Lucene search
K
RedosMost viewed

7975 matches found

Redos
Redos
•added 2023/09/05 12:0 a.m.•86 views

ROS-20230905-01

A vulnerability in the Bluetooth permission verification subsystem of the Linux kernel is associated with errors in the processing of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands by sending specially crafted requests...

9.8CVSS7.8AI score0.0406EPSS
Exploits3
Redos
Redos
•added 2022/04/07 12:0 a.m.•85 views

ROS-20220407-03

A vulnerability in the Python client library is related to insufficient validation of user input data in the FTP File Transfer Protocol library when used in PASV passive mode in the FTP File Transfer Protocol library when it is used in PASV passive mode. Exploitation the vulnerability could allow...

7.5CVSS6.7AI score0.08325EPSS
Exploits1
Redos
Redos
•added 2022/03/17 12:0 a.m.•86 views

ROS-20220317-01

Apache HTTP Server web server vulnerability is related to a bounds error in LimitXMLRequestBody. Exploitation vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system Apache HTTP Server web server vulnerability is related to...

9.8CVSS9.3AI score0.69803EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•84 views

ROS-20240918-06

Vulnerability of DNS-server Unbound is related to the possibility of forming a pulse stream of a large number of requests to the server using responses from DNS resolvers. DNS server Unbound vulnerability is related to the possibility of generating a pulse flow of a large number of requests to th...

7.5CVSS7AI score0.01729EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•83 views

ROS-20250402-01

The vulnerability of the urllib.parse.urlsplit and urlparse functions of the Python programming language interpreter is related to the fact that urllib.parse.urlsplit and urlparse accept domain names with square brackets. Exploiting the vulnerability could allow an attacker to escalate their...

6.3CVSS7.3AI score0.01499EPSS
Exploits0
Redos
Redos
•added 2025/03/11 12:0 a.m.•83 views

ROS-20250311-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to an incorrect lock in the function f2fshandlecriticalerror in fs/f2fs/super.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in rtl2830pidfilter function ...

9.1CVSS7.5AI score0.01367EPSS
Exploits0
Redos
Redos
•added 2025/03/07 12:0 a.m.•83 views

ROS-20250307-08

The vulnerability of the objdump.c file of the GNU Binutils development tool is related to bounds errors in the disassemblebytes function in binutils/objdump.c in the nm binary. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.5CVSS8AI score0.00732EPSS
Exploits1
Redos
Redos
•added 2025/02/13 12:0 a.m.•83 views

ROS-20250212-18

A vulnerability in the "Host Monitoring" component of the Zabbix universal monitoring system is related to incorrect code generation control. code generation control. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by injecting it into the ping...

9.9CVSS7.1AI score0.01603EPSS
Exploits0
Redos
Redos
•added 2022/02/25 12:0 a.m.•83 views

ROS-20220225-01

Expat parsing library vulnerability, related to integer overflow in copyString. Exploitation vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause a denial of service condition on the target system. data, trigg...

9.8CVSS9.3AI score0.33936EPSS
Exploits1
Redos
Redos
•added 2025/04/02 12:0 a.m.•82 views

ROS-20250402-09

The libexpat XML file parsing library vulnerability is related to boundary errors in the processing of XML content. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...

7.5CVSS7.3AI score0.01569EPSS
Exploits0
Redos
Redos
•added 2025/03/11 12:0 a.m.•82 views

ROS-20250311-04

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/02/19 12:0 a.m.•82 views

ROS-20250219-04

A vulnerability in Git's distributed version control system is related to a flaw in the mechanism for encoding or shielding of output data. Exploitation of the vulnerability allows a remote attacker, gain access to sensitive data Vulnerability in the ANSI Escape Sequence Handler component of the...

7.5CVSS6.6AI score0.01019EPSS
Exploits0
Redos
Redos
•added 2023/01/12 12:0 a.m.•82 views

ROS-20230112-01

A vulnerability in the Squid caching proxy server is related to inconsistent processing of internal URIs. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL manager protections and gain access to cache manager information, which includes records about the...

6.5CVSS7.1AI score0.0169EPSS
Exploits0
Redos
Redos
•added 2022/09/19 12:0 a.m.•82 views

ROS-20220919-01

A vulnerability in the Linux kernel's implementation of the CAN BCM protocol is caused by synchronization errors when utilizing a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges Vulnerability of the legacyparseparam function of the Linux...

9CVSS8.3AI score0.78684EPSS
Exploits68
Redos
Redos
•added 2025/03/11 12:0 a.m.•81 views

ROS-20250311-05

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/07 12:0 a.m.•81 views

ROS-20250307-01

A vulnerability in the readline.sh component of the socket forwarding utility from the host machine is related to the use of a predictable temporary file name in readline.sh. the use of a predictable temporary file name in readline.sh. Exploitation of the vulnerability could allow an attacker...

9.8CVSS7.2AI score0.00794EPSS
Exploits0
Redos
Redos
•added 2025/03/07 12:0 a.m.•81 views

ROS-20250307-13

A vulnerability in the VerifyHostKeyDNS component of the OpenSSH cryptographic protection tool is related to flaws in error handling during host key verification. in error handling during host key verification. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct...

6.8CVSS6.2AI score0.06997EPSS
Exploits4
Redos
Redos
•added 2025/03/07 12:0 a.m.•81 views

ROS-20250307-05

A vulnerability in the OpenSSL library is related to a temporary side-channel in the ECDSA signature computation. Exploitation of the vulnerability could allow a remote attacker to recover the private key...

4.1CVSS7.2AI score0.00601EPSS
Exploits0
Redos
Redos
•added 2025/03/07 12:0 a.m.•81 views

ROS-20250307-11

A vulnerability in the src/main.c file of the vim text editor is related to manipulation of the -log argument, resulting in memory corruption. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the strtoreg function of the src/main....

7.8CVSS7.2AI score0.00492EPSS
Exploits1
Redos
Redos
•added 2025/02/13 12:0 a.m.•81 views

ROS-20250212-17

A vulnerability in the Mark-of-the-Web protection mechanism of the 7-Zip archiver is related to a breach of the data protection mechanism. data protection mechanism. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user...

7CVSS7.7AI score0.67071EPSS
Exploits8
Redos
Redos
•added 2025/03/07 12:0 a.m.•80 views

ROS-20250307-02

A vulnerability in the Subversion centralized version control system is related to insufficient validation of file names when serving repositories via moddavsvn. file names when serving repositories via moddavsvn. Exploitation of the vulnerability could allow an attacker acting remotely to cause ...

4.3CVSS7AI score0.01905EPSS
Exploits1
Redos
Redos
•added 2025/03/07 12:0 a.m.•80 views

ROS-20250307-10

Vulnerability in nginx software is related to TLS session resumption when processing client certificate client certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, an attacker could bypass the authentication process...

5.3CVSS7.4AI score0.02557EPSS
Exploits0
Redos
Redos
•added 2025/02/26 12:0 a.m.•80 views

ROS-20250226-10

Vulnerabilities in the Hotspot components of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines are related to flaws in the authorization mechanism. for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to a flaw...

4.8CVSS5.5AI score0.00971EPSS
Exploits0
Redos
Redos
•added 2023/04/07 12:0 a.m.•80 views

ROS-20230407-03

A vulnerability in the OpenSSL cryptographic library is related to the validation of X.509 certificate chains that include policy restrictions. Exploitation of the vulnerability could allow an attacker acting remotely, to create a malicious certificate chain that triggers exponential utilization ...

7.5CVSS7.5AI score0.03658EPSS
Exploits0
Redos
Redos
•added 2023/01/12 12:0 a.m.•80 views

ROS-20230112-02

A vulnerability in the Vim text editor is related to a boundary error in the msgputsprintf0 function in message.c. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a heap buffer overflow, and execute arbitra...

7.8CVSS8.2AI score0.00518EPSS
Exploits3
Redos
Redos
•added 2021/12/24 12:0 a.m.•80 views

ROS-20211223-04

Apache HTTP server vulnerability is related to buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to send a special HTTP request to a vulnerable web server, cause a buffer overflow, and execute arbitrary code on the target system. buffer overflow and execut...

9.8CVSS9.9AI score0.97108EPSS
Exploits4
Redos
Redos
•added 2025/02/26 12:0 a.m.•79 views

ROS-20250226-11

Vulnerabilities in the Hotspot components of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines are related to flaws in the authorization mechanism. for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to a flaw...

4.8CVSS5.5AI score0.00971EPSS
Exploits0
Redos
Redos
•added 2025/02/13 12:0 a.m.•79 views

ROS-20250212-13

Vulnerability in the ntpd daemon implementation of the NTP time synchronization protocol is related to insufficient validation of user input during NTP packet processing. user input during NTP packet processing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

7.5CVSS6.9AI score0.04071EPSS
Exploits0
Redos
Redos
•added 2025/02/26 12:0 a.m.•78 views

ROS-20250226-08

A vulnerability in the OpenJPEG image encoding and decoding library is related to memory boundary errors. memory boundary errors. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the OpenJPEG image encoding and decoding library is related to a...

5.6CVSS6.1AI score0.00309EPSS
Exploits0
Redos
Redos
•added 2025/02/26 12:0 a.m.•78 views

ROS-20250226-14

A vulnerability in the gzipdowrite function of the zlib compression library of the cURL command-line utility is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the ASLR protection mechanism, execute arbitrary code, or cause a denia...

7.3CVSS7.4AI score0.01168EPSS
Exploits2
Redos
Redos
•added 2025/02/12 12:0 a.m.•78 views

ROS-20250212-03

A vulnerability in the cpython module of the Python programming language is related to improper input validation in module venv module when creating a virtual environment. Exploitation of the vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.8AI score0.00647EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•78 views

ROS-20250109-01

A NetworkManager network connection management vulnerability involves the injection of corrupted LLDP packets. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

3.1CVSS7.3AI score0.00447EPSS
Exploits0
Redos
Redos
•added 2025/02/12 12:0 a.m.•77 views

ROS-20250212-06

A vulnerability in the oggvorbis.c component of the libsndfile audio file reading and writing library is related to a boundary condition violation in the vorbisanalysiswrote function in oggvorbis.c. a boundary condition violation in the vorbisanalysiswrote function in oggvorbis.c. Exploitation of...

5.5CVSS7.6AI score0.00308EPSS
Exploits1
Redos
Redos
•added 2023/02/10 12:0 a.m.•77 views

ROS-20230210-04

A vulnerability in the Redis database management system DBMS is related to the setrange and sort ro commands. Exploitation of the vulnerability could allow an attacker acting remotely to cause an integer overflow, resulting in the allocation of unacceptable amounts of memory...

5.5CVSS6AI score0.33269EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•76 views

ROS-20250417-04

A vulnerability in the numbers.ct file of the libxslt library is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in libxslt library's xsltGetInheritedNsList function is related to memory usage after...

7.8CVSS7.3AI score0.00324EPSS
Exploits4
Redos
Redos
•added 2021/12/24 12:0 a.m.•75 views

ROS-20211223-01

Vulnerability in the JNDI component of Apache Log4j2 Java program logging library is related to errors in the data deserialization errors. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability in Log4j Java program logging library exists d...

9CVSS8.6AI score0.99999EPSS
Exploits42
Redos
Redos
•added 2022/09/20 12:0 a.m.•74 views

ROS-20220920-01

The grubscriptfunctioncreate function of the Grub configuration file has a vulnerability due to a function override error. function override error while this function is already executed. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its...

8.2CVSS7.9AI score0.01738EPSS
Exploits1
Redos
Redos
•added 2022/12/22 12:0 a.m.•73 views

ROS-20221222-02

A vulnerability in the cURL command-line utility is related to a bounds error in parsing the .netrc file. Exploitation vulnerability could allow an attacker acting remotely to transfer a specially crafted file, cause a stack-based buffer overflow, and perform a denial of service DoS attack The cU...

6.5CVSS8AI score0.01761EPSS
Exploits1
Redos
Redos
•added 2022/06/28 12:0 a.m.•73 views

ROS-20220628-01

A vulnerability in the Apache HTTP web server is related to insufficient validation of user-entered data during the HTTP requests to the lua script that calls r:parsebody0. Exploitation of the vulnerability could allow an attacker acting remotely to send a very large HTTP request to a vulnerable...

9.8CVSS8.3AI score0.90407EPSS
Exploits2
Redos
Redos
•added 2022/04/13 12:0 a.m.•73 views

ROS-20220413-01

Vulnerability in drivers/usb/gadget/composite.c driver of Linux kernel is related to an operation exceeding the memory buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the implementatio...

9.1CVSS7.9AI score0.06197EPSS
Exploits31
Redos
Redos
•added 2024/03/29 12:0 a.m.•72 views

ROS-20240329-20

Vulnerability in the virNWFilterObjListNumOfNWFilters method of the Libvirt virtualization management library is due to with insufficient blocking. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service Vulnerability in virStoragePoolLookupByTargetPath API...

6.5CVSS5.3AI score0.01334EPSS
Exploits1
Redos
Redos
•added 2023/06/19 12:0 a.m.•72 views

ROS-20230619-05

A vulnerability in the pip module of the Python programming language is related to incorrect input validation in the Policy component python-pip in Oracle Communications Cloud Native Core Policy. Exploitation The vulnerability could allow an attacker acting remotely to manipulate data. The...

7.5CVSS7.4AI score0.03028EPSS
Exploits3
Redos
Redos
•added 2022/09/29 12:0 a.m.•70 views

ROS-20220929-01

BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker, acting remotely, using a managed DNS server to cause a read error outside the boundary...

8.2CVSS7.2AI score0.02198EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•69 views

ROS-20240919-02

Vulnerability of the reweightentity function of the sched component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity, and availability. A...

7.8CVSS7.2AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2023/04/14 12:0 a.m.•69 views

ROS-20230414-03

The curl program vulnerability is related to the handling of IDN characters in hostnames, the HSTS mechanism can be bypassed, if the hostname in the specified URL first uses IDN characters that are replaced with ASCII analogs during IDN conversion, then in a subsequent request it does not detect...

7.5CVSS7.7AI score0.17011EPSS
Exploits1
Redos
Redos
•added 2023/02/10 12:0 a.m.•69 views

ROS-20230210-03

Vulnerability of GNU C Libraryglibc system calls and basic functions library is related to buffer overflow in monstartup function of Call Graph Monitor component in gmon.c file. buffer overflow in monstartup function of gmon.c file of Call Graph Monitor component. Exploiting the vulnerability cou...

9.8CVSS9.5AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2022/11/08 12:0 a.m.•69 views

ROS-20221108-01

A vulnerability in the cURL command line utility is related to an error in parsing URLs with IDN characters that are replaced by ASCII analogs during IDN conversion. Exploitation of the vulnerability could allow an attacker acting remotely to bypass curl's HSTS inspection and force it to Use the...

8.1CVSS8.5AI score0.02927EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•69 views

ROS-20211223-07

BusyBox command line utility suite vulnerability is related to reading beyond memory boundaries. Exploitation The vulnerability could allow an attacker acting remotely to cause a read outside bounds error and read the contents of memory on the system or perform a denial of service DoS attack. A...

7.2CVSS7.3AI score0.02793EPSS
Exploits1
Redos
Redos
•added 2023/02/10 12:0 a.m.•68 views

ROS-20230210-02

The X.Org Server vulnerability is related to the fact that after calling free a pointer bound to the buffer did not have the NULL sign, which led to further access to the buffer after its freeing use-after-free in the DeepCopyPointerClasses function used in the X Input extension...

7.8CVSS8AI score0.00899EPSS
Exploits0
Redos
Redos
•added 2022/12/20 12:0 a.m.•68 views

ROS-20221220-01

A vulnerability in the ath9khtcwaitfortarget function of the Atheros wireless adapter driver of the kernel of the operating system Linux kernel is associated with a post-release usage error. Exploitation of the vulnerability could allow an attacker to access kernel memory by typing a specially...

8.8CVSS8AI score0.05561EPSS
Exploits18
Total number of security vulnerabilities5000