Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2023/10/19 12:0 a.m.•20 views

ROS-20231019-01

Vulnerability in Nextcloud cloud storage creation and utilization software is related to lack of protection and allows password mining in WebDAV API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...

7.5CVSS7.3AI score0.00575EPSS
Exploits0
Redos
Redos
•added 2023/09/05 12:0 a.m.•20 views

ROS-20230905-02

Vulnerability in the ksmbd module of Linux kernel operating systems is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using the...

9.8CVSS9AI score0.0406EPSS
Exploits3
Redos
Redos
•added 2023/07/06 12:0 a.m.•20 views

ROS-2-1484

2.1484 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•20 views

ROS-2-1333

2.1333 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•20 views

ROS-2-1445

2.1445 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•20 views

ROS-2-1880

2.1880 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2022/11/18 12:0 a.m.•20 views

ROS-20221118-02

A vulnerability in the MPEG-4 GPAC system standard implementation is related to the svgparsepreserveaspectratio in the scenegraph/svgattributes.c file of the SVG Parser component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak. an attacker acting...

6.5CVSS6.6AI score0.00937EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•20 views

ROS-20220125-15

A vulnerability in the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm in the ElGamal implementation. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to sensitive information on the system. remotely, to...

5.9CVSS7.6AI score0.01423EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•20 views

ROS-2-963

2.963 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•20 views

ROS-2-1163

2.1163 VLC vulnerability CVE-2021-3185 1. Vulnerability description: Vulnerability in the implementation of the h264parse module developed by the GStreamer project included in the gstreamer-plugins-bad set. The issue is caused by a buffer overflow in the gsth264sliceparsedecrefpicmarking function...

9.8CVSS8.4AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•20 views

ROS-2-814

2.814 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.5CVSS7.6AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-878

2.878 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-944

2.944 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.18114EPSS
Exploits16
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1466

2.1466 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS9.1AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1304

2.1304 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS10AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1534

2.1534 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

8.4AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-703

2.703 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability Description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS7.9AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-998

2.998 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

4.3CVSS7.9AI score0.0094EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1234

2.1234 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

7.5CVSS7.7AI score0.05107EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-467

2.467 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-983

2.983 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits15
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-902

2.902 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

9.8CVSS7.5AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-648

2.648 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

9.8CVSS9.6AI score0.02377EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1183

2.1183 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker...

9.8CVSS7.4AI score0.23293EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-672

2.672 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

9.3CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1326

2.1326 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•20 views

ROS-2-1651

2.1651 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0007

A vulnerability in the JGSS component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow a remote attacker to gain...

5.3CVSS7.2AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0002

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to...

5.3CVSS7.2AI score0.00305EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0004

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to...

5.3CVSS7.2AI score0.00305EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0021

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00122EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0044

A vulnerability in the Jenkins Automation Server is related to incorrect symbolic link detection prior to file access during .tar and .tar.gz archive extraction. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files...

8.8CVSS6.1AI score0.01161EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0011

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0014

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0024

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to gain access to...

2.9CVSS7.2AI score0.00122EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0034

A vulnerability in the vim text editor is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands provided the user opens a specially generated file...

9.2CVSS6.5AI score0.00588EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•19 views

ROS-20260524-73-0041

Vulnerability in mariadb11.4 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.3CVSS7.1AI score0.00274EPSS
Exploits1
Redos
Redos
•added 2026/05/20 12:0 a.m.•19 views

ROS-20260520-73-0051

A vulnerability in the ANGLE component of the Google Chrome web browser is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data using a specially crafted HTML page...

6.5CVSS5.8AI score0.002EPSS
Exploits0
Redos
Redos
•added 2026/05/15 12:0 a.m.•19 views

ROS-20260515-73-0044

A vulnerability in the implementation of the Resource Timing application programming interface of the Google Chrome browser is associated with incorrect protection of physical third-party channels. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to...

3.1CVSS5.8AI score0.00164EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•19 views

ROS-20260508-73-0015

A vulnerability in the ngxhttpmp4module module of the NGINX Plus and NGINX Open Source HTTP server is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service or execute arbitrary code...

8.5CVSS7.9AI score0.00918EPSS
Exploits0
Redos
Redos
•added 2026/04/17 12:0 a.m.•19 views

ROS-20260417-73-0030

A vulnerability in the JOSE implementation of the Authlib library for OAuth and OpenID Connect servers is related to improper integrity value checking. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security mechanisms...

9.1CVSS7.3AI score0.00226EPSS
Exploits1
Redos
Redos
•added 2025/05/06 12:0 a.m.•19 views

ROS-20250505-08

Vulnerability of SSLManagerOpenSSL class of MongoDB database management system is related to lack of certificate revocation check. certificate revocation verification. Exploitation of the vulnerability could allow an attacker acting remotely, bypass security restrictions A vulnerability in the...

9.8CVSS8AI score0.00414EPSS
Exploits0
Redos
Redos
•added 2025/04/14 12:0 a.m.•19 views

ROS-20250414-01

A vulnerability in the ocfs2 component of the Linux operating system kernel is related to incorrect input validation in the ocfs2reflinkxattrinline function in fs/ocfs2/xattr.c, in ocfs2reflink function in fs/ocfs2/refcounttree.c. Exploitation of the vulnerability could allow an attacker to cause...

7.8CVSS7.4AI score0.00339EPSS
Exploits0
Redos
Redos
•added 2025/03/18 12:0 a.m.•20 views

ROS-20250318-01

A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...

7.8CVSS7.3AI score0.00281EPSS
Exploits0
Redos
Redos
•added 2025/03/14 12:0 a.m.•19 views

ROS-20250314-01

Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...

7.8CVSS7AI score0.00875EPSS
Exploits0
Redos
Redos
•added 2025/03/07 12:0 a.m.•19 views

ROS-20250307-14

Moodle virtual learning environment vulnerability is related to access control weaknesses. Exploitation The vulnerability could allow a remote attacker to gain unauthorized access to the protected information. protected information A vulnerability in the Moodle virtual learning environment is...

8.6CVSS6.7AI score0.00478EPSS
Exploits1
Redos
Redos
•added 2025/03/03 12:0 a.m.•19 views

ROS-20250303-04

Vulnerability of the iofilebitmapget function iouring/filetable.c of the Linux kernel is related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.6AI score0.00211EPSS
Exploits0
Redos
Redos
•added 2025/02/14 12:0 a.m.•19 views

ROS-20250214-04

Vulnerability of the nftsetelemcatchalldeactivate function in the net/netfilter/nftablesapi.c module of the Linux kernel of the Linux operating system is related to the reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...

7.8CVSS6.5AI score0.00282EPSS
Exploits0
Redos
Redos
•added 2025/01/17 12:0 a.m.•19 views

ROS-20250117-04

Visual Studio Code source code editor vulnerability is related to failure to take measures to neutralize the special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

7.8CVSS7.8AI score0.01002EPSS
Exploits0
Redos
Redos
•added 2025/01/13 12:0 a.m.•19 views

ROS-20250113-03

Vulnerability in Intel Ethernet network controllers RDMA driver for Linux is related to access control flaws access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

9.8CVSS7.1AI score0.00978EPSS
Exploits0
Total number of security vulnerabilities5000