Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-1434

2.1434 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-1280

2.1280 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-812

2.812 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6CVSS7.5AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-1327

2.1327 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-924

2.924 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/23 12:0 a.m.•23 views

ROS-2-1014

2.1014 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1186

2.1186 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

8.8CVSS7.3AI score0.05107EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-559

2.559 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726...

6.1CVSS7.6AI score0.01905EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1524

2.1524 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.2AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1010

2.1010 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-487

2.487 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

6.1CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1002

2.1002 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-890

2.890 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1449

2.1449 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-993

2.993 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-848

2.848 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS7.8AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-519

2.519 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-906

2.906 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1266

2.1266 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7.1AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-564

2.564 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.7CVSS9.7AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1249

2.1249 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-985

2.985 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

8.8CVSS7.5AI score0.01861EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-986

2.986 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1166

2.1166 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

9.8CVSS7.5AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-991

2.991 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-565

2.565 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS6.8AI score0.10634EPSS
Exploits3
Redos
Redos
•added 2026/05/13 12:0 a.m.•22 views

ROS-20260513-73-0002

Vulnerability in rubygem-rack related to permissive regular expressions. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

7.5CVSS5.8AI score0.00209EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•22 views

ROS-2-542

2.542 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.9AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•22 views

ROS-20250513-03

Vulnerability of the afpacket component of the Linux kernel is related to incorrect error handling in packetcurrentframe and vlangettci functions in net/packet/afpacket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mcppinconfget a...

7.8CVSS8.2AI score0.00737EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•22 views

ROS-20250505-05

The vulnerability of the Zabbix universal monitoring system is related to insufficient cleansing of user data passed via the "groupBy" parameter in include/classes/api/CApiService.php. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL queries in the database...

8.8CVSS7.6AI score0.2926EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•22 views

ROS-20250505-09

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

9.8CVSS8AI score0.00414EPSS
Exploits0
Redos
Redos
•added 2024/12/05 12:0 a.m.•22 views

ROS-20241205-02

A vulnerability in the drmfileupdatepid function in the drivers/gpu/drm/drmfile.c module of the kernel video driver of the of the Linux operating system is related to the reuse of previously freed memory due to competitive resource access race condition. competitive access to the resource race...

7.8CVSS7AI score0.00322EPSS
Exploits4
Redos
Redos
•added 2024/10/15 12:0 a.m.•22 views

ROS-20241015-09

A vulnerability in the Golang programming language is related to the lack of value cleanup. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

9.8CVSS8.1AI score0.00833EPSS
Exploits0
Redos
Redos
•added 2024/10/09 12:0 a.m.•22 views

ROS-20241009-03

A vulnerability in the ksmbd component of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the vcap component of the Linux operating system kernel is related to memory usage after...

7.8CVSS7.2AI score0.00276EPSS
Exploits0
Redos
Redos
•added 2024/10/09 12:0 a.m.•22 views

ROS-20241009-01

Vulnerability in libcmalloc component of virtuoso-opensource web application development platform is related to incorrect neutralization of special elements used in SQL command. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by using special...

7.5CVSS7.6AI score0.00909EPSS
Exploits25
Redos
Redos
•added 2024/09/19 12:0 a.m.•22 views

ROS-20240918-11

A vulnerability in the libpcap library's freeaddrinfo function is related to calling freeaddrinfo for the same allocated memory block. same allocated block of memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

4.4CVSS4.7AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•22 views

ROS-20240919-03

A vulnerability in the nommu component of the Linux operating system kernel is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm component of the Linux kernel is related to NULL pointer dereferencing...

5.5CVSS6.5AI score0.00208EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•22 views

ROS-20240917-06

A glitch in the sessionlogin.cgi script of the Webmin hosting control panel and web interface for unix-like systems Usermin exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a...

6.1CVSS7AI score0.004EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-09

A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...

5.5CVSS7.2AI score0.05794EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-12

A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00535EPSS
Exploits1
Redos
Redos
•added 2024/09/02 12:0 a.m.•22 views

ROS-20240902-13

A vulnerability in the Go Getter library is related to a Git update for an existing maliciously modified Git configuration. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS6.8AI score0.00973EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•22 views

ROS-20240827-06

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...

6.1CVSS6.2AI score0.01119EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•22 views

ROS-20240826-17

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service Vulnerability of...

9.3CVSS6.4AI score0.82853EPSS
Exploits9
Redos
Redos
•added 2024/08/20 12:0 a.m.•22 views

ROS-20240820-09

Vulnerability of mutexunlock function in spi component of Linux kernel is related to memory usage after mutex addlock is released. Exploitation of the vulnerability could allow an intruder to affect confidentiality, integrity and availability of protected information The vulnerability of the...

7.8CVSS6.9AI score0.00828EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•22 views

ROS-20240820-05

A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...

3.1CVSS6.5AI score0.00601EPSS
Exploits0
Redos
Redos
•added 2024/08/16 12:0 a.m.•22 views

ROS-20240816-06

The vulnerability in OpenVPN software is related to the lack of resource release after the resource expires. the resource's expiration date. Exploitation of the vulnerability could allow an attacker to "save a session" even if the the server has been ordered to disconnect that client...

4.3CVSS6.7AI score0.00665EPSS
Exploits0
Redos
Redos
•added 2024/08/12 12:0 a.m.•22 views

ROS-20240812-07

Squid proxy server vulnerability is related to uncontrolled resource consumption as a result of filtering and data reduction to an unsafe value when processing HTTP header length. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service by...

7.5CVSS6.7AI score0.88864EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•22 views

ROS-20240806-07

A vulnerability in the Fake Authentication Result Handler component of OpenDKIM DKIM filter software is related to the lack of sequence number verification when deleting fake fields. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity...

5.3CVSS6.8AI score0.00575EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•22 views

ROS-20240806-09

Gstreamer multimedia framework vulnerability is related to stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to execute arbitrary code using specially crafted H265 encoded files. specially crafted H265 encoded files Gstreamer multimedia framework vulnerability ...

8.8CVSS7.9AI score0.02009EPSS
Exploits0
Redos
Redos
•added 2024/08/05 12:0 a.m.•22 views

ROS-20240805-07

Vulnerability of oghttp codec in the part of HTTP/2 protocol implementation of Envoy proxy server is related to the bug request reset when header size limits are exceeded as a result of missing ENDHEADERS flag when processing CONTINUATION frames. Exploitation of the vulnerability could allow an...

7.5CVSS6.8AI score0.86746EPSS
Exploits1
Total number of security vulnerabilities5000