Lucene search
K
RedosMost viewed

8244 matches found

Redos
Redos
•added 2024/09/19 12:0 a.m.•22 views

ROS-20240918-11

A vulnerability in the libpcap library's freeaddrinfo function is related to calling freeaddrinfo for the same allocated memory block. same allocated block of memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

4.4CVSS4.7AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•22 views

ROS-20240919-03

A vulnerability in the nommu component of the Linux operating system kernel is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm component of the Linux kernel is related to NULL pointer dereferencing...

5.5CVSS6.5AI score0.00208EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•22 views

ROS-20240917-06

A glitch in the sessionlogin.cgi script of the Webmin hosting control panel and web interface for unix-like systems Usermin exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a...

6.1CVSS7AI score0.004EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-09

A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...

5.5CVSS7.2AI score0.05794EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-12

A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00535EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-02

Vulnerability of Microsoft .NET software platforms and Microsoft software development tools Visual Studio is related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

6.3CVSS6.9AI score0.01248EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•22 views

ROS-20240902-13

A vulnerability in the Go Getter library is related to a Git update for an existing maliciously modified Git configuration. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS6.8AI score0.00973EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•22 views

ROS-20240828-02

A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.8CVSS7.6AI score0.00748EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•22 views

ROS-20240827-06

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...

6.1CVSS6.2AI score0.01119EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•22 views

ROS-20240826-17

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service Vulnerability of...

9.3CVSS6.4AI score0.83387EPSS
Exploits9
Redos
Redos
•added 2024/08/20 12:0 a.m.•22 views

ROS-20240820-05

A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...

3.1CVSS6.5AI score0.00601EPSS
Exploits0
Redos
Redos
•added 2024/08/16 12:0 a.m.•22 views

ROS-20240816-06

The vulnerability in OpenVPN software is related to the lack of resource release after the resource expires. the resource's expiration date. Exploitation of the vulnerability could allow an attacker to "save a session" even if the the server has been ordered to disconnect that client...

4.3CVSS6.7AI score0.00665EPSS
Exploits0
Redos
Redos
•added 2024/08/12 12:0 a.m.•22 views

ROS-20240812-07

Squid proxy server vulnerability is related to uncontrolled resource consumption as a result of filtering and data reduction to an unsafe value when processing HTTP header length. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service by...

7.5CVSS6.7AI score0.88864EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•22 views

ROS-20240806-07

A vulnerability in the Fake Authentication Result Handler component of OpenDKIM DKIM filter software is related to the lack of sequence number verification when deleting fake fields. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity...

5.3CVSS6.8AI score0.00575EPSS
Exploits0
Redos
Redos
•added 2024/07/31 12:0 a.m.•22 views

ROS-20240731-03

A vulnerability in the MXF file parser of the Gstreamer multimedia framework is related to an operation exceeding the boundaries of a buffer in memory. buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7.1AI score0.01744EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•22 views

ROS-20240730-12

Vulnerability in Django web application software platform is related to unrestricted resource allocation. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service DoS. denial of service DoS...

7.5CVSS6.6AI score0.49774EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•22 views

ROS-20240726-02

A vulnerability in the HAProxy server software is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.6AI score0.01834EPSS
Exploits0
Redos
Redos
•added 2024/07/17 12:0 a.m.•22 views

ROS-20240717-04

Vulnerability in img2txt function of libcaca graphics library is related to division by zero. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...

6.5CVSS6.8AI score0.02752EPSS
Exploits1
Redos
Redos
•added 2024/07/17 12:0 a.m.•22 views

ROS-20240717-06

A vulnerability in the GnuTLS transport layer security library is related to the disclosure of confidential information to an unauthorized person. information to an unauthorized person. Exploitation of the vulnerability could allow an attacker acting remotely to cause a data breach...

5.3CVSS6.8AI score0.00718EPSS
Exploits0
Redos
Redos
•added 2024/07/15 12:0 a.m.•22 views

ROS-20240712-03

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a request flow within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementation is...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/06/26 12:0 a.m.•22 views

ROS-20240626-08

A vulnerability in the ISO 9660 Image File Handler component of the libcdio library is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

8.4CVSS7.8AI score0.00363EPSS
Exploits1
Redos
Redos
•added 2024/06/18 12:0 a.m.•22 views

ROS-20240618-02

Vulnerability in util/gif2rgb.c file of GIFLIB library for working with GIF files is related to memory leakage through a gif file. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...

8.8CVSS6.4AI score0.01533EPSS
Exploits1
Redos
Redos
•added 2024/06/17 12:0 a.m.•22 views

ROS-20240617-02

A vulnerability in the bgpd/bgpattr.c file of a software tool for implementing network routing on Unix-like FRRouting systems is related to read outside bgpattraigpvalid bounds, as there are no AIGP checks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denia...

9.8CVSS7.4AI score0.0096EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•22 views

ROS-20240611-16

A vulnerability in the gitpython package is related to external git calls without sufficiently cleaning up input arguments. Exploitation of the vulnerability could allow an attacker acting remotely to inject a malicious remote URL into a clone command...

9.8CVSS6.7AI score0.05378EPSS
Exploits1
Redos
Redos
•added 2024/06/06 12:0 a.m.•22 views

ROS-20240606-02

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

5.2CVSS6.6AI score0.00756EPSS
Exploits1
Redos
Redos
•added 2024/06/06 12:0 a.m.•22 views

ROS-20240606-06

A vulnerability in the yajltreeparse function of the YAJL-ruby JSON library is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

6.5CVSS6.6AI score0.01129EPSS
Exploits1
Redos
Redos
•added 2024/04/22 12:0 a.m.•22 views

ROS-20240422-08

A vulnerability in the TC flower packet management filter of the software-defined multi-tiered Open vSwitch OvS switch is related to flaws in the handling of exceptional states resulting from an incorrect validation of Geneve packet metadata. incorrect validation of Geneve packet metadata...

7.5CVSS7.2AI score0.01033EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•22 views

ROS-20240418-03

A vulnerability in the underlying authentication system of the Grafana web presentation tool is related to flaws in the authorization mechanism when processing the verifyemailenabled parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass email verification...

5.4CVSS7.5AI score0.01385EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-03

A vulnerability in the Libvirt virtualization management library is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.5CVSS7AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-06

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...

5.3CVSS6.9AI score0.00915EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•22 views

ROS-20240409-09

Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...

5.5CVSS7AI score0.00432EPSS
Exploits5
Redos
Redos
•added 2024/04/08 12:0 a.m.•22 views

ROS-20240408-18

A vulnerability in the makeftpcmd component of the ProFTPD FTP server is related to a single-byte read outside the of the allowed range. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.7AI score0.04249EPSS
Exploits1
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240404-20

A vulnerability in the Vorbis-tools package is related to the conversion of wav files to ogg files. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS6.7AI score0.00448EPSS
Exploits1
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240403-04

Vulnerability of onstreamio and dnsstreamcomplete functions of the subsystem of initialization and management of services Systemd is related to not incrementing the reference count for the DnsStream object. Exploitation of the vulnerability could allow a remote intruder to violate the integrity a...

9.8CVSS6.8AI score0.01052EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•22 views

ROS-20240403-06

A vulnerability in the adodbaddslashes function of the adodb library is related to improper authentication. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication...

9.1CVSS7AI score0.0217EPSS
Exploits1
Redos
Redos
•added 2024/04/03 12:0 a.m.•22 views

ROS-20240402-22

Moodle virtual learning environment vulnerability is related to lack of additional comment cleanup Wiki. Exploitation of the vulnerability could allow an attacker acting remotely to perform a cross-site scripting attacks XSS A vulnerability in the Moodle virtual learning environment is related to...

9.8CVSS6.5AI score0.0137EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-805

2.805 Vulnerability in OpenVPN CVE-2020-11810 1. Vulnerability description: A corrective release of the OpenVPN Virtual Private Networking Package 2.4.9 has been generated. The new version addresses a vulnerability CVE-2020-11810 that allows a client session to be transferred to a new IP address...

3.7CVSS7.2AI score0.01609EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-1573

2.1573 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS7.6AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-466

2.466 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

8.4AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-455

2.455 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6CVSS7.1AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•22 views

ROS-2-1169

2.1169 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted...

7.8CVSS8.4AI score0.02391EPSS
Exploits0
Redos
Redos
•added 2023/09/08 12:0 a.m.•22 views

ROS-20230908-08

A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to to override text direction in file names. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct spoofing attacks...

7.5CVSS6.9AI score0.00556EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•22 views

ROS-20230825-06

A vulnerability in the Yasm assembler is related to null pointer dereferencing in /libyasm/intnum.c and /elf/elf.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service through a crafted file...

5.5CVSS6.7AI score0.00338EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1297

2.1297 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1319

2.1319 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.3AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-607

2.607 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-907

2.907 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-858

2.858 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-1167

2.1167 Vulnerability in X.Org Server and libX11 CVE-2020-14347, CVE-2020-14344 1. Vulnerability Description: CVE-2020-14347 - Failure to initialize memory when allocating buffers for pixmaps using the AllocatePixmap call could cause the X client to leak memory contents from the heap when the X...

6.7CVSS7.8AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•22 views

ROS-2-539

2.539 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

9.8CVSS8.6AI score0.05984EPSS
Exploits0
Total number of security vulnerabilities5000