Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2024/06/06 12:0 a.m.•22 views

ROS-20240606-06

A vulnerability in the yajltreeparse function of the YAJL-ruby JSON library is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

6.5CVSS6.6AI score0.01129EPSS
Exploits1
Redos
Redos
•added 2024/06/06 12:0 a.m.•22 views

ROS-20240606-02

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

5.2CVSS6.6AI score0.00756EPSS
Exploits1
Redos
Redos
•added 2024/04/22 12:0 a.m.•22 views

ROS-20240422-08

A vulnerability in the TC flower packet management filter of the software-defined multi-tiered Open vSwitch OvS switch is related to flaws in the handling of exceptional states resulting from an incorrect validation of Geneve packet metadata. incorrect validation of Geneve packet metadata...

7.5CVSS7.2AI score0.01033EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•22 views

ROS-20240418-03

A vulnerability in the underlying authentication system of the Grafana web presentation tool is related to flaws in the authorization mechanism when processing the verifyemailenabled parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass email verification...

5.4CVSS7.5AI score0.01385EPSS
Exploits1
Redos
Redos
•added 2024/04/18 12:0 a.m.•22 views

ROS-20240418-07

A vulnerability in the idxd: component of the Linux operating system kernel is related to pasid writing when the device. Exploitation of the vulnerability could allow an attacker to impact the integrity of the protected information A vulnerability in the nftables: component of the Linux kernel is...

5.5CVSS7.6AI score0.00241EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-22

Vulnerability of chroot build environment manager for creating RPM packages Mock is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.3AI score0.01552EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-02

Vulnerability in the HTTP/3 QUIC module of NGINX Plus, NGINX OSS web servers that allows an attacker to cause a denial of service. denial of service Vulnerability of ngxhttpv3module module of NGINX and NGINX Plus servers is related to memory usage after its release. memory after it has been freed...

7.5CVSS7AI score0.01061EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-03

A vulnerability in the Libvirt virtualization management library is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.5CVSS7AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-06

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...

5.3CVSS6.9AI score0.00922EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•22 views

ROS-20240409-09

Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...

5.5CVSS7AI score0.00432EPSS
Exploits5
Redos
Redos
•added 2024/04/08 12:0 a.m.•22 views

ROS-20240408-18

A vulnerability in the makeftpcmd component of the ProFTPD FTP server is related to a single-byte read outside the of the allowed range. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.7AI score0.04249EPSS
Exploits1
Redos
Redos
•added 2024/04/05 12:0 a.m.•22 views

ROS-20240405-07

Vulnerability in slicesegmentheader function of Libde265 video codec implementation is related to copying the buffer without checking the input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

6.5CVSS6.6AI score0.00766EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240404-15

A vulnerability in the libwebp library is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to write data outside of the buffer boundaries through a crafted HTML page. HTML page...

7AI score
Exploits5
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240404-20

A vulnerability in the Vorbis-tools package is related to the conversion of wav files to ogg files. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS6.7AI score0.00448EPSS
Exploits1
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240403-03

A vulnerability in the libtirpc package is related to the exhaustion of process file descriptors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.02088EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240403-04

Vulnerability of onstreamio and dnsstreamcomplete functions of the subsystem of initialization and management of services Systemd is related to not incrementing the reference count for the DnsStream object. Exploitation of the vulnerability could allow a remote intruder to violate the integrity a...

9.8CVSS6.8AI score0.01052EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240403-06

A vulnerability in the adodbaddslashes function of the adodb library is related to improper authentication. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication...

9.1CVSS7AI score0.0217EPSS
Exploits1
Redos
Redos
•added 2024/04/03 12:0 a.m.•22 views

ROS-20240402-22

Moodle virtual learning environment vulnerability is related to lack of additional comment cleanup Wiki. Exploitation of the vulnerability could allow an attacker acting remotely to perform a cross-site scripting attacks XSS A vulnerability in the Moodle virtual learning environment is related to...

9.8CVSS6.5AI score0.0137EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-805

2.805 Vulnerability in OpenVPN CVE-2020-11810 1. Vulnerability description: A corrective release of the OpenVPN Virtual Private Networking Package 2.4.9 has been generated. The new version addresses a vulnerability CVE-2020-11810 that allows a client session to be transferred to a new IP address...

3.7CVSS7.2AI score0.01609EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-1356

2.1356 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-466

2.466 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

8.4AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-455

2.455 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6CVSS7.1AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-1169

2.1169 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted...

7.8CVSS8.4AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-1173

2.1173 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.5AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-1573

2.1573 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS7.6AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/09/26 12:0 a.m.•22 views

ROS-20230926-01

Vulnerability of the gfbifsflushcommandlist function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to pass arbitrary...

5.5CVSS7.3AI score0.00278EPSS
Exploits1
Redos
Redos
•added 2023/09/18 12:0 a.m.•22 views

ROS-20230914-08

GPAC multimedia platform vulnerability is related to integer sign overflow in the filters/muxisom.c:5716:20. Exploitation of the vulnerability could allow an attacker to cause the application to crash. The GPAC multimedia platform vulnerability is related to null pointer dereferencing in function...

5.9CVSS7.3AI score0.00306EPSS
Exploits5
Redos
Redos
•added 2023/09/12 12:0 a.m.•22 views

ROS-20230911-01

A vulnerability in the traffic analysis software Wireshark is related to insufficient validation of user input in the iSCSI dissector. user input to the iSCSI dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, pass specially crafted input data to the applicatio...

5.5CVSS6.8AI score0.00232EPSS
Exploits0
Redos
Redos
•added 2023/09/08 12:0 a.m.•22 views

ROS-20230908-08

A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to to override text direction in file names. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct spoofing attacks...

7.5CVSS6.9AI score0.00556EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•22 views

ROS-20230825-06

A vulnerability in the Yasm assembler is related to null pointer dereferencing in /libyasm/intnum.c and /elf/elf.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...

5.5CVSS6.7AI score0.00338EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1297

2.1297 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1319

2.1319 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.3AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1290

2.1290 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-607

2.607 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-539

2.539 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

9.8CVSS8.6AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1004

2.1004 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-907

2.907 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1167

2.1167 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Failure to initialize memory when allocating buffers for pixmaps using the AllocatePixmap call could cause the X client to leak memory contents from the heap when the X...

6.7CVSS7.8AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-858

2.858 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/06/19 12:0 a.m.•22 views

ROS-20230619-04

A vulnerability in the OpenSSL cryptographic library is related to ignoring invalid policy certificates in leaf certificates that are skipped for this certificate. Exploitation of the of the vulnerability could allow an attacker to intentionally assert invalid certificate policies to completely...

5.3CVSS6.7AI score0.01583EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•22 views

ROS-20230619-01

The vulnerability in the GLPI web application is related to insufficient cleansing of user data in the administration panel of the administration panel, a user could inject and execute arbitrary HTML code and script in the browser of a user's browser in the context of a vulnerable website...

10CVSS7.6AI score0.00815EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•22 views

ROS-20230619-06

Vulnerability in protobuf-c data serialization protocol is related to integer overflow in the function parserequiredmember. Exploitation of the vulnerability could allow an attacker acting remotely, to cause a complete compromise of the vulnerable system...

5.5CVSS6.2AI score0.00366EPSS
Exploits0
Redos
Redos
•added 2022/12/29 12:0 a.m.•22 views

ROS-20221229-01

A vulnerability in the GdkPixbuf image processing library is related to a heap buffer overflow when composing or clearing frames in GIF files in the io-gif-animation.ccompositeframe file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to a...

7.8CVSS8.4AI score0.00748EPSS
Exploits1
Redos
Redos
•added 2022/11/21 12:0 a.m.•22 views

ROS-20221121-01

A vulnerability in the plugins/sudoers/auth/passwd.c file of the Sudo system administration program is related to the following the ability to read outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.1CVSS7AI score0.00271EPSS
Exploits0
Redos
Redos
•added 2022/03/29 12:0 a.m.•22 views

ROS-20220329-03

Vulnerability in the implementation of OpenVPN virtual private network technology due to a bug in the processing of authentication requests in external authentication plugins, when more than one of them uses delayed authentication responses. deferred authentication responses. Exploitation of the...

9.8CVSS9.2AI score0.03519EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•22 views

ROS-20220217-02

Vulnerability in Mozilla Thunderbird email client, related to a boundary error in message processing email messages. Exploitation of the vulnerability could allow an attacker, acting remotely, to send an a specially crafted email to a victim, initiate an out-of-bounds entry, and execute arbitrary...

8.8CVSS9AI score0.00701EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•22 views

ROS-20220125-07

A vulnerability in the GIMP bitmap graphics editor is related to improper input validation, where the path name in the constructed command line is not escaped or filtered. Exploitation of the vulnerability could allow an attacker acting remotely to send special data to the application and execute...

7.8CVSS7.7AI score0.01439EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•22 views

ROS-20220125-06

The vulnerability in the Flatpak deployment, package management utility is due to the application not properly checks whether the permissions displayed to the user for the application during installation correspond to the actual permissions granted to the application at runtime. during installati...

8.6CVSS8.5AI score0.01346EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•22 views

ROS-2-924

2.924 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•22 views

ROS-20211223-02

LibreOffice office suite vulnerability involves improper signature verification. Exploitation The vulnerability could allow an attacker acting remotely to manipulate a document so that the content was displayed as correctly signed, even though it was not the content associated with the the...

7.5CVSS7.3AI score0.00709EPSS
Exploits0
Total number of security vulnerabilities5000