Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-817

2.817 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•24 views

ROS-2-988

2.988 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2023/11/21 12:0 a.m.•24 views

ROS-20231121-03

OpenSearch software package vulnerability related to improper permission saving. Exploitation exploitation of the vulnerability could allow an attacker to affect data integrity...

5.4CVSS6.9AI score0.0041EPSS
Exploits0
Redos
Redos
•added 2023/11/20 12:0 a.m.•24 views

ROS-20231120-01

Vulnerability in the gfisomgetuserdata function of the GPAC multimedia platform is related to a buffer overflow in the gpac MP4Box v.2.3-DEV-rev573-g201320819-master. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.9AI score0.00309EPSS
Exploits1
Redos
Redos
•added 2023/10/23 12:0 a.m.•24 views

ROS-20231020-10

Vulnerability in the GNU C Library glibc iconv utility due to insufficient validation of input data. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by invoking the iconv utility with the "-c" option. by invoking the iconv utility with the "-c" option...

5.9CVSS6.9AI score0.04006EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•24 views

ROS-20230915-14

Vulnerability in the AES-SIV encryption algorithm of the OpenSSL library is related to flaws in the procedure of authentication procedure. Exploitation of the vulnerability could allow a remote attacker to bypass the authentication process. the authentication process...

5.3CVSS7.1AI score0.00525EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•24 views

ROS-2-639

2.639 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.1AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2023/07/06 12:0 a.m.•24 views

ROS-2-1269

2.1269 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS7.6AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2023/06/22 12:0 a.m.•24 views

ROS-20230621-03

A vulnerability in the GPAC multimedia platform is related to null pointer dereferencing in gfisomfragmentaddsampleexisomedia/moviefragments.c:2883. Exploitation of the vulnerability could allow an attacker to cause a denial of service DoS, causing the application to crash or render it...

9.8CVSS8.3AI score0.00652EPSS
Exploits2
Redos
Redos
•added 2023/06/19 12:0 a.m.•24 views

ROS-20230619-04

A vulnerability in the OpenSSL cryptographic library is related to ignoring invalid policy certificates in leaf certificates that are skipped for this certificate. Exploitation of the of the vulnerability could allow an attacker to intentionally assert invalid certificate policies to completely...

5.3CVSS6.7AI score0.01583EPSS
Exploits0
Redos
Redos
•added 2023/04/28 12:0 a.m.•24 views

ROS-20230428-01

A vulnerability in the Python Charmers Future program is related to improper input validation when processing the the Set-Cookie header. Exploitation of the vulnerability could allow an attacker acting remotely to to send a specially crafted HTTP request to the application and perform a denial of...

7.5CVSS7.4AI score0.01804EPSS
Exploits1
Redos
Redos
•added 2023/04/18 12:0 a.m.•24 views

ROS-20230418-04

A vulnerability in the pki-core public key infrastructure deployment management system is related to insufficient validation of user-entered XML data, which could be passed by specially created XML code to a vulnerable application and view the contents of arbitrary files on the system or initiate...

7.5CVSS7.7AI score0.85323EPSS
Exploits3
Redos
Redos
•added 2023/04/18 12:0 a.m.•24 views

ROS-20230418-03

A vulnerability in the attribute definition mechanism for the gitattributes paths of the Git distributed version control system is related to an integer overflow. Git version control system is related to integer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely,...

9.8CVSS9.8AI score0.56334EPSS
Exploits0
Redos
Redos
•added 2023/04/13 12:0 a.m.•24 views

ROS-20230413-01

The Nextcloud software vulnerability is related to secure browsing for internal shared resources, which can be bypassed if re-sharing permissions are also granted. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to restricted functions. The...

7.5CVSS7AI score0.01373EPSS
Exploits2
Redos
Redos
•added 2022/12/29 12:0 a.m.•25 views

ROS-20221229-02

A vulnerability in the Mozilla Firefox browser is related to the fact that a process can partially exit the sandbox and read arbitrary files using IPC messages associated with the clipboard. Exploitation of the of the vulnerability could allow an attacker acting remotely to open a given source an...

8.6CVSS9.1AI score0.00772EPSS
Exploits0
Redos
Redos
•added 2022/08/09 12:0 a.m.•24 views

ROS-20220804-01

A vulnerability in the Rust language standard library is related to the race condition in the std::fs::removedirall function. Exploitation of the vulnerability could allow an attacker acting remotely to achieve deletion of arbitrary system files and directories that an attacker would not normally...

7.3CVSS6.8AI score0.01376EPSS
Exploits1
Redos
Redos
•added 2022/02/25 12:0 a.m.•24 views

ROS-20220225-03

Vulnerability in the zsh shell is related to improper neutralization of special elements, used in PROMPTSUBST recursive extension OS commands when processing malicious output. Exploitation of the vulnerability could allow an attacker acting remotely to enter and execute arbitrary commands on the...

7.8CVSS7.8AI score0.0198EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•24 views

ROS-20220217-02

Vulnerability in Mozilla Thunderbird email client, related to a boundary error in message processing email messages. Exploitation of the vulnerability could allow an attacker, acting remotely, to send an a specially crafted email to a victim, initiate an out-of-bounds entry, and execute arbitrary...

8.8CVSS9AI score0.00701EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•24 views

ROS-20220125-03

The vulnerability in the Clam AntiVirus software package is related to a flaw in the OOXML parsing module. OOXML parsing module. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted OOXML file and perform a denial-of-service DoS attack. a specially...

7.5CVSS7.3AI score0.03061EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-650

2.650 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.6AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-905

2.905 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-1280

2.1280 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-924

2.924 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-812

2.812 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6CVSS7.5AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-847

2.847 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS9.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/12/23 12:0 a.m.•24 views

ROS-2-1014

2.1014 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-689

2.689 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.2AI score0.61061EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-941

2.941 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS9.9AI score0.08026EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-716

2.716 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-986

2.986 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1524

2.1524 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.2AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-487

2.487 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

6.1CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1266

2.1266 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7.1AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1189

2.1189 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

7.5CVSS7AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1166

2.1166 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

9.8CVSS7.5AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-991

2.991 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-526

2.526 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

9.8CVSS7.3AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1338

2.1338 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.2AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-614

2.614 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS8AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-904

2.904 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.8CVSS8.4AI score0.99295EPSS
Exploits91
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-890

2.890 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-559

2.559 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726...

6.1CVSS7.6AI score0.01905EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-906

2.906 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1248

2.1248 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1279

2.1279 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

7.8CVSS7.5AI score0.01922EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-997

2.997 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS9.9AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-581

2.581 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

6.9AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-519

2.519 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-993

2.993 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits1
Redos
Redos
•added 1976/01/01 12:0 a.m.•24 views

ROS-2-629

2.629 VLC vulnerability CVE-2021-3185 1. Vulnerability description: Vulnerability in the implementation of the h264parse module developed by the GStreamer project included in the gstreamer-plugins-bad set. The issue is caused by a buffer overflow in the gsth264sliceparsedecrefpicmarking function...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Total number of security vulnerabilities5000