Lucene search
K
RedosMost viewed

7975 matches found

Redos
Redos
•added 2022/05/16 12:0 a.m.•68 views

ROS-20220516-09

Vulnerability in the cURL command line utility is related to OAUTH2 connection reuse errors for SASL-enabled protocols such as SMPTPS, IMAPS, POP3S, and LDAPS openldap only. Exploitation of the vulnerability could allow an attacker acting remotely to reuse the OAUTH2 authenticated connections...

8.1CVSS7.4AI score0.03425EPSS
Exploits4
Redos
Redos
•added 2021/12/24 12:0 a.m.•68 views

ROS-20211223-03

Vulnerability in an open source implementation of the OpenLDAP protocol is related to a reachability assertion. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted packet with a short timestamp to slapd and perform a denial of service...

7.5CVSS7.7AI score0.84224EPSS
Exploits1
Redos
Redos
•added 2022/05/24 12:0 a.m.•67 views

ROS-20220524-01

OpenSSL cryptographic library vulnerability is related to incorrect input validation in the script crehash. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary OS commands with script privileges A vulnerability in the OpenSSL cryptographic library is...

10CVSS7.9AI score0.83223EPSS
Exploits5
Redos
Redos
•added 2022/03/30 12:0 a.m.•67 views

ROS-20220330-02

Vulnerability in the XML streaming parser library libexpat, related to an integer integer overflow in doProlog function, allowing a remote attacker to pass specially crafted data to an application, cause an integer overflow, and execute arbitrary code in the target application. specially crafted...

9.8CVSS9.5AI score0.04525EPSS
Exploits0
Redos
Redos
•added 2022/03/09 12:0 a.m.•67 views

ROS-20220309-02

The vulnerability in the XSLT parameter of Mozilla Firefox and Focus browsers is related to memory usage after its freeing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the WebGPU 3D graphics processing and computing softwa...

9.6CVSS9.4AI score0.14261EPSS
Exploits2
Redos
Redos
•added 2022/02/22 12:0 a.m.•67 views

ROS-20220217-01

MariaDB database management system vulnerability, related to a formatted string error in the in the implementation of the CONNECT function. Exploitation of the vulnerability could allow an attacker acting remotely, send a specially crafted SQL query containing format string specifiers and execute...

7.8CVSS8.1AI score0.00645EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•66 views

ROS-20250424-03

Vulnerability of the executefilterdelta function of the archivereadsupportformatrar.c component of the Libarchive archiving library is related to reading beyond the allowed data buffer boundaries. of Libarchive archiving library is related to reading outside the allowed data buffer boundaries...

7.8CVSS7.5AI score0.00551EPSS
Exploits2
Redos
Redos
•added 2025/04/24 12:0 a.m.•66 views

ROS-20250424-08

A vulnerability in the containerd container runtime environment is related to an integer overflow when processing a UID:GID that exceeds the maximum 32-bit signed integer. Exploitation of the vulnerability could Allow an attacker to cause a denial of service...

7.8CVSS7AI score0.00275EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•66 views

ROS-20240329-07

A vulnerability in the Picture-in-Picture PiP technology of the Google Chrome browser is related to errors in the presentation of errors in the presentation of information by the user interface. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct spoofing attack...

8.8CVSS8.4AI score0.07094EPSS
Exploits1
Redos
Redos
•added 2023/04/11 12:0 a.m.•66 views

ROS-20230411-02

Liblouis braille translator vulnerability is related to copying to buffer without checking the size of input data data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of with the compileTranslationTable.c and lousetDataPath functions. The Liblouis...

7.5CVSS7.3AI score0.01345EPSS
Exploits2
Redos
Redos
•added 2023/04/07 12:0 a.m.•66 views

ROS-20230407-02

The Redis DBMS vulnerability is related to a command injection error that exists due to a reachable assertion when processing the MSETNX command. Exploitation of the vulnerability could allow an attacker, acting remotely, to send a specially crafted MSETNX command, causing a denial of service,...

5.5CVSS6.5AI score0.54978EPSS
Exploits0
Redos
Redos
•added 2023/02/10 12:0 a.m.•66 views

ROS-20230210-01

The vulnerability of the GNU Less utility for UNIX-like UNIX text terminals is due to the fact that calling "less -R" will not filter ANSI control sequences sent to the terminal. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges on the system...

7.5CVSS7.7AI score0.01412EPSS
Exploits0
Redos
Redos
•added 2022/05/16 12:0 a.m.•66 views

ROS-20220516-05

A vulnerability in the Git distributed version control system is related to the fact that the uninstaller binary downloads DLLs in an unsafe manner from the current working directory. uninstaller binary loads DLLs in an insecure manner from the current working directory. Exploitation of the...

7.8CVSS8.3AI score0.0135EPSS
Exploits0
Redos
Redos
•added 2022/03/23 12:0 a.m.•66 views

ROS-20220323-02

A vulnerability in the glibc system library is related to a boundary error in the clntcreate function in module sunrpc module. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted input data to an application using a vulnerable version of the library...

9.8CVSS9.3AI score0.04729EPSS
Exploits3
Redos
Redos
•added 2025/04/24 12:0 a.m.•65 views

ROS-20250424-05

Vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to access credentials with HTTP redirection to another resource. access to credentials...

3.4CVSS7.2AI score0.01351EPSS
Exploits2
Redos
Redos
•added 2023/09/12 12:0 a.m.•65 views

ROS-20230911-06

Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity, and availability of protected information...

9.8CVSS6.9AI score0.02216EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•65 views

ROS-20230621-05

OpenSSL cryptographic library vulnerability is related to the use of OBJobj2txt directly or the using any of the OpenSSL OCSP, PKCS7/SMIME, CMS, CMP/CRMF, or TS subsystems without limiting the message size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denia...

6.5CVSS7AI score0.73461EPSS
Exploits0
Redos
Redos
•added 2022/03/18 12:0 a.m.•65 views

ROS-20220318-01

A vulnerability in the Webmin administration software suite is related to incorrect access restrictions in the File Manager module. Exploitation of the vulnerability could allow a remote attacker to bypass the security restrictions and compromise a vulnerable system. security restrictions and...

9CVSS8.8AI score0.96977EPSS
Exploits14
Redos
Redos
•added 2025/12/03 12:0 a.m.•64 views

ROS-20251203-13

A vulnerability in the checkout and pull functions of the Git extension for version control of large Git LFS files is related to incorrect definition of symbolic links during file access. Exploitation of the vulnerability could allow an attacker acting remotely to gain write access to arbitrary...

8.6CVSS4.7AI score0.00707EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•64 views

ROS-20250424-07

Vulnerability of xmlPatMatch function in pattern.c file of libxml2 library is related to null pointer dereferencing. pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service A vulnerability in the libxml2 library is related...

7.8CVSS7.9AI score0.01018EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•64 views

ROS-20250424-10

A vulnerability in the libtar package is related to the initiation of a malloc0 call for the gnulonglink variable. Exploitation The vulnerability could allow a remote attacker to gain access to sensitive information. information The libtar package vulnerability is related to the initiation of a...

9.1CVSS6.9AI score0.01431EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•64 views

ROS-2-438

2.438 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in th...

7.8CVSS7.8AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2023/04/11 12:0 a.m.•64 views

ROS-20230411-03

The Minio object store vulnerability is related to a user with console administrator privileges who could potentially create a user that matches the root access key, once this user is successfully created, root credentials will stop working properly. Exploitation of the of the vulnerability could...

6.5CVSS6.5AI score0.00898EPSS
Exploits1
Redos
Redos
•added 2022/03/29 12:0 a.m.•64 views

ROS-20220329-02

Vulnerability in the Moodle course management system, related to insufficient cleansing of user data in the Badges criteria code. Exploitation of the vulnerability could allow an attacker acting remotely, send a specially crafted query to the affected application and execute arbitrary SQL command...

8.8CVSS6.9AI score0.00898EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•64 views

ROS-20220208-01

Samba network file system vulnerability, related to insecure link clicks. Exploitation vulnerability could allow an attacker acting remotely to create a symbolic link to determine whether a file or directory exists in the file system area of the server Samba network file system vulnerability,...

9CVSS7.9AI score0.74042EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•64 views

ROS-2-502

2.502 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

7.3AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2024/08/16 12:0 a.m.•63 views

ROS-20240816-11

A vulnerability in the procopen function of the PHP programming language interpreter exists due to a failure to take measures to neutralize special elements used by the operating system. to neutralize special elements used in the operating system command. Exploitation exploitation of the...

9.8CVSS8.1AI score0.99987EPSS
Exploits66
Redos
Redos
•added 2022/05/18 12:0 a.m.•63 views

ROS-20220518-03

A vulnerability in the pjproject multimedia communication library is related to an infinite loop when parsing a of a WAV file. Exploitation of the vulnerability could allow an attacker acting remotely to consume all available system resources and cause denial of service conditions A vulnerability...

9.8CVSS8.5AI score0.02303EPSS
Exploits1
Redos
Redos
•added 2022/05/16 12:0 a.m.•63 views

ROS-20220516-04

Vulnerability of QuerySet.explain function of Django web application software platform is related to failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity and availability o...

9.8CVSS9.2AI score0.18661EPSS
Exploits3
Redos
Redos
•added 2022/02/01 12:0 a.m.•63 views

ROS-20220125-10

A vulnerability in the Node.js software platform is related to the formatting logic of the console.table function. Exploitation of the vulnerability could allow an attacker acting remotely to send a special request and assign an empty string to the prototype object's numeric keys A vulnerability ...

8.2CVSS6.8AI score0.21514EPSS
Exploits2
Redos
Redos
•added 2022/05/30 12:0 a.m.•62 views

ROS-20220530-03

Vulnerability of Array method of Mozilla Firefox and Mozilla Firefox ESR browsers and Thunderbird mail client is related to code generation errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary JavaScript code. remotely to execute arbitrary...

8.8CVSS8.8AI score0.26709EPSS
Exploits0
Redos
Redos
•added 2023/10/24 12:0 a.m.•61 views

ROS-20231024-02

A vulnerability in the xrdppainter.c component of the XRDP server is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to protected information information...

6.5CVSS7.1AI score0.0063EPSS
Exploits0
Redos
Redos
•added 2022/05/24 12:0 a.m.•61 views

ROS-20220524-03

The cURL command-line utility vulnerability is related to the -no-clobber toolkit, which is used in conjunction with --remove-on-error. Exploitation of the vulnerability could allow an attacker acting remotely, trick the victim into connecting to a malicious server and forcing the command-line to...

8.1CVSS7AI score0.03453EPSS
Exploits5
Redos
Redos
•added 2023/04/11 12:0 a.m.•60 views

ROS-20230411-01

The CairoSVG SVG converter vulnerability is related to insufficient validation of user input during the SVG file processing. Exploitation of the vulnerability could allow an attacker acting remotely, access sensitive data located on a local network or send malicious requests to other servers from...

9.9CVSS6.6AI score0.00722EPSS
Exploits0
Redos
Redos
•added 2022/11/10 12:0 a.m.•60 views

ROS-20221110-01

A vulnerability in the libxml2 XML document parsing library is related to an integer overflow in parse.c during content processing when the XMLPARSEHUGE parameter is set. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to the application,...

7.8CVSS8.7AI score0.22791EPSS
Exploits2
Redos
Redos
•added 2022/02/22 12:0 a.m.•60 views

ROS-20220204-01

A vulnerability in the Django web application framework is related to an infinite loop when parsing files . Exploitation of the vulnerability could allow an attacker acting remotely to upload a specially a specially crafted file to a server, utilize all available system resources, and cause a...

7.5CVSS7.3AI score0.49246EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•60 views

ROS-2-447

2.447 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

9.8CVSS7.2AI score0.10047EPSS
Exploits2
Redos
Redos
•added 2022/11/21 12:0 a.m.•59 views

ROS-20221121-02

A vulnerability in the FreeRDP remote desktop protocol implementation is related to the fact that there is no range check for the input offset index in the ZGFX decoder. Exploitation of the vulnerability could allow an attacker acting remotely to read the associated data and attempt to decode it...

5.7CVSS5.7AI score0.00967EPSS
Exploits0
Redos
Redos
•added 2022/05/24 12:0 a.m.•59 views

ROS-20220524-04

The vulnerability in the Moodle course management system is due to a problem in the logic used to count of failed login attempts. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the account lockout threshold. remotely to bypass the account lockout threshold A...

9.8CVSS7.3AI score0.04881EPSS
Exploits1
Redos
Redos
•added 2022/05/16 12:0 a.m.•59 views

ROS-20220516-06

A vulnerability in the high-level Ruby programming language is related to a type conversion bug in the some conversion methods, such as KernelFloat and Stringtof. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to a vulnerable application,...

9.8CVSS9.1AI score0.0387EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•59 views

ROS-20220210-01

A vulnerability in Mozilla Thunderbird email client and Firefox browser is related to incorrect handling of extension updates. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into install a particular type of browser extension and, during automatic...

9.6CVSS8.7AI score0.00926EPSS
Exploits1
Redos
Redos
•added 2022/02/01 12:0 a.m.•59 views

ROS-20220128-02

A vulnerability in the Python Pillow image library is related to buffer re-reading during the ImagePath.Path initialization in the pathgetbbox function in path.c. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted file to a vulnerable library and...

9.8CVSS8.7AI score0.03399EPSS
Exploits0
Redos
Redos
•added 2025/05/15 12:0 a.m.•58 views

ROS-20250515-04

The vulnerability of the docker CLI plugin that extends Buildx build capabilities is related to the fact that the software stores sensitive information in log files. software stores sensitive information in log files. Exploiting the vulnerability could allow an attacker to gain access to sensitiv...

4.1CVSS6.2AI score0.0018EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•58 views

ROS-20240403-11

Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information...

4.2CVSS6.5AI score0.00544EPSS
Exploits0
Redos
Redos
•added 2023/09/04 12:0 a.m.•58 views

ROS-20230904-01

The vulnerability of the qfqchangeclass function of the Linux kernel is related to the operation exceeding the buffer boundaries in memory while processing the QFQMINLMAX value. buffer boundaries in memory when processing the QFQMINLMAX value. Exploitation of the vulnerability could allow an...

7.8CVSS8.1AI score0.12966EPSS
Exploits19
Redos
Redos
•added 2022/05/16 12:0 a.m.•58 views

ROS-20220516-11

Vim text editor vulnerability is related to NULL pointer dereferencing error in function vimregexecstring in regexp.c. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into accessing the Vim text editor. remotely, trick the victim into opening a speciall...

7.8CVSS8.2AI score0.02452EPSS
Exploits2
Redos
Redos
•added 2024/08/23 12:0 a.m.•57 views

ROS-20240823-01

Vulnerability of amdgpurasgetcontext function in drm/amdgpu component of Linux operating system kernel is related to null pointer dereferencing on drmcvtmode failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of brcmfnotifyescancomplete...

8.8CVSS6.8AI score0.01167EPSS
Exploits0
Redos
Redos
•added 2023/11/07 12:0 a.m.•57 views

ROS-20231107-01

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.3AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2022/07/06 12:0 a.m.•57 views

ROS-20220706-02

The Rubygem Rack web application development interface vulnerability is related to incorrect input validation when processing data transmitted through the Rack Lint middleware and CommonLogger middleware. Exploitation of the vulnerability could allow an attacker acting remotely to send specially...

10CVSS8.9AI score0.02056EPSS
Exploits0
Redos
Redos
•added 2022/05/18 12:0 a.m.•57 views

ROS-20220518-01

A vulnerability in the Mozilla Firefox browser is related to improper permission management in the application. Exploitation of the vulnerability could allow an attacker acting remotely to create a web page that Bypasses the existing browser hint and inherits top-level permissions improperly The...

9.8CVSS8.8AI score0.01005EPSS
Exploits3
Total number of security vulnerabilities5000