Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
added 2024/09/02 12:0 a.m.19 views

ROS-20240902-04

A vulnerability in the xmlattr filter of the Jinja2 templating engine for the Python programming language is related to the failure to take measures to protect the structure of a web page. to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting...

6.1CVSS6.1AI score0.00892EPSS
Exploits0
Redos
Redos
added 2024/09/02 12:0 a.m.19 views

ROS-20240902-20

A vulnerability in the KeePass password manager is related to unencrypted storage of critical information. Exploitation of the vulnerability could allow an attacker to obtain passwords in clear form...

5.5CVSS6.9AI score0.03661EPSS
Exploits2
Redos
Redos
added 2024/09/02 12:0 a.m.19 views

ROS-20240902-03

Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...

8.8CVSS7.3AI score0.01728EPSS
Exploits0
Redos
Redos
added 2024/08/28 12:0 a.m.19 views

ROS-20240828-04

A vulnerability in OpenVPN software is related to the lack of uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

9.1CVSS7.1AI score0.00805EPSS
Exploits0
Redos
Redos
added 2024/08/28 12:0 a.m.19 views

ROS-20240827-04

A vulnerability in the CGI component of the Ruby programming language is related to the occurrence of an interpretation conflict when inserting unreliable input data into HTTP response header. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data...

8.8CVSS7.2AI score0.02287EPSS
Exploits1
Redos
Redos
added 2024/08/26 12:0 a.m.19 views

ROS-20240826-11

Vulnerability of Connector/J component of MySQL Connectors driver is related to insufficient input data validation. data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality, integrity...

8.3CVSS7AI score0.00872EPSS
Exploits0
Redos
Redos
added 2024/08/26 12:0 a.m.19 views

ROS-20240826-13

A vulnerability in the protojson.Unmarshal function of the golang-google-protobuf package of the Golang programming language is related to an infinite loop when anmarshaling certain JSON forms. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ...

7.5CVSS7.1AI score0.91969EPSS
Exploits1
Redos
Redos
added 2024/08/16 12:0 a.m.19 views

ROS-20240816-01

A vulnerability in the Portainer container management platform is related to a difference in authentication user authentication response time. Exploitation of the vulnerability could allow an attacker acting remotely to determine whether a username is valid or invalid. remotely, whether the...

5.3CVSS7.1AI score0.01303EPSS
Exploits2
Redos
Redos
added 2024/08/16 12:0 a.m.19 views

ROS-20240816-08

A vulnerability in the PHP programming language is related to the random number generator's use of a narrower range of values. Exploitation of the vulnerability could allow an attacker acting remotely to gain access sensitive data A vulnerability in the PHP interpreter phardirread function is...

9.8CVSS8.9AI score0.08003EPSS
Exploits4
Redos
Redos
added 2024/08/07 12:0 a.m.19 views

ROS-20240725-13

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

7.8CVSS8.1AI score0.00275EPSS
Exploits0
Redos
Redos
added 2024/08/07 12:0 a.m.19 views

ROS-20240807-03

The vulnerability of PJSIPHEADER function of Asterisk and Certified Asterisk IP telephony management systems is related to with operation exceeding the buffer boundaries in memory when processing the update argument. Exploitation of the vulnerability could allow an attacker acting remotely to cau...

8.2CVSS7.6AI score0.4557EPSS
Exploits5
Redos
Redos
added 2024/08/06 12:0 a.m.19 views

ROS-20240806-05

A vulnerability in the AbstractSessionListener component of the Symfony web application development and management platform is related to an incorrect authorization procedure. Symfony web application development and management platform is related to incorrect authorization procedure. Exploitation...

8.8CVSS7.3AI score0.0079EPSS
Exploits0
Redos
Redos
added 2024/08/06 12:0 a.m.19 views

ROS-20240806-21

Vulnerability of JDBC driver pgjdbc for connecting Java programs to PostgreSQL database is related to Lack of verification of the class implementation of the expected interface. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code through the...

9.8CVSS7.7AI score0.0301EPSS
Exploits1
Redos
Redos
added 2024/07/31 12:0 a.m.19 views

ROS-20240731-01

A vulnerability in the lib-src/etags.c file of the ctags component of the EMACS text editor is related to improper neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the org-babel-execute:latex function of the...

7.8CVSS8AI score0.00635EPSS
Exploits0
Redos
Redos
added 2024/07/29 12:0 a.m.19 views

ROS-20240729-13

Vulnerability of cJSONInsertItemInArray function of JSON-C library for JSON-C JSON processing is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

7.5CVSS6.7AI score0.01508EPSS
Exploits1
Redos
Redos
added 2024/07/16 12:0 a.m.19 views

ROS-20210716-02

A vulnerability in the DICOM DCMTK library is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service Vulnerability of the library for working with DICOM DCMTK format is related to allocation of heap memory for parsing the data, b...

7.5CVSS6.9AI score0.01688EPSS
Exploits0
Redos
Redos
added 2024/07/03 12:0 a.m.19 views

ROS-20240703-11

A vulnerability in the cloud-init virtual machine configuration package for Linux family operating systems is related to the fact that sensitive data could be exposed in cloud-init logs. Exploitation the vulnerability could allow an attacker to gain unauthorized access to the protected informatio...

5.5CVSS6.6AI score0.00263EPSS
Exploits0
Redos
Redos
added 2024/06/26 12:0 a.m.19 views

ROS-20240626-15

Vulnerability of avahishostnameresolverstart function of Avahi local network service discovery system is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.5AI score0.00374EPSS
Exploits1
Redos
Redos
added 2024/06/26 12:0 a.m.19 views

ROS-20240626-13

Vulnerability of ExtractImageSection function of LibTIFF library is related to buffer copying without checking the the size of the input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service using a crafted Tiff file...

5.5CVSS6.8AI score0.00317EPSS
Exploits0
Redos
Redos
added 2024/06/26 12:0 a.m.19 views

ROS-20240626-14

Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...

8CVSS7.5AI score0.01465EPSS
Exploits0
Redos
Redos
added 2024/05/29 12:0 a.m.19 views

ROS-20240529-02

A vulnerability in the LibreOffice office suite is related to uncontrolled script execution in the graphics linking scripts by clicking on them. Exploitation of the vulnerability could allow an attacker to execute scripts embedded in LibreOffice...

6.5CVSS6.8AI score0.01008EPSS
Exploits0
Redos
Redos
added 2024/05/24 12:0 a.m.19 views

ROS-20240524-03

A vulnerability in Ruby Sinatra web application development framework is related to code loading without checking its integrity. of its integrity. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS6.8AI score0.00642EPSS
Exploits1
Redos
Redos
added 2024/05/24 12:0 a.m.19 views

ROS-20240424-03

A vulnerability in the Serialization component of the Oracle Java SE software platform and Oracle Virtual Machine GraalVM Enterprise Edition is related to the recovery of invalid data in memory. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...

5.3CVSS7.6AI score0.08346EPSS
Exploits0
Redos
Redos
added 2024/05/22 12:0 a.m.19 views

ROS-20240522-07

A vulnerability in the Firebird database management system is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a long CHAR instruction...

7.5CVSS6.8AI score0.00658EPSS
Exploits0
Redos
Redos
added 2024/05/22 12:0 a.m.19 views

ROS-20240522-06

A vulnerability in the protojson.Unmarshal function of the Golang programming language is related to an infinite loop when unmarshaling of certain JSON forms. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
Redos
Redos
added 2024/05/21 12:0 a.m.19 views

ROS-20240521-04

Vulnerability of the lysparsemem function parser and data modeling language toolkit for YANG libyang is related to the lack of a check if the value mod-revision is NULL. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.1AI score0.00986EPSS
Exploits0
Redos
Redos
added 2024/05/07 12:0 a.m.19 views

ROS-20240507-06

A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management tool is related to the injection or modification of arguments. Exploitation of the vulnerability could allow an attacker to to exit an isolated program environment and access files on the...

8.4CVSS7AI score0.00512EPSS
Exploits1
Redos
Redos
added 2024/04/23 12:0 a.m.19 views

ROS-20240423-04

A vulnerability in the libreswan software is related to the fact that in some IKEv2 scenarios retransmit a connection configured to use PreSharedKeys authby=secret and this connection fails to can't find the corresponding customized secret. Exploiting the vulnerability could allow an attacker,...

6.5CVSS6.7AI score0.00944EPSS
Exploits0
Redos
Redos
added 2024/04/18 12:0 a.m.19 views

ROS-20240418-04

The exfatprogs user-space utility vulnerability is related to allowing memory accesses outside the boundaries, such as in readfiledentryset. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00381EPSS
Exploits1
Redos
Redos
added 2024/04/15 12:0 a.m.19 views

ROS-20240415-01

A vulnerability in the jbig2error function of the jbig2.c file of the Jbig2dec image compression format decoder is related to the SEGV vulnerability. SEGV vulnerability. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.00753EPSS
Exploits1
Redos
Redos
added 2024/04/12 12:0 a.m.19 views

ROS-20240412-05

A vulnerability in the gfisomnewgenericsampledescription function of the GPAC multimedia platform is related to the buffer copying without checking the input size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.1AI score0.00534EPSS
Exploits1
Redos
Redos
added 2024/04/12 12:0 a.m.19 views

ROS-20240412-03

Atril document viewer vulnerability is related to incorrect path restriction to a restricted directory. Exploitation of the vulnerability could allow an attacker to write arbitrary files anywhere in the file system...

8.5CVSS7.2AI score0.01016EPSS
Exploits2
Redos
Redos
added 2024/04/11 12:0 a.m.19 views

ROS-20240411-03

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.1AI score0.01103EPSS
Exploits0
Redos
Redos
added 2024/04/10 12:0 a.m.19 views

ROS-20240410-07

A vulnerability in the Podman OCI container management and startup software tool is related to errors in the in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate their privileges...

8.6CVSS7.2AI score0.0049EPSS
Exploits0
Redos
Redos
added 2024/04/09 12:0 a.m.19 views

ROS-20240409-10

A vulnerability in IEEE 1609.2 plug-in dissector of Wireshark computer network traffic analyzer is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in GVCP dissector of Wireshark computer...

7.8CVSS7AI score0.01823EPSS
Exploits2
Redos
Redos
added 2024/04/09 12:0 a.m.19 views

ROS-20240409-03

Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

6.2CVSS7AI score0.00437EPSS
Exploits0
Redos
Redos
added 2024/04/04 12:0 a.m.19 views

ROS-20240404-19

A vulnerability in the PNG optimization software tool OptiPNG is related to a buffer overflow via the 'buffer' variable in gifread.c. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

7.8CVSS7.2AI score0.00518EPSS
Exploits1
Redos
Redos
added 2024/03/29 12:0 a.m.19 views

ROS-20240329-03

Vulnerability in InstalledVersions.php and install.php scripts of dependency manager for PHP Composer is related to the inclusion of functions from an invalid controlled scope. with the inclusion of functions from an invalid controlled scope. Exploitation of the vulnerability could allow an...

8.8CVSS8AI score0.00273EPSS
Exploits0
Redos
Redos
added 2024/03/29 12:0 a.m.19 views

ROS-20240329-17

A vulnerability in the sdhci.c component of the QEMU hardware emulator is related to a single offset. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.6CVSS6.9AI score0.00802EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-1185

2.1185 Directory traversal in Apache Commons IO CVE-2021-29425 1. Vulnerability Description: The vulnerability allows a remote attacker to perform directory traversal attacks. The vulnerability exists due to an input validation error in the FileNameUtils.normalize method when processing directory...

4.8CVSS7.2AI score0.10608EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-1417

2.1417 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-995

2.995 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-959

2.959 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-827

2.827 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.4AI score0.0199EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-8

2.8 Notification of the update of the OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technica...

7.2AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-1202

2.1202 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits2
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-1315

2.1315 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726 2...

4.3CVSS7.6AI score0.0094EPSS
Exploits2
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-1285

2.1285 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-967

2.967 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS9.4AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/10/19 12:0 a.m.19 views

ROS-20231019-01

Vulnerability in Nextcloud cloud storage creation and utilization software is related to lack of protection and allows password mining in WebDAV API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...

7.5CVSS7.3AI score0.00575EPSS
Exploits0
Total number of security vulnerabilities5000