Lucene search
K
RedosMost viewed

8244 matches found

Redos
Redos
•added 2023/07/06 12:0 a.m.•23 views

ROS-2-1004

2.1004 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•23 views

ROS-2-1585

2.1585 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2023/06/22 12:0 a.m.•23 views

ROS-20230622-07

The vulnerability in the libx11 library is due to the fact that the functions in src/InitExt.c in libX11 do not check that the the values provided for request, event, or error identifiers are within the boundaries of the of the arrays to which these functions write, using these identifiers as arr...

7.5CVSS7.8AI score0.01656EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•23 views

ROS-20230619-01

The vulnerability in the GLPI web application is related to insufficient cleansing of user data in the administration panel of the administration panel, a user could inject and execute arbitrary HTML code and script in the browser of a user's browser in the context of a vulnerable website...

10CVSS7.6AI score0.00815EPSS
Exploits0
Redos
Redos
•added 2022/11/21 12:0 a.m.•23 views

ROS-20221121-01

A vulnerability in the plugins/sudoers/auth/passwd.c file of the Sudo system administration program is related to the following the ability to read outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.1CVSS7AI score0.00271EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•23 views

ROS-20220125-06

The vulnerability in the Flatpak deployment, package management utility is due to the application not properly checks whether the permissions displayed to the user for the application during installation correspond to the actual permissions granted to the application at runtime. during installati...

8.6CVSS8.5AI score0.01346EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•23 views

ROS-20220125-16

A vulnerability in the GNU Binary Utilities toolkit binutils is related to a boundary error in the stabxcoffbuiltintype function in stabs.c. Exploitation of the vulnerability could allow an attacker, acting remotely, to initiate unauthorized writing and execution of arbitrary code on the target...

7.8CVSS7.9AI score0.01312EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-1434

2.1434 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-1327

2.1327 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-20211223-02

LibreOffice office suite vulnerability involves improper signature verification. Exploitation The vulnerability could allow an attacker acting remotely to manipulate a document so that the content was displayed as correctly signed, even though it was not the content associated with the the...

7.5CVSS7.3AI score0.00709EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1186

2.1186 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

8.8CVSS7.3AI score0.05107EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-822

2.822 Remote code execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.5AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1378

2.1378 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-940

2.940 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

9.8CVSS9.4AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1010

2.1010 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1002

2.1002 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-848

2.848 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS7.8AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-575

2.575 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.8CVSS7.3AI score0.08026EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-632

2.632 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS7.7AI score0.04006EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1728

2.1728 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-519

2.519 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-820

2.820 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromise...

9.8CVSS9.2AI score0.02377EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-645

2.645 Multiple Vulnerabilities in LibTIFF 1. Vulnerability description: CVE-2020-35524 CVE-2020-35523 CVE-2020-35522 CVE-2020-35522 CVE-2020-35521 The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a boundary error in TIFF...

7.8CVSS8.3AI score0.01922EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-564

2.564 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.7CVSS9.7AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-579

2.579 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

6CVSS6.8AI score0.0094EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-892

2.892 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS9.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1249

2.1249 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-985

2.985 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

8.8CVSS7.5AI score0.01861EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-979

2.979 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

9.8CVSS7.8AI score0.95785EPSS
Exploits8
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1392

2.1392 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.8CVSS10AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1449

2.1449 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-993

2.993 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-856

2.856 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-844

2.844 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS10AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1385

2.1385 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-565

2.565 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS6.8AI score0.10634EPSS
Exploits3
Redos
Redos
•added 2026/05/24 12:0 a.m.•22 views

ROS-20260524-73-0041

Vulnerability in mariadb11.4 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.3CVSS7.1AI score0.00274EPSS
Exploits1
Redos
Redos
•added 2026/05/13 12:0 a.m.•22 views

ROS-20260513-73-0002

Vulnerability in rubygem-rack related to permissive regular expressions. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

7.5CVSS5.8AI score0.00209EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•22 views

ROS-20260508-73-0004

Vulnerability in rubygem-activesupport related to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.1CVSS6.2AI score0.00327EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•22 views

ROS-2-542

2.542 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.9AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•22 views

ROS-2-525

2.525 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.1AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2025/05/13 12:0 a.m.•22 views

ROS-20250513-03

Vulnerability of the afpacket component of the Linux kernel is related to incorrect error handling in packetcurrentframe and vlangettci functions in net/packet/afpacket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mcppinconfget a...

7.8CVSS8.2AI score0.00737EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•22 views

ROS-20250505-09

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

9.8CVSS8AI score0.00414EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•22 views

ROS-20250403-16

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to an incorrect checking of X-Sendfile-Type header input in Rack::Sendfile during processing. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate log entries...

7.5CVSS7.1AI score0.00699EPSS
Exploits0
Redos
Redos
•added 2024/12/16 12:0 a.m.•22 views

ROS-20241216-02

Vulnerability of zbxsnmpcachehandleengineid function of Universal Monitoring System proxy server Zabbix is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Zabbix...

8.8CVSS8AI score0.00797EPSS
Exploits1
Redos
Redos
•added 2024/12/16 12:0 a.m.•22 views

ROS-20241216-05

A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...

8.8CVSS6.6AI score0.00797EPSS
Exploits1
Redos
Redos
•added 2024/12/05 12:0 a.m.•22 views

ROS-20241205-02

A vulnerability in the drmfileupdatepid function in the drivers/gpu/drm/drmfile.c module of the kernel video driver of the of the Linux operating system is related to the reuse of previously freed memory due to competitive resource access race condition. competitive access to the resource race...

7.8CVSS7AI score0.00322EPSS
Exploits4
Redos
Redos
•added 2024/10/15 12:0 a.m.•22 views

ROS-20241015-09

A vulnerability in the Golang programming language is related to the lack of value cleanup. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

9.8CVSS8.1AI score0.00833EPSS
Exploits0
Redos
Redos
•added 2024/10/09 12:0 a.m.•22 views

ROS-20241009-01

Vulnerability in libcmalloc component of virtuoso-opensource web application development platform is related to incorrect neutralization of special elements used in SQL command. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by using special...

7.5CVSS7.6AI score0.00909EPSS
Exploits25
Redos
Redos
•added 2024/09/19 12:0 a.m.•22 views

ROS-20240918-11

A vulnerability in the libpcap library's freeaddrinfo function is related to calling freeaddrinfo for the same allocated memory block. same allocated block of memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

4.4CVSS4.7AI score0.00227EPSS
Exploits0
Total number of security vulnerabilities5000