Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2024/04/23 12:0 a.m.•18 views

ROS-20240423-04

A vulnerability in the libreswan software is related to the fact that in some IKEv2 scenarios retransmit a connection configured to use PreSharedKeys authby=secret and this connection fails to can't find the corresponding customized secret. Exploiting the vulnerability could allow an attacker,...

6.5CVSS6.7AI score0.00944EPSS
Exploits0
Redos
Redos
•added 2024/04/18 12:0 a.m.•18 views

ROS-20240418-04

The exfatprogs user-space utility vulnerability is related to allowing memory accesses outside the boundaries, such as in readfiledentryset. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00381EPSS
Exploits1
Redos
Redos
•added 2024/04/12 12:0 a.m.•18 views

ROS-20240412-03

Atril document viewer vulnerability is related to incorrect path restriction to a restricted directory. Exploitation of the vulnerability could allow an attacker to write arbitrary files anywhere in the file system...

8.5CVSS7.2AI score0.01016EPSS
Exploits2
Redos
Redos
•added 2024/04/10 12:0 a.m.•18 views

ROS-20240410-07

A vulnerability in the Podman OCI container management and startup software tool is related to errors in the in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate their privileges...

8.6CVSS7.2AI score0.0049EPSS
Exploits0
Redos
Redos
•added 2024/04/04 12:0 a.m.•18 views

ROS-20240404-19

A vulnerability in the PNG optimization software tool OptiPNG is related to a buffer overflow via the 'buffer' variable in gifread.c. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

7.8CVSS7.2AI score0.00518EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•18 views

ROS-20240329-08

The Engrampa archive manager vulnerability is related to the lack of symbolic link location checking, which leads to arbitrary writing of files to unintended locations. Exploitation of the vulnerability could allow an attacker acting remotely to upload files to arbitrary locations on the system...

9.6CVSS7AI score0.01652EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•18 views

ROS-20240329-17

A vulnerability in the sdhci.c component of the QEMU hardware emulator is related to a single offset. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.6CVSS6.9AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1227

2.1227 Multiple Vulnerabilities in LibTIFF 1. Vulnerability description: CVE-2020-35524 CVE-2020-35523 CVE-2020-35522 CVE-2020-35522 CVE-2020-35521 The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a boundary error in TIFF...

7.8CVSS8.3AI score0.01922EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1278

2.1278 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

8.1CVSS8.2AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-967

2.967 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS9.4AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1205

2.1205 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1285

2.1285 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1187

2.1187 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1437

2.1437 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1191

2.1191 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS9.1AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•18 views

ROS-2-1317

2.1317 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.7AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2023/10/19 12:0 a.m.•18 views

ROS-20231018-01

Vulnerability in the QDecCoordOnUnitSphere function of the GPAC multimedia platform is related to integer . overflow . Exploitation of the vulnerability could allow an intruder to gain unauthorized access to the protected information...

5.5CVSS7.4AI score0.00231EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•18 views

ROS-20230913-03

A vulnerability in libreswan software is related to a null pointer dereferencing error in the IKEv1 fast mode packets. Exploitation of the vulnerability could allow an attacker, remotely send specially crafted packets to the system and perform a denial-of-service attack. denial-of-service attack...

6.5CVSS7.2AI score0.00691EPSS
Exploits0
Redos
Redos
•added 2023/09/18 12:0 a.m.•18 views

ROS-20230914-05

Vulnerability of DjVuLibre library for viewing, creating, editing DjVu files is related to IW44Image.cpp. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by dividing by zero. A vulnerability in the library for viewing, creating,...

6.5CVSS6.2AI score0.00869EPSS
Exploits2
Redos
Redos
•added 2023/09/12 12:0 a.m.•18 views

ROS-20230911-08

Vulnerability of UnRAR file unzipping tool is related to incorrect link resolution before accessing a file "Jump to link". before accessing the file "Follow link". Exploitation of the vulnerability could allow an attacker acting remotely to extract files outside the destination folder using file...

7.5CVSS6.8AI score0.00722EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•18 views

ROS-2-1567

2.1567 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.2AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•18 views

ROS-2-1207

2.1207 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•18 views

ROS-2-1313

2.1313 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•18 views

ROS-2-1428

2.1428 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•18 views

ROS-2-1172

2.1172 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

7.3AI score
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•18 views

ROS-20230620-02

Vulnerability of FreeImages library for working with graphic formats is related to reading data outside the buffer boundaries in memory. buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, to cause a denial of service via a crafted JXR file...

5.5CVSS5.5AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2023/06/15 12:0 a.m.•18 views

ROS-20230615-02

The vulnerability of the OpenSearch software package is related to the implementation of detailed access control rules document-level security, field-level security, and field masking when they were incorrectly applied to queries during extremely rare runtime conditions. Exploitation of the of th...

5.9CVSS5.9AI score0.0046EPSS
Exploits0
Redos
Redos
•added 2022/12/27 12:0 a.m.•18 views

ROS-20221227-01

Vulnerability of the library providing functions for X.509 LibKSBA certificates is related to the integer overflow in the CRL parser. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow and execute...

9.8CVSS9.8AI score0.0155EPSS
Exploits2
Redos
Redos
•added 2022/05/16 12:0 a.m.•18 views

ROS-20220516-10

A vulnerability in the evdevlogmsg function of the libinput library's implementation of the X.Org and Wayland display server protocols is related to the use of uncontrolled format strings. Wayland is related to the use of uncontrolled format strings. Exploitation of the vulnerability could allow ...

7.8CVSS8.3AI score0.00364EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-1890

2.1890 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS9AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-1590

2.1590 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-1639

2.1639 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS7.9AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-1596

2.1596 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.7AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-821

2.821 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS9.1AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1220

2.1220 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

7.8CVSS7.3AI score0.01236EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1493

2.1493 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.7AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1405

2.1405 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1628

2.1628 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-573

2.573 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

9.8CVSS8AI score0.02377EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-560

2.560 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

9.8CVSS7AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1432

2.1432 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-953

2.953 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1346

2.1346 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.2AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1265

2.1265 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1193

2.1193 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

8.8CVSS8.4AI score0.01764EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1893

2.1893 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

9.8CVSS9.8AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1754

2.1754 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS9.9AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•18 views

ROS-2-1462

2.1462 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2026/06/17 12:0 a.m.•17 views

ROS-20260617-73-0004

The vulnerability in ImageMagick 7 is related to the assignment of the null pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.5CVSS7.6AI score0.00376EPSS
Exploits0
Redos
Redos
•added 2026/05/29 12:0 a.m.•17 views

ROS-20260529-73-0023

The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

5.8AI score
Exploits0
Total number of security vulnerabilities5000