Lucene search
K
RedosMost viewed

8162 matches found

Redos
Redos
•added 2024/06/17 12:0 a.m.•21 views

ROS-20240617-01

The strongSwan daemon vulnerability is related to certificate validation errors in TLS-based EAP methods. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...

9.8CVSS7.1AI score0.02264EPSS
Exploits0
Redos
Redos
•added 2024/06/14 12:0 a.m.•21 views

ROS-20240614-01

Vulnerability of UnRAR file unzipping tool is related to incorrect restriction of the path name to the directory with restricted access. Exploitation of the vulnerability could allow a remote attacker, Overwrite arbitrary files using a specially crafted archive...

7.5CVSS7.2AI score0.98975EPSS
Exploits12
Redos
Redos
•added 2024/06/13 12:0 a.m.•21 views

ROS-20240613-03

Vulnerability in program/lib/Roundcube/rcubestringreplacer.php component of RoundCube mail client Webmail exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...

6.1CVSS6.2AI score0.58483EPSS
Exploits2
Redos
Redos
•added 2024/06/07 12:0 a.m.•21 views

ROS-20240607-03

A vulnerability in the lrzip.c:initializecontrol component of the Irzip software tool is caused by a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely, affect confidentiality, integrity and availability ...

9.8CVSS7.5AI score0.01897EPSS
Exploits2
Redos
Redos
•added 2024/05/24 12:0 a.m.•21 views

ROS-20240524-02

A vulnerability in the rlsafeeval function of the ReportLab library is related to incorrect code generation control. Exploitation of the vulnerability could allow a remote attacker to bypass security restrictions and execute arbitrary code. security restrictions and execute arbitrary code...

9.8CVSS8.2AI score0.04452EPSS
Exploits6
Redos
Redos
•added 2024/05/21 12:0 a.m.•21 views

ROS-20240521-02

Vulnerability in HTTP Digest Authentication handler of Squid proxy server is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other impact. remotely to cause a denial of service or other impact...

8.6CVSS7.2AI score0.85944EPSS
Exploits0
Redos
Redos
•added 2024/04/26 12:0 a.m.•21 views

ROS-20240426-01

A vulnerability in the pesign daemon of the systemd service initialization and management subsystem is related to the ability to path traversal. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

5.5CVSS5.6AI score0.00245EPSS
Exploits0
Redos
Redos
•added 2024/04/22 12:0 a.m.•21 views

ROS-20240422-01

Vulnerability in the OpenSC smart card software toolkit and libraries is related to a bug in the AuthentIC driver and occurs during card registration using pkcs15-init. a bug in the AuthentIC driver and occurs during the card registration process using pkcs15-init, when a user or administrator...

3.4CVSS7.1AI score0.00422EPSS
Exploits0
Redos
Redos
•added 2024/04/22 12:0 a.m.•21 views

ROS-20240422-05

The golang package vulnerability is related to errors returned from MarshalJSON methods containing data, controlled by the user. Exploitation of the vulnerability could allow an attacker acting remotely, exploit these errors to disrupt the contextual behavior of the automatic output of the packag...

7.5CVSS7.5AI score0.91969EPSS
Exploits1
Redos
Redos
•added 2024/04/04 12:0 a.m.•21 views

ROS-20240404-16

Vulnerability of builtin.c component of Gawk template reformatting component is related to operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information or cause denial of service...

7.1CVSS6.9AI score0.00428EPSS
Exploits1
Redos
Redos
•added 2024/04/03 12:0 a.m.•21 views

ROS-20230403-14

The ZeroMQ asynchronous messaging library vulnerability is related to causing a stack buffer overflow on the server by sending specially crafted topic subscription requests and then unsubscribing. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial o...

9.8CVSS6.8AI score0.01602EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•21 views

ROS-20240402-15

A vulnerability in the virtuoso-opensource web application development platform is related to the invocation of a denial of Denial of Service DoS using specially crafted SQL statements. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

8.8CVSS7.2AI score0.00894EPSS
Exploits5
Redos
Redos
•added 2024/03/28 12:0 a.m.•21 views

ROS-20240328-02

A vulnerability in the gagrowinner function of the vim text editor, protocol for software Unix is caused by an by an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.7AI score0.00366EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•21 views

ROS-2-1355

2.1355 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•21 views

ROS-2-994

2.994 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•21 views

ROS-2-992

2.992 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•21 views

ROS-2-1316

2.1316 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.5AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•21 views

ROS-2-970

2.970 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•21 views

ROS-2-1337

2.1337 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS10AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2023/09/18 12:0 a.m.•21 views

ROS-20230914-06

Vulnerability of Iperf3 network bandwidth measurement tool is related to integer overflow when processing field lengths. Exploitation of the vulnerability could allow an intruder, acting remotely to cause a denial of service...

7.5CVSS7AI score0.01703EPSS
Exploits0
Redos
Redos
•added 2023/08/30 12:0 a.m.•21 views

ROS-20230830-01

The vulnerability of the Floating Frames component of the LibreOffice office software package is related to flaws in access control. in access control. Exploiting the vulnerability could allow an attacker to perform a spoofing attack using a specially crafted file A vulnerability in the Spreadshe...

7.8CVSS7AI score0.02244EPSS
Exploits2
Redos
Redos
•added 2023/08/07 12:0 a.m.•21 views

ROS-20230807-01

A vulnerability in the OpenLDAP protocol implementation is related to the failure to take measures to protect the SQL query structure. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity, and availability of protected information by using a specially...

9.8CVSS7.2AI score0.69899EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•21 views

ROS-2-1584

2.1584 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•21 views

ROS-2-1237

2.1237 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

7.4AI score0.01092EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•21 views

ROS-2-999

2.999 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS9.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•21 views

ROS-2-1444

2.1444 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS10AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2022/05/30 12:0 a.m.•21 views

ROS-20220530-01

A vulnerability in the Vim text editor is related to boundary conditions in the getonesourceline function. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a read error outside the boundary conditions, and...

7.8CVSS7.4AI score0.00373EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•21 views

ROS-20220125-05

A vulnerability in the GNU Mailman email distribution management package is related to insufficient validation of the source of an HTTP request. the source of the HTTP request. Exploitation of the vulnerability could allow a remote attacker, cause a victim to visit a customized web page and perfo...

8.8CVSS8.5AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•21 views

ROS-2-1463

2.1463 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/12/24 12:0 a.m.•21 views

ROS-2-1548

2.1548 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1518

2.1518 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-508

2.508 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.08026EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1277

2.1277 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1224

2.1224 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8.1AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1326

2.1326 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-976

2.976 Remote code execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-803

2.803 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.5AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-892

2.892 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS9.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1009

2.1009 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1183

2.1183 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker...

9.8CVSS7.4AI score0.23293EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1267

2.1267 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

6.7CVSS7AI score0.01092EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1241

2.1241 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-820

2.820 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromise...

9.8CVSS9.2AI score0.02377EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-793

2.793 VLC vulnerability CVE-2021-3185 1. Vulnerability description: Vulnerability in the implementation of the h264parse module developed by the GStreamer project included in the gstreamer-plugins-bad set. The issue is caused by a buffer overflow in the gsth264sliceparsedecrefpicmarking function...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-648

2.648 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

9.8CVSS9.6AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-571

2.571 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-493

2.493 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

9.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-952

2.952 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-579

2.579 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

6CVSS6.8AI score0.0094EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1170

2.1170 Vulnerabilities in Squid Proxy Server 1. Vulnerability description: Issues are present in the code processing the "@" block at the beginning of a URL "user@host" and allow bypassing access restriction rules, poisoning cache contents and performing a cross-site scripting attack.Identifier o...

6.7CVSS6.9AI score0.00465EPSS
Exploits0
Total number of security vulnerabilities5000