AI score0.00817EPSS
Exploits1
Redos
Redos
•added 2024/05/07 12:0 a.m.•23 views

ROS-20240507-04

A vulnerability in the Temp File Handler component of rc is related to the creation of temporary files. Exploitation The exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

7.5CVSS6.9AI score0.01317EPSS
Exploits0
Redos
Redos
•added 2024/04/25 12:0 a.m.•23 views

ROS-20240425-08

The OpenSearch software family vulnerability is related to a bug in the parser where an input string of small size can cause it to use an undefined amount of memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01449EPSS
Exploits1
Redos
Redos
•added 2024/04/25 12:0 a.m.•23 views

ROS-20240425-03

Vulnerability in the node::http2::Http2Session::Http2Session HTTP/2-server function of the software platform Node.js is related to uncontrolled resource consumption as a result of incorrect definition of the end of the header when processing CONTINUATION frames. Exploitation of the vulnerability...

8.2CVSS7.9AI score0.87211EPSS
Exploits1
Redos
Redos
•added 2024/04/23 12:0 a.m.•23 views

ROS-20240423-10

Unbound's DNS server vulnerability is related to an incorrect session expiration date. Exploiting the vulnerability allows a remote attacker to gain access to confidential data Unbound DNS server vulnerability is related to insufficient input data validation. Exploitation of the vulnerability cou...

6.5CVSS6.8AI score0.0085EPSS
Exploits0
Redos
Redos
•added 2024/04/22 12:0 a.m.•23 views

ROS-20240422-07

A vulnerability in the Iperf3 network bandwidth measurement tool is related to the fact that a client can send less than the expected amount of data to the iperf server, which could cause the server to will indefinitely wait for the remainder or until the connection is is closed. Exploitation of...

5.3CVSS7.2AI score0.00932EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•23 views

ROS-20240418-07

A vulnerability in the idxd: component of the Linux operating system kernel is related to pasid writing when the device. Exploitation of the vulnerability could allow an attacker to impact the integrity of the protected information A vulnerability in the nftables: component of the Linux kernel is...

5.5CVSS7.6AI score0.00241EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-02

Vulnerability in the HTTP/3 QUIC module of NGINX Plus, NGINX OSS web servers that allows an attacker to cause a denial of service. denial of service Vulnerability of ngxhttpv3module module of NGINX and NGINX Plus servers is related to memory usage after its release. memory after it has been freed...

7.5CVSS7AI score0.01061EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-22

Vulnerability of chroot build environment manager for creating RPM packages Mock is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.3AI score0.01552EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-19

The MinIO object storage server vulnerability is related to flaws in access differentiation based on the UpdateServiceAccountAdminAction policy. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

8.8CVSS7.5AI score0.34086EPSS
Exploits4
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-12

The vulnerability in the SAML PySAML2 standard is related to the XML signature packaging variant, as it does not validate the SAML document against the XML schema. Exploitation of the vulnerability could allow an attacker, remotely bypass signature validation and gain access to protected informat...

6.5CVSS7.2AI score0.01078EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-14

A vulnerability in the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•23 views

ROS-20240409-13

A vulnerability in the python-eventlet library of the OpenStack Platform cloud building platform is related to incorrect resource sweeping or freeing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•23 views

ROS-20240409-07

A vulnerability in the shadow-utils package is related to requesting the password twice and not clearing the memory buffer. Exploitation of the vulnerability could allow an attacker to gain access to the device...

5.5CVSS7.5AI score0.00257EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•23 views

ROS-20240408-09

GdkPixbuf image loading library vulnerability is related to writing beyond buffer boundaries. Exploitation exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service via a specially crafted GIF file. A...

8.8CVSS7.8AI score0.02346EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•23 views

ROS-20240405-07

Vulnerability in slicesegmentheader function of Libde265 video codec implementation is related to copying the buffer without checking the input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

6.5CVSS6.6AI score0.00766EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•23 views

ROS-20240403-03

A vulnerability in the libtirpc package is related to the exhaustion of process file descriptors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.02088EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•23 views

ROS-20240404-15

A vulnerability in the libwebp library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to write data outside of the buffer boundaries through a crafted HTML page. HTML page...

7AI score
Exploits5
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-1617

2.1617 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-1422

2.1422 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.7AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-950

2.950 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-482

2.482 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.7AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-990

2.990 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-1404

2.1404 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.4AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-1173

2.1173 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.5AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2024/03/13 12:0 a.m.•23 views

ROS-2-1356

2.1356 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2023/10/24 12:0 a.m.•23 views

ROS-20231024-03

The OAuth2 token vulnerability of the cloud-based software for creating and utilizing Nextcloud storage Nextcloud data storage software is related to the storage of OAuth2 tokens in plaintext. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server a...

8.8CVSS7.5AI score0.00699EPSS
Exploits0
Redos
Redos
•added 2023/10/23 12:0 a.m.•23 views

ROS-20231023-01

Vulnerability in libtom function of libtommath library is related to integer overflow. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS7.7AI score0.01254EPSS
Exploits0
Redos
Redos
•added 2023/09/26 12:0 a.m.•23 views

ROS-20230926-01

Vulnerability of the gfbifsflushcommandlist function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to pass arbitrary...

5.5CVSS7.3AI score0.00278EPSS
Exploits1
Redos
Redos
•added 2023/09/18 12:0 a.m.•23 views

ROS-20230914-08

GPAC multimedia platform vulnerability is related to integer sign overflow in the filters/muxisom.c:5716:20. Exploitation of the vulnerability could allow an attacker to cause the application to crash. The GPAC multimedia platform vulnerability is related to null pointer dereferencing in function...

5.9CVSS7.3AI score0.00306EPSS
Exploits5
Total number of security vulnerabilities5000