Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-531

2.531 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotely...

8.8CVSS7.9AI score0.01368EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1220

2.1220 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

7.8CVSS7.3AI score0.01236EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1408

2.1408 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-880

2.880 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.7CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1775

2.1775 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.8CVSS8.5AI score0.99295EPSS
Exploits91
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1003

2.1003 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-446

2.446 VLC vulnerability CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.1AI score0.03636EPSS
Exploits7
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1462

2.1462 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-961

2.961 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.19431EPSS
Exploits3
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1487

2.1487 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1623

2.1623 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-953

2.953 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1229

2.1229 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

9.8CVSS7.7AI score0.19431EPSS
Exploits19
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-611

2.611 Multiple vulnerabilities of libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.6AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1177

2.1177 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The...

9.8CVSS8.6AI score0.19431EPSS
Exploits5
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1195

2.1195 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...

7.5CVSS7.7AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-825

2.825 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.8CVSS7.7AI score0.99295EPSS
Exploits86
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-1394

2.1394 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.2AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2026/05/29 12:0 a.m.•18 views

ROS-20260529-73-0023

The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

5.8AI score
Exploits0
Redos
Redos
•added 2026/05/27 12:0 a.m.•18 views

ROS-20260527-73-0006

Vulnerability in openbao related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS5.8AI score0.00218EPSS
Exploits1
Redos
Redos
•added 2026/05/26 12:0 a.m.•18 views

ROS-20260526-73-0010

Vulnerability in python-relenv related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00143EPSS
Exploits0
Redos
Redos
•added 2026/05/26 12:0 a.m.•18 views

ROS-20260526-73-0020

A vulnerability in the libpng library is related to the failure to check for sufficient input pixels when processing the last partial portion in the ARM/AArch64 Neon optimized palette expansion path. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...

7.6CVSS6.3AI score0.00585EPSS
Exploits0
Redos
Redos
•added 2026/05/24 12:0 a.m.•18 views

ROS-20260524-73-0055

A vulnerability in the Protobuf data serialization protocol involves uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.2CVSS6.6AI score0.00613EPSS
Exploits0
Redos
Redos
•added 2026/05/15 12:0 a.m.•18 views

ROS-20260515-73-0002

Vulnerability in firebird due to lack of service data protection. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

7.9CVSS5.8AI score0.00185EPSS
Exploits0
Redos
Redos
•added 2026/05/12 12:0 a.m.•18 views

ROS-20260512-73-0033

Vulnerability in ruby related to lack of protection of proprietary data. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

7.5CVSS5.8AI score0.0051EPSS
Exploits0
Redos
Redos
•added 2026/05/08 12:0 a.m.•18 views

ROS-20260508-73-0011

A vulnerability in the .NET software platform is related to incorrect handling of a missing special element. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...

7.5CVSS7.1AI score0.01015EPSS
Exploits0
Redos
Redos
•added 2026/01/19 12:0 a.m.•18 views

ROS-20260119-7391

A vulnerability in the rtlpciprobe driver function drivers/net/wireless/realtek/rtlwifi/pci.c of Linux kernel operating systems is related to the lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.8AI score0.00187EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•18 views

ROS-20251203-10

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

9.1CVSS7.2AI score0.03153EPSS
Exploits4
Redos
Redos
•added 2025/05/28 12:0 a.m.•18 views

ROS-20250528-01

A vulnerability in the acpi component of the Linux kernel is related to the dereferencing of a NULL pointer in the acpiskipsetwakeupaddress function in drivers/acpi/sleep.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the net...

7.8CVSS8AI score0.00277EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•18 views

ROS-20250513-02

The RED OS kiosk mode vulnerability is due to improper constraints. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands on the system outside of the imposed restrictions Information about the vulnerability was received from Alexander Starikov - researcher at...

8AI score
Exploits0
Redos
Redos
•added 2025/02/04 12:0 a.m.•18 views

ROS-20250204-01

A vulnerability in the udf component of the Linux operating system kernel is related to the use of an uninitialized resource in the udfrename function in fs/udf/namei.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vmwgfx...

8.8CVSS7.5AI score0.00793EPSS
Exploits2
Redos
Redos
•added 2025/02/03 12:0 a.m.•18 views

ROS-20250203-12

A vulnerability in the ldebug.c component of the Lua script interpreter involves an integer loss of significance. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.3AI score0.03833EPSS
Exploits1
Redos
Redos
•added 2025/01/21 12:0 a.m.•18 views

ROS-20250121-04

A vulnerability in the RIB Revalidation component of a software tool that implements network routing on Unix-like FRRouting systems is related to the launch of RIB reanalysis for FRR routers. Unix-like FRRouting systems is related to triggering RIB reanalysis for FRR routers, using RTR, causing...

7.5CVSS6.8AI score0.00823EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•18 views

ROS-20250109-08

The ungetbyte and ungetc methods of StringIO string handler for Ruby programming language are vulnerable to with an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of protected information...

9.8CVSS6.9AI score0.02364EPSS
Exploits0
Redos
Redos
•added 2024/12/16 12:0 a.m.•18 views

ROS-20241216-10

The Jetty servlet container vulnerability is related to the lack of control over internal resource consumption within DoSFilter. Exploitation of the vulnerability could allow an attacker acting remotely to repeatedly send crafted requests multiple times, cause an OutofMemory error, and finally...

7.5CVSS6.8AI score0.00946EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•18 views

ROS-20241121-02

A vulnerability in the Access Rule Handler component of the Openstack cloud services platform involves manipulation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system. affect the integrity of the system...

5.5CVSS6.7AI score0.00493EPSS
Exploits0
Redos
Redos
•added 2024/11/20 12:0 a.m.•18 views

ROS-20241120-01

Vulnerability of drm/amd/display components of Linux kernel is related to dereferencing of the NULL pointer in the amdgpudminit function in drivers/gpu/drm/amd/display/amdgpudm/amdgpudm.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in th...

7.8CVSS6.8AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/11/14 12:0 a.m.•18 views

ROS-20241114-02

The vulnerability of the micrel component of the Linux operating system kernel is related to the NULL pointer dereferencing in lan8814txtstamp, lan8814getsigrx, lan8814matchrxts, lan8814ptpciadjfine functions, lan8814getsigtx, lan8814dequeuetxskb, and lan8814matchskb in drivers/net/phy/micrel.c...

7.8CVSS7AI score0.00632EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•18 views

ROS-20241112-11

A vulnerability in the index.php component of Enterprise Server, a cloud-based software package for creating and using Nextcloud Server data storage is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to modify or delete VCards in the...

8.1CVSS6.8AI score0.00805EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•18 views

ROS-20241112-10

A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of https URLs even after certificate validation errors. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data and compromise their integrity. remotely to gain...

8.1CVSS6.9AI score0.03295EPSS
Exploits2
Redos
Redos
•added 2024/10/29 12:0 a.m.•18 views

ROS-20241029-11

A vulnerability in the blockformat function of the Ruby interpreter with the Action Mailer Gem extension is related to the execution of the function for an unexpectedly large amount of time. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.7CVSS7.1AI score0.00944EPSS
Exploits0
Redos
Redos
•added 2024/10/17 12:0 a.m.•18 views

ROS-20241017-01

A vulnerability in the golang package of the Debian GNU/Linux operating system is related to incorrect control of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Golang programming languag...

9.8CVSS7.8AI score0.02281EPSS
Exploits0
Redos
Redos
•added 2024/10/15 12:0 a.m.•18 views

ROS-20241015-04

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect resource clearing or release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.01361EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•18 views

ROS-20241008-08

Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...

6.5CVSS7.2AI score0.00546EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•18 views

ROS-20241008-04

A vulnerability in the RSS function of the QEMU hardware emulator is related to setting too large a value, causing an index out-of-bounds problem. values, causing a problem with the index going out of bounds. Exploitation of the vulnerability could allow an attacker acting locally to cause a deni...

6.8CVSS6.8AI score0.0065EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•18 views

ROS-20241004-07

A vulnerability in the iouring component of the Linux operating system kernel is related to the reuse of previously released memory due to competitive access to a resource race condition in the scmfpcopy function in the net/core/scm.c module. Exploitation of the vulnerability could allow an...

7CVSS6.9AI score0.00224EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•18 views

ROS-20241004-09

Vulnerability of the matchflags function of the Netfilter subsystem of the Linux kernel is related to the reading of data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of...

8.2CVSS7.2AI score0.00516EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•18 views

ROS-20241002-03

Vulnerability of btrfsgetrootref function in fs/btrfs/disk-io.c module of btrfs file system of Linux kernel is related to reuse of previously freed memory. of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker t...

7.1CVSS7AI score0.00254EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•18 views

ROS-20240923-01

The vulnerability of WebKitGTK and WPE WebKit web page display modules is related to memory access after it is memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7AI score0.00844EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•18 views

ROS-20240923-06

Vulnerability of net/http and net/http2 libraries of Go programming language in terms of implementation of the HTTP/2 protocol is related to uncontrolled resource consumption as a result of incorrect determination of the termination of HTTP/2 is related to uncontrolled resource consumption as a...

7.5CVSS7.1AI score0.91969EPSS
Exploits1
Total number of security vulnerabilities5000