Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
added 2022/03/29 12:0 a.m.22 views

ROS-20220329-03

Vulnerability in the implementation of OpenVPN virtual private network technology due to a bug in the processing of authentication requests in external authentication plugins, when more than one of them uses delayed authentication responses. deferred authentication responses. Exploitation of the...

9.8CVSS9.2AI score0.03519EPSS
Exploits0
Redos
Redos
added 2022/02/22 12:0 a.m.22 views

ROS-20220217-02

Vulnerability in Mozilla Thunderbird email client, related to a boundary error in message processing email messages. Exploitation of the vulnerability could allow an attacker, acting remotely, to send an a specially crafted email to a victim, initiate an out-of-bounds entry, and execute arbitrary...

8.8CVSS9AI score0.00701EPSS
Exploits0
Redos
Redos
added 2022/02/01 12:0 a.m.22 views

ROS-20220125-07

A vulnerability in the GIMP bitmap graphics editor is related to improper input validation, where the path name in the constructed command line is not escaped or filtered. Exploitation of the vulnerability could allow an attacker acting remotely to send special data to the application and execute...

7.8CVSS7.7AI score0.01439EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.22 views

ROS-2-437

2.437 Multiple Vulnerabilities in Moodle 1. Vulnerability description: The vulnerability discovered allows a remote attacker to perform cross-site scripting XSS attacks. The vulnerability allows a remote user to gain unauthorized access to other restricted features. Vulnerability allows a remote...

7.7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.22 views

ROS-20211223-02

LibreOffice office suite vulnerability involves improper signature verification. Exploitation The vulnerability could allow an attacker acting remotely to manipulate a document so that the content was displayed as correctly signed, even though it was not the content associated with the the...

7.5CVSS7.3AI score0.00709EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1378

2.1378 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-575

2.575 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.8CVSS7.3AI score0.08026EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-503

2.503 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

9.8CVSS8.3AI score0.03636EPSS
Exploits8
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-940

2.940 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

9.8CVSS9.4AI score0.19431EPSS
Exploits3
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1385

2.1385 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-723

2.723 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS9.1AI score0.05984EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-856

2.856 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-572

2.572 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS8AI score0.05984EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1407

2.1407 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01905EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-885

2.885 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS9AI score0.01905EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-632

2.632 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS7.7AI score0.04006EPSS
Exploits2
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-979

2.979 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

9.8CVSS7.8AI score0.95785EPSS
Exploits8
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1601

2.1601 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9.1AI score0.04006EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-469

2.469 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726...

7.8CVSS7.3AI score0.02391EPSS
Exploits2
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1306

2.1306 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9.1AI score0.01905EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-495

2.495 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.8CVSS7.5AI score0.99295EPSS
Exploits81
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-671

2.671 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

9.8CVSS8.1AI score0.03636EPSS
Exploits7
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-679

2.679 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS7.6AI score0.01861EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-823

2.823 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1392

2.1392 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.8CVSS10AI score0.52838EPSS
Exploits10
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1728

2.1728 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
added 1976/01/01 12:0 a.m.22 views

ROS-2-1509

2.1509 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
added 1976/01/01 12:0 a.m.22 views

ROS-2-4692

2.4692 Notice of Update for SZI Operating System “RED OS” No. RU.29926343.02.01-01-23 Due to improvements in quality and correction of errors, a updated version of the SZI Operating System “RED OS” 7.3 has been released. For inquiries regarding updates and obtaining necessary materials, you may...

5.7AI score
Exploits0
Redos
Redos
added 2026/05/08 12:0 a.m.21 views

ROS-20260508-73-0004

Vulnerability in rubygem-activesupport related to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.1CVSS6.2AI score0.00327EPSS
Exploits0
Redos
Redos
added 2025/05/13 12:0 a.m.21 views

ROS-2-525

2.525 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.1AI score0.03582EPSS
Exploits1
Redos
Redos
added 2025/05/13 12:0 a.m.21 views

ROS-2-631

2.631 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2025/05/13 12:0 a.m.21 views

ROS-2-522

2.522 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS9.4AI score0.0199EPSS
Exploits0
Redos
Redos
added 2025/04/03 12:0 a.m.21 views

ROS-20250403-16

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to an incorrect checking of X-Sendfile-Type header input in Rack::Sendfile during processing. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate log entries...

7.5CVSS7.1AI score0.00699EPSS
Exploits0
Redos
Redos
added 2025/01/09 12:0 a.m.21 views

ROS-20250109-03

Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability of the GLPI system...

9.3CVSS7.5AI score0.36733EPSS
Exploits0
Redos
Redos
added 2024/12/16 12:0 a.m.21 views

ROS-20241216-02

Vulnerability of zbxsnmpcachehandleengineid function of Universal Monitoring System proxy server Zabbix is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Zabbix...

8.8CVSS8AI score0.00797EPSS
Exploits1
Redos
Redos
added 2024/12/16 12:0 a.m.21 views

ROS-20241216-05

A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...

8.8CVSS6.6AI score0.00797EPSS
Exploits1
Redos
Redos
added 2024/12/11 12:0 a.m.21 views

ROS-20241211-09

A vulnerability in the Expressions feature of the Grafana monitoring and surveillance platform is related to improper code generation control. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code by injecting specially crafted SQL queries A vulnerability in the...

9.9CVSS8.4AI score0.97781EPSS
Exploits10
Redos
Redos
added 2024/11/27 12:0 a.m.21 views

ROS-20241127-03

A vulnerability in the net/smc components of the Linux operating system kernel is related to information disclosure in the function smcibfindroute in net/smc/smcib.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the e1000e...

9.1CVSS7.7AI score0.00923EPSS
Exploits0
Redos
Redos
added 2024/11/13 12:0 a.m.21 views

ROS-20241112-04

Vulnerability of http requests of CurlAsyncHTTPClient component of Tornado asynchronous network library is related to improper neutralization of CRLF sequences. Exploitation of the vulnerability could allow an attacker acting remotely to inject arbitrary headers into a request or cause an...

7.2AI score
Exploits0
Redos
Redos
added 2024/11/01 12:0 a.m.21 views

ROS-20241101-01

A vulnerability in the sysfs component of the Linux operating system kernel is related to excessive output in the sysfsbreakactiveprotection function in fs/sysfs/file.c. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information Vulnerability in the clk...

7.8CVSS7.6AI score0.00423EPSS
Exploits0
Redos
Redos
added 2024/10/25 12:0 a.m.21 views

ROS-20241025-01

A vulnerability in the netlink component of the Linux kernel is related to the use of an uninitialized resource in the sizeof function in lib/nlattr.c. uninitialized resource in the sizeof function in lib/nlattr.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...

5.5CVSS6.6AI score0.0024EPSS
Exploits0
Redos
Redos
added 2024/10/25 12:0 a.m.21 views

ROS-20241024-03

Vulnerability of idxd components of the Linux operating system kernel is related to resource management errors in the idxdcleanupinternals and idxdinitevl functions in drivers/dma/idxd/init.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

5.5CVSS6.2AI score0.00272EPSS
Exploits0
Redos
Redos
added 2024/10/22 12:0 a.m.21 views

ROS-20241021-10

The vulnerability of the SI library for asynchronous DNS c-ares queries is related to failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive data, compromis...

6.8CVSS7AI score0.02617EPSS
Exploits1
Redos
Redos
added 2024/10/08 12:0 a.m.21 views

ROS-20241008-09

A vulnerability in the ZFS file system implementation and the OpenZFS open source volume manager is related to replacing the contents of a file with null-valued bytes. Exploitation of the vulnerability could allow an attacker acting remotely to disable security mechanisms...

7.5CVSS6.7AI score0.01158EPSS
Exploits1
Redos
Redos
added 2024/10/04 12:0 a.m.21 views

ROS-20241004-03

Vulnerability in the Ceph storage driver net/ceph/messengerv2.c of the kernel of the operating systems Linux kernel is related to operation out of buffer boundaries in memory when processing frame segment length with the parameter cephdecode32. Exploitation of the vulnerability could allow an...

8.8CVSS7.7AI score0.54577EPSS
Exploits1
Redos
Redos
added 2024/10/02 12:0 a.m.21 views

ROS-20241001-16

The compiler vulnerability for writing Babel JavaScript code is related to the use of plugins that rely on Babel's internal path.evaluate or path.evaluateTruthy methods. Exploitation of the of the vulnerability could allow an attacker to execute arbitrary code...

9.3CVSS7.6AI score0.0052EPSS
Exploits0
Redos
Redos
added 2024/09/27 12:0 a.m.21 views

ROS-20240927-01

Vulnerability of FFmpeg multimedia library function loadinputpicture is related to buffer copying without checking input data size. checking the size of the input data. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in interpolate component...

7.8CVSS7.9AI score0.00355EPSS
Exploits1
Redos
Redos
added 2024/09/19 12:0 a.m.21 views

ROS-20240918-14

A vulnerability in Asterisk and Certified Asterisk IP telephony management systems is related to errors in sending a SIP request to a URI. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service and shutdown...

5.7CVSS6.7AI score0.00553EPSS
Exploits0
Redos
Redos
added 2024/09/19 12:0 a.m.21 views

ROS-20240918-13

A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to storing the plaintext values of client tokens and token accessors in the audit log auditing. Exploitation of the vulnerability could allow an attacker to gain access to sensitive...

6.5CVSS6.8AI score0.00474EPSS
Exploits0
Redos
Redos
added 2024/09/11 12:0 a.m.21 views

ROS-20240911-10

A vulnerability in the Python PyJWT implementation of JWT is related to the lack of locking of some public key formats. key formats. Exploitation of the vulnerability allows an attacker acting remotely to affect the data integrity...

7.5CVSS6.7AI score0.012EPSS
Exploits0
Total number of security vulnerabilities5000