Lucene search
K
RedosMost viewed

8215 matches found

Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-508

2.508 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.08026EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1277

2.1277 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1224

2.1224 Vulnerability in firefox browser CVE-2020-6819 and CVE-2020-6820 1. Vulnerability description: Two critical vulnerabilities have been discovered that could lead to the execution of attacker code when processing specially formatted content. It is warned that facts of using these...

8.1CVSS8.1AI score0.06305EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-675

2.675 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

10CVSS8.1AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1267

2.1267 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

6.7CVSS7AI score0.01092EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1241

2.1241 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-952

2.952 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-793

2.793 VLC vulnerability CVE-2021-3185 1. Vulnerability description: Vulnerability in the implementation of the h264parse module developed by the GStreamer project included in the gstreamer-plugins-bad set. The issue is caused by a buffer overflow in the gsth264sliceparsedecrefpicmarking function...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-648

2.648 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

9.8CVSS9.6AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-571

2.571 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1326

2.1326 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-976

2.976 Remote code execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-803

2.803 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.5AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1009

2.1009 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1183

2.1183 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker...

9.8CVSS7.4AI score0.23293EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1170

2.1170 Vulnerabilities in Squid Proxy Server 1. Vulnerability description: Issues are present in the code processing the "@" block at the beginning of a URL "user@host" and allow bypassing access restriction rules, poisoning cache contents and performing a cross-site scripting attack.Identifier o...

6.7CVSS6.9AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1351

2.1351 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-843

2.843 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726...

4.3CVSS8AI score0.0094EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1272

2.1272 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1006

2.1006 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1393

2.1393 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1665

2.1665 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS8.1AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-512

2.512 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.8CVSS6.9AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•21 views

ROS-2-1673

2.1673 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

6.7CVSS7.2AI score0.0262EPSS
Exploits0
Redos
Redos
•added 1976/01/01 12:0 a.m.•21 views

ROS-2-945

2.945 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2026/05/24 12:0 a.m.•20 views

ROS-20260524-73-0054

Vulnerability in nextcloud related to the use of dangerous methods or features. Exploitation of the vulnerability could allow an attacker to directly access the memory of a computing device to which thunderbolt-enabled devices are connected...

6.4CVSS5.8AI score0.00255EPSS
Exploits1
Redos
Redos
•added 2026/05/24 12:0 a.m.•20 views

ROS-20260524-73-0034

A vulnerability in the vim text editor is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands provided the user opens a specially generated file...

9.2CVSS6.5AI score0.00588EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•20 views

ROS-20260524-73-0013

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•20 views

ROS-20260524-73-0002

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to...

5.3CVSS7.2AI score0.00305EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•20 views

ROS-20260524-73-0044

A vulnerability in the Jenkins Automation Server is related to incorrect symbolic link detection prior to file access during .tar and .tar.gz archive extraction. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files...

8.8CVSS6.1AI score0.01161EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•20 views

ROS-20260524-73-0007

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•20 views

ROS-20260508-73-0015

A vulnerability in the ngxhttpmp4module module of the NGINX Plus and NGINX Open Source HTTP server is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service or execute arbitrary code...

8.5CVSS7.9AI score0.00918EPSS
Exploits0
Redos
Redos
•added 2026/05/05 12:0 a.m.•20 views

ROS-20260505-73-0036

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00193EPSS
Exploits0
Redos
Redos
•added 2026/03/10 12:0 a.m.•20 views

ROS-20260310-73-0013

A vulnerability in the user interface UI of the Google Chrome browser is related to the lack of a user warning about unsafe actions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...

9.8CVSS5.8AI score0.00315EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•20 views

ROS-20250505-08

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

9.8CVSS8AI score0.00414EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•20 views

ROS-20250505-04

The vulnerability of the Zabbix universal monitoring system is related to insufficient cleansing of user data passed via the "groupBy" parameter in include/classes/api/CApiService.php. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL queries in the database...

8.8CVSS7.6AI score0.2926EPSS
Exploits0
Redos
Redos
•added 2025/04/14 12:0 a.m.•20 views

ROS-20250414-01

A vulnerability in the ocfs2 component of the Linux operating system kernel is related to incorrect input validation in the ocfs2reflinkxattrinline function in fs/ocfs2/xattr.c, in ocfs2reflink function in fs/ocfs2/refcounttree.c. Exploitation of the vulnerability could allow an attacker to cause...

7.8CVSS7.4AI score0.00339EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•20 views

ROS-20250403-03

Vulnerability of SQLite hints and ETRN serialization functions of Exim mail server is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sendi...

9.8CVSS7.7AI score0.75782EPSS
Exploits6
Redos
Redos
•added 2025/03/07 12:0 a.m.•20 views

ROS-20250307-14

Moodle virtual learning environment vulnerability is related to access control weaknesses. Exploitation The vulnerability could allow a remote attacker to gain unauthorized access to the protected information. protected information A vulnerability in the Moodle virtual learning environment is...

8.6CVSS6.7AI score0.00478EPSS
Exploits1
Redos
Redos
•added 2025/03/03 12:0 a.m.•20 views

ROS-20250303-04

Vulnerability of the iofilebitmapget function iouring/filetable.c of the Linux kernel is related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.6AI score0.00211EPSS
Exploits0
Redos
Redos
•added 2025/02/14 12:0 a.m.•20 views

ROS-20250214-04

Vulnerability of the nftsetelemcatchalldeactivate function in the net/netfilter/nftablesapi.c module of the Linux kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...

7.8CVSS6.5AI score0.00282EPSS
Exploits0
Redos
Redos
•added 2025/01/17 12:0 a.m.•20 views

ROS-20250117-04

Visual Studio Code source code editor vulnerability is related to failure to take measures to neutralize the special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

7.8CVSS7.8AI score0.01002EPSS
Exploits0
Redos
Redos
•added 2025/01/13 12:0 a.m.•20 views

ROS-20250113-03

Vulnerability in Intel Ethernet network controllers RDMA driver for Linux is related to access control flaws access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

9.8CVSS7.1AI score0.00978EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•20 views

ROS-20250110-05

The vulnerability of the Zabbix universal monitoring system server is related to the use of uncontrolled format strings when processing HttpRequest objects. format strings when processing HttpRequest objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain...

9.1CVSS9.2AI score0.00952EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•20 views

ROS-20241203-20

Apache Ivy package manager vulnerability is related to incorrect path name restriction to a directory with a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to the file system Apache Ivy package manager vulnerability is...

9.1CVSS7.3AI score0.01819EPSS
Exploits0
Redos
Redos
•added 2024/11/27 12:0 a.m.•20 views

ROS-20241127-02

A vulnerability in the virtio component of the Linux kernel is related to memory corruption in the functions virtioi2cpreparereqs, virtioi2ccompletereqs and virtioi2cxfer functions in drivers/i2c/busses/i2c-virtio.c. Exploitation of the vulnerability could allow an attacker to gain access to...

7.8CVSS8.6AI score0.00247EPSS
Exploits1
Redos
Redos
•added 2024/11/21 12:0 a.m.•20 views

ROS-20241121-05

The vulnerability in the Moodle virtual learning environment is related to issues with controlling the visibility of user information in gradebook reports. of user information in gradebook reports. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

8.1CVSS6.8AI score0.83343EPSS
Exploits8
Redos
Redos
•added 2024/11/13 12:0 a.m.•20 views

ROS-20241112-07

Eclipse Mosquitto message broker vulnerability is related to a heap buffer overflow when executing a onsubscribe callback. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information The Eclipse Mosquitto message broker vulnerability is relate...

9.8CVSS7.9AI score0.579EPSS
Exploits2
Redos
Redos
•added 2024/11/13 12:0 a.m.•20 views

ROS-20241112-02

A vulnerability in the ansible-core component of the Red Hat Ansible configuration management system is related to incorrect processing of output data for logs. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in Red Hat Ansible configurati...

6.3CVSS6.8AI score0.00859EPSS
Exploits0
Redos
Redos
•added 2024/10/18 12:0 a.m.•20 views

ROS-20241017-09

Vulnerability of the alistadd function of the vim text editor is related to memory usage after its after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary autocommands Vulnerability of instypebuf function of vim text editor is related to buffer...

5.5CVSS8.2AI score0.00349EPSS
Exploits0
Total number of security vulnerabilities5000