Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2025/02/26 12:0 a.m.•16 views

ROS-20250226-07

Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource due to lack of case-sensitivity when writing servlets to the file system. as a result of file system case insensitivity when writing servlets. Exploitation exploitation of the...

9.8CVSS9.9AI score0.08856EPSS
Exploits13
Redos
Redos
•added 2025/02/14 12:0 a.m.•16 views

ROS-20250214-06

A vulnerability in the iio component of the Linux operating system kernel is related to incorrect input validation in the afe4403readraw function in drivers/iio/health/afe4403.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the netfilte...

7.8CVSS7.7AI score0.00286EPSS
Exploits0
Redos
Redos
•added 2025/02/11 12:0 a.m.•17 views

ROS-20250211-01

Vulnerability of the qethl2br2devworker function in the drivers/s390/net/qethl2main.c module of the drivers/s390/net/qethl2main.c kernel of the Linux operating system on the s390 platform is related to the reuse of previously released memory of the s390 Linux kernel is related to the reuse of...

7.8CVSS7.8AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•16 views

ROS-20250110-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is associated with authorization errors due to a buffer overrun. authorization errors as a result of an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow...

7.5CVSS6.9AI score0.00267EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•16 views

ROS-20250110-12

Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource "Race Situation". "Race Situation". Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code by downloading specially crafted JSP files Apache Tomcat...

9.8CVSS7.4AI score0.43663EPSS
Exploits13
Redos
Redos
•added 2024/12/03 12:0 a.m.•16 views

ROS-20240203-05

Apache Tomcat application server vulnerability is related to an unchecked error condition. Exploitation The vulnerability could allow an attacker acting remotely to bypass the authentication process and cause a denial of service Apache Tomcat application server vulnerability is related to...

9.8CVSS8.2AI score0.06287EPSS
Exploits2
Redos
Redos
•added 2024/12/02 12:0 a.m.•16 views

ROS-20241202-01

A vulnerability in the hns3 component of the Linux kernel is related to memory leaks in the function hns3pmuirqregister in drivers/perf/hisilicon/hns3pmu.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the openrisc component of the Linu...

8.2CVSS7AI score0.00651EPSS
Exploits0
Redos
Redos
•added 2024/11/27 12:0 a.m.•16 views

ROS-20241127-01

A vulnerability in the bna component of the Linux operating system kernel is related to out-of-bounds read errors in the bnaddebugfswriteregrd and bnaddebugfswriteregwr functions in the drivers/net/ethernet/brocade/bna/bnaddebugfs.c. Exploitation of the vulnerability could allow an attacker to...

9.8CVSS8.2AI score0.00747EPSS
Exploits0
Redos
Redos
•added 2024/11/25 12:0 a.m.•16 views

ROS-20241125-02

A vulnerability in the hns3 component of the Linux operating system kernel is related to out-of-bounds read errors in the hns3getcoalinfo function in drivers/net/ethernet/hisilicon/hns3/hns3debugfs.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

7.8CVSS6.7AI score0.00253EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•16 views

ROS-20241121-06

A vulnerability in the Consul service configuration tool is related to the use of URL paths in L7 traffic. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access rules based on HTTP request paths. HTTP request paths The vulnerability in the Consul service...

8.1CVSS5.9AI score0.00725EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241112-06

The XML toolkit vulnerability for Ruby REXML is related to inefficient regular expression complexity expressions. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of service attack using regular expressions. denial-of-service attack using regular...

8.7CVSS7.2AI score0.01429EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241112-08

A vulnerability in the Raft Consensus Algorithm of the Raft data distribution algorithm of the Integrated storage Raft storage of HashiCorp Vault and Vault Enterprise platforms for archiving corporate information is associated with unlimited resource consumption as a result of nodes incorrectly...

7.5CVSS6.7AI score0.00479EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241113-02

A vulnerability in the HDMA component of the Linux operating system kernel is related to race conditions in the functions dwhdmav0corewritechunk and dwhdmav0corestart in drivers/dma/dw-edma/dw-hdma-v0-core.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the...

5.5CVSS7AI score0.00246EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•16 views

ROS-20241029-04

A vulnerability in the containers-common library of the Golang programming language is related to incorrect handling of certain file paths due to incorrect validation. certain file paths due to improper validation. Exploitation of the vulnerability could allow an attacker acting remotely to explo...

8.2CVSS7.1AI score0.0099EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•16 views

ROS-20241023-02

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•16 views

ROS-20241023-09

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•16 views

ROS-20241008-05

A vulnerability in the ProcXkbGetKbdByName function of the xkb/xkb.c component of the Wayland protocol implementation for X.Org XWayland, an implementation of the X Window System X.Org Server is related to incorrect memory freeing before deleting the last link. Exploitation of the vulnerability...

8.8CVSS7.5AI score0.01681EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•16 views

ROS-20241001-15

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Rails Rails Html Sanitizer applications is related to incorrect use of select and style elements when overriding allowed tags. Exploitation of the vulnerability could allow an attacker acting remotely to perfor...

6.1CVSS6.6AI score0.2914EPSS
Exploits1
Redos
Redos
•added 2024/09/23 12:0 a.m.•16 views

ROS-20240923-07

NBD protocol vulnerability in libnbd library is related to incorrect verification of NBD server certificate when using TLS to connect to NBD server. using TLS to connect to the NBD server. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the integrity of the...

7.4CVSS6.8AI score0.0039EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•16 views

ROS-20240918-16

A vulnerability in the deserialize JavaScript library function for Jwcrypto is related to an uncontrolled resource consumption. uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting a specially...

6.8CVSS6.6AI score0.0098EPSS
Exploits1
Redos
Redos
•added 2024/09/18 12:0 a.m.•16 views

ROS-20240918-02

A vulnerability in the WebKitGTK web page display module is related to disclosure of information in an erroneous data area of data. Exploitation of the vulnerability allows an attacker acting remotely to gain access to the sensitive data...

6.5CVSS6.7AI score0.01259EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•16 views

ROS-20240916-08

Vulnerability of MongoDB database management system is related to errors in TLS certificate validation procedure. of TLS certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, establish an unauthorized connection to the MongoDB server...

9.8CVSS7.1AI score0.005EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•16 views

ROS-20240910-05

Nomad application orchestrator vulnerability related to vulnerability to write outside of catalog distribution during migration. Exploitation of the vulnerability could allow an attacker acting remotely, to impact the confidentiality, integrity, and availability of the...

5.8CVSS6.8AI score0.00333EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-08

Vulnerability in FontForge font editing software exists due to failure to take measures to neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

6.5CVSS6.9AI score0.0187EPSS
Exploits2
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-05

The Unbound DNS server vulnerability is related to the ability of a process outside of the unbound group to reconfigure the of the unbound execution environment. Exploitation of the vulnerability allows an attacker acting remotely to impact the integrity and availability of the system. Impact the...

8CVSS6.8AI score0.00318EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•16 views

ROS-20240815-13

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Rails Html Sanitizer applications is related to content injection if the application developer overrides the allowed tags "math" and "style" or "svg" and "style". Exploitation of the vulnerability could allow a...

7.5CVSS6.5AI score0.01454EPSS
Exploits2
Redos
Redos
•added 2024/08/15 12:0 a.m.•17 views

ROS-20240815-03

Vulnerability in the handleipDefaultTTL function of the Net-SNMP software suite of the operating system Linux is related to a NULL Pointer Exception error, which can be exploited to crash an instance with a specially crafted UDP packet. Exploitation of the vulnerability could allow an attacker...

6.5CVSS7AI score0.5346EPSS
Exploits2
Redos
Redos
•added 2024/08/12 12:0 a.m.•16 views

ROS-20240812-13

A vulnerability in GLPI's asset and data center management software involves server-side request forgery. Exploitation of the vulnerability could allow an attacker acting remotely to perform an SSRF-based attack using the creation of an arbitrary object. remotely to execute an SSRF-based attack...

9.6CVSS7.5AI score0.58818EPSS
Exploits2
Redos
Redos
•added 2024/08/08 12:0 a.m.•16 views

ROS-20240808-03

A vulnerability in the HTTP server of the Node.js software platform is related to uncontrolled resource consumption as a result of reading an unlimited number of bytes from a single connection while processing HTTP requests. as a result of reading an unlimited number of bytes from a single...

7.5CVSS6.9AI score0.03168EPSS
Exploits0
Redos
Redos
•added 2024/08/06 12:0 a.m.•16 views

ROS-20240806-12

Vulnerability of CPAN.pm component of Perl programming language is related to errors in the procedure of TLS certificate authentication. of TLS certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to confidential data, compromise its...

8.1CVSS6.7AI score0.01561EPSS
Exploits1
Redos
Redos
•added 2024/07/30 12:0 a.m.•16 views

ROS-20240730-05

Vulnerability of search filter ldbmsearch.c of 389 Directory Server is related to access delimitation flaws. Exploitation of the vulnerability could allow an intruder acting remotely to gain unauthorized access to protected information...

7.5CVSS6.7AI score0.01394EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•16 views

ROS-20240729-06

A vulnerability in the TLS and SSL protocol implementation of the Mbed TLS software is related to the ability to of writing outside of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely, overwrite data in the memory buffer and recover a private RSA key...

9.8CVSS6.8AI score0.01147EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•16 views

ROS-20240729-04

A vulnerability in the JsonErrorReportValve class of the Apache Tomcat application server is related to a flaw in the mechanism of for encoding or escaping output data. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the integrity of protected information...

7.5CVSS6.5AI score0.02505EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•16 views

ROS-20240724-02

A vulnerability in the Dawn component of Microsoft Edge and Google Chrome browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code using a specially crafted HTML page A vulnerability in the SwiftShader...

8.8CVSS6.8AI score0.00546EPSS
Exploits4
Redos
Redos
•added 2024/07/13 12:0 a.m.•16 views

ROS-20240711-01

Vulnerability The frames.html file is a tool for creating documentation for the Ruby programming language YARD is related to improper handling of user-controlled data obtained from a URL hash in the embedded JavaScript code in the "frames.erb" template file. Exploitation of the vulnerability coul...

6.1CVSS5.8AI score0.0106EPSS
Exploits1
Redos
Redos
•added 2024/07/04 12:0 a.m.•16 views

ROS-20240704-03

Vulnerability in gnome Vte terminal is related to escape-sequence window resizing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

4.4CVSS6.6AI score0.00238EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•16 views

ROS-20240702-05

A vulnerability in the qstr method in the adodb library PDO driver is associated with the ability for remote attackers to to conduct SQL injection attacks using vectors associated with misquoted vectors. Exploitation of the vulnerability could allow an attacker acting remotely to conduct an attac...

9.8CVSS7.8AI score0.02984EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•16 views

ROS-20240702-04

A vulnerability in the DecodeConfig component of the Golang programming language is related to the possibility that certain characters in the subject alternative name fields in TLS certificates are mistakenly allowed to have a special value in regular expressions. value in regular expressions...

7.5CVSS6.7AI score0.00376EPSS
Exploits1
Redos
Redos
•added 2024/06/06 12:0 a.m.•16 views

ROS-20240606-04

A vulnerability in the OTP component of the Erlang programming language is related to flaws in the authentication procedure. Exploitation of the vulnerability allows a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. data, compromise its...

9.8CVSS7.4AI score0.01167EPSS
Exploits0
Redos
Redos
•added 2024/06/03 12:0 a.m.•16 views

ROS-20240603-02

A vulnerability in the Format Detection component of the Mojolicious module for Perl is related to errors in releasing resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the securecompare function of the...

7.5CVSS6.3AI score0.00549EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1440

2.1440 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS8.6AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1299

2.1299 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1503

2.1503 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1000

2.1000 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS10AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2023/09/12 12:0 a.m.•16 views

ROS-20230911-09

A vulnerability in the XML document merge mechanism XInclude of the vector graphics rendering library librsvg is related to incorrect restriction of path name to restricted directory when processing element xi:include. Exploitation of the vulnerability may allow an intruder to gain unauthorized...

5.5CVSS7.2AI score0.02132EPSS
Exploits1
Redos
Redos
•added 2023/09/04 12:0 a.m.•16 views

ROS-20230904-02

Vulnerability of the dojournalend function in the fs/reiserfs/journal.c module of the reiserfs file system of the Linux kernel is related to a buffer overrun. of the Linux operating system is related to a buffer overrun. Exploitation of the vulnerability could allow an attacker to cause a denial ...

7.8CVSS8.5AI score0.12966EPSS
Exploits19
Redos
Redos
•added 2023/07/06 12:0 a.m.•16 views

ROS-2-1465

2.1465 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2023/07/06 12:0 a.m.•16 views

ROS-2-1686

2.1686 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•16 views

ROS-2-1436

2.1436 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia :...

4.3CVSS7.3AI score0.0094EPSS
Exploits2
Redos
Redos
•added 2021/12/24 12:0 a.m.•16 views

ROS-2-872

2.872 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.3AI score0.0262EPSS
Exploits0
Total number of security vulnerabilities5000