Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
added 2024/10/15 12:0 a.m.17 views

ROS-20241015-04

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect resource clearing or release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.01361EPSS
Exploits0
Redos
Redos
added 2024/10/08 12:0 a.m.17 views

ROS-20241008-08

Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...

6.5CVSS7.2AI score0.00546EPSS
Exploits0
Redos
Redos
added 2024/10/04 12:0 a.m.17 views

ROS-20241004-09

Vulnerability of the matchflags function of the Netfilter subsystem of the Linux kernel is related to the reading of data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of...

8.2CVSS7.2AI score0.00516EPSS
Exploits1
Redos
Redos
added 2024/10/04 12:0 a.m.17 views

ROS-20241004-07

A vulnerability in the iouring component of the Linux operating system kernel is related to the reuse of previously released memory due to competitive access to a resource race condition in the scmfpcopy function in the net/core/scm.c module. Exploitation of the vulnerability could allow an...

7CVSS6.9AI score0.00222EPSS
Exploits0
Redos
Redos
added 2024/10/02 12:0 a.m.17 views

ROS-20241002-03

Vulnerability of btrfsgetrootref function in fs/btrfs/disk-io.c module of btrfs file system of Linux kernel is related to reuse of previously freed memory. of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker t...

7.1CVSS7AI score0.00254EPSS
Exploits0
Redos
Redos
added 2024/09/23 12:0 a.m.17 views

ROS-20240923-06

Vulnerability of net/http and net/http2 libraries of Go programming language in terms of implementation of the HTTP/2 protocol is related to uncontrolled resource consumption as a result of incorrect determination of the termination of HTTP/2 is related to uncontrolled resource consumption as a...

7.5CVSS7.1AI score0.91969EPSS
Exploits1
Redos
Redos
added 2024/09/23 12:0 a.m.17 views

ROS-20240923-01

The vulnerability of WebKitGTK and WPE WebKit web page display modules is related to memory access after it is memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7AI score0.00844EPSS
Exploits0
Redos
Redos
added 2024/09/16 12:0 a.m.17 views

ROS-20240916-06

Vulnerability in the Device Handler component of the Xen cross-platform hypervisor of the Linux kernel is related to incorrect placement of a preprocessor directive in the source code. Exploiting the vulnerability could allow an attacker to escalate privileges...

4.1CVSS7.4AI score0.00264EPSS
Exploits0
Redos
Redos
added 2024/09/11 12:0 a.m.17 views

ROS-20240911-06

A vulnerability in the stack protection feature of the GNU Compiler Collection GCC for different programming languages is due to a data protection mechanism violation. Collection GCC is related to a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker...

4.8CVSS6.5AI score0.00666EPSS
Exploits1
Redos
Redos
added 2024/09/09 12:0 a.m.17 views

ROS-20240909-04

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

7.5CVSS6.6AI score0.00656EPSS
Exploits0
Redos
Redos
added 2024/09/06 12:0 a.m.17 views

ROS-20240906-01

Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...

7.8CVSS8.1AI score0.00255EPSS
Exploits0
Redos
Redos
added 2024/09/05 12:0 a.m.17 views

ROS-20240904-16

A vulnerability in the export.c file in the exporttga function of the libcaca graphics library for converting an image to ASCII ART is related to the operation exceeding memory buffer limits. image to ASCII ART is related to the operation exceeding the buffer boundaries in memory. Exploitation of...

7.8CVSS7.1AI score0.01353EPSS
Exploits2
Redos
Redos
added 2024/09/04 12:0 a.m.17 views

ROS-20240904-06

A vulnerability in the yasmintnumcopy function of the YASM assembler is related to the lack of memory release after the effective lifetime. Exploitation of the vulnerability could allow an attacker to gain access to the sensitive data...

3.3CVSS6.9AI score0.00467EPSS
Exploits1
Redos
Redos
added 2024/09/02 12:0 a.m.17 views

ROS-20240902-15

A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.9AI score0.01414EPSS
Exploits0
Redos
Redos
added 2024/08/26 12:0 a.m.17 views

ROS-20240826-10

Vulnerability of pygments/lexers/smithy.py file of SmithyLexer component of syntax highlighting program Pygments is related to the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00503EPSS
Exploits1
Redos
Redos
added 2024/08/26 12:0 a.m.17 views

ROS-20240826-18

Vulnerability in the .NET development platform of Microsoft's software development tool Visual Studio is related to the transmission of credentials in unencrypted form. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability in the...

7.5CVSS6.7AI score0.02701EPSS
Exploits0
Redos
Redos
added 2024/08/16 12:0 a.m.17 views

ROS-20240816-03

Vulnerability of HTTP Daemon is related to inconsistent interpreting of HTTP requests when processing 'Content-Length' string values. when processing 'Content-Length' string values. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate their privileges by sending...

7.3CVSS7.3AI score0.02108EPSS
Exploits1
Redos
Redos
added 2024/08/12 12:0 a.m.17 views

ROS-20240812-12

Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary SQL queries...

8.1CVSS8AI score0.6296EPSS
Exploits0
Redos
Redos
added 2024/08/07 12:0 a.m.17 views

ROS-20240725-12

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

7.8CVSS8.1AI score0.00275EPSS
Exploits0
Redos
Redos
added 2024/08/06 12:0 a.m.17 views

ROS-20240806-15

Vulnerability of PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes and PKCS12newpass of the OpenSSL library are related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.8AI score0.03174EPSS
Exploits0
Redos
Redos
added 2024/07/26 12:0 a.m.17 views

ROS-20240726-07

A vulnerability in the Sign-In component of the Google Chrome browser is related to the ability to bypass navigation restrictions using a specially crafted HTML page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute cross-site scripted attacks...

6.5CVSS6.5AI score0.00293EPSS
Exploits1
Redos
Redos
added 2024/07/19 12:0 a.m.17 views

ROS-20240719-01

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

8.3CVSS8AI score0.01279EPSS
Exploits0
Redos
Redos
added 2024/07/16 12:0 a.m.17 views

ROS-20240716-01

OpenSearch software package vulnerability related to unintentional access to resources of of users in the Dashboards Reports plugin. Exploitation of the vulnerability could allow an attacker to compromise the integrity of data. impact data integrity OpenSearch software package vulnerability relat...

5.4CVSS6.7AI score0.00305EPSS
Exploits0
Redos
Redos
added 2024/07/13 12:0 a.m.17 views

ROS-20240709-03

Apache Kafka Message Manager vulnerability is related to Apache Kafka cluster migration from ZooKeeper mode to KRaft mode. Exploitation of the vulnerability could allow an attacker acting remotely, impact the confidentiality and integrity of...

7.4CVSS6.7AI score0.01125EPSS
Exploits0
Redos
Redos
added 2024/07/03 12:0 a.m.17 views

ROS-20240703-10

Vulnerability of usbguard-dbus daemon of USBGuard USB device protection software is related to an error of access error of an unprivileged user who could connect USB devices. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, a...

7.8CVSS6.9AI score0.00378EPSS
Exploits1
Redos
Redos
added 2024/06/26 12:0 a.m.17 views

ROS-20240626-07

A vulnerability in the Net::CIDR::Lite module of the Perl programming language interpreter is related to bugs in the handling foreign null characters at the beginning of an IP address string. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access controls...

6.3CVSS6.9AI score0.00493EPSS
Exploits0
Redos
Redos
added 2024/05/21 12:0 a.m.17 views

ROS-20240521-01

Mutt mail client vulnerability is related to pointer dereferencing errors when processing message headers. message headers. Exploitation of the vulnerability could allow an attacker to cause a denial of service Mutt mail client vulnerability is related to null pointer dereferencing. Exploitation ...

6.5CVSS7.1AI score0.00719EPSS
Exploits0
Redos
Redos
added 2024/05/03 12:0 a.m.17 views

ROS-20240503-15

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

8.2CVSS8AI score0.0112EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.17 views

ROS-2-1643

2.1643 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.17 views

ROS-2-1485

2.1485 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.17 views

ROS-2-962

2.962 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.01428EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.17 views

ROS-2-1421

2.1421 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.4AI score0.01157EPSS
Exploits0
Redos
Redos
added 2023/09/18 12:0 a.m.17 views

ROS-20230915-13

A vulnerability in the symbolic.py component of the Python library for interacting with GitPython git repositories is related to a flaw in the directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected...

6.5CVSS6.9AI score0.01012EPSS
Exploits1
Redos
Redos
added 2023/09/12 12:0 a.m.17 views

ROS-20230911-08

Vulnerability of UnRAR file unzipping tool is related to incorrect link resolution before accessing a file "Jump to link". before accessing the file "Follow link". Exploitation of the vulnerability could allow an attacker acting remotely to extract files outside the destination folder using file...

7.5CVSS6.8AI score0.00722EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.17 views

ROS-2-1565

2.1565 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.7AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.17 views

ROS-2-974

2.974 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
added 2023/07/06 12:0 a.m.17 views

ROS-2-1349

2.1349 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS8AI score0.01368EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.17 views

ROS-2-1174

2.1174 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

7.5CVSS7.2AI score0.10047EPSS
Exploits2
Redos
Redos
added 2023/07/06 12:0 a.m.17 views

ROS-2-1581

2.1581 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
added 2023/01/30 12:0 a.m.17 views

ROS-20230130-02

Vulnerability of the opusfile stream decoder library is related to null pointer dereferencing in the opgetdata and opopen1 functions in opusfile.c in xiph. Exploitation of the vulnerability could allow an attacker, acting remotely, transfer specially crafted data to an application and perform a...

7.8CVSS7.2AI score0.00395EPSS
Exploits1
Redos
Redos
added 2022/05/16 12:0 a.m.17 views

ROS-20220516-10

A vulnerability in the evdevlogmsg function of the libinput library's implementation of the X.Org and Wayland display server protocols is related to the use of uncontrolled format strings. Wayland is related to the use of uncontrolled format strings. Exploitation of the vulnerability could allow ...

7.8CVSS8.3AI score0.00364EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.17 views

ROS-2-1478

2.1478 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.8AI score0.03582EPSS
Exploits1
Redos
Redos
added 2021/12/24 12:0 a.m.17 views

ROS-2-1401

2.1401 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS9.5AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.17 views

ROS-2-1475

2.1475 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.2AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.17 views

ROS-20211223-05

Asterisk computer telephony application vulnerability involves an input validation error. Exploitation The vulnerability could allow a remote attacker to send a packet containing an unsupported multimedia format and perform a denial of service DoS attack. unsupported media format and perform a...

7.5CVSS7.2AI score0.0911EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-1243

2.1243 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...

7.8CVSS7.7AI score0.99295EPSS
Exploits86
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-1195

2.1195 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...

7.5CVSS7.7AI score0.95785EPSS
Exploits5
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-825

2.825 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.8CVSS7.7AI score0.99295EPSS
Exploits86
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-1635

2.1635 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-1394

2.1394 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.2AI score0.0262EPSS
Exploits0
Total number of security vulnerabilities5000