Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2025/02/26 12:0 a.m.•16 views

ROS-20250226-07

Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource due to lack of case-sensitivity when writing servlets to the file system. as a result of file system case insensitivity when writing servlets. Exploitation exploitation of the...

9.8CVSS9.9AI score0.08856EPSS
Exploits13
Redos
Redos
•added 2025/02/14 12:0 a.m.•16 views

ROS-20250214-06

A vulnerability in the iio component of the Linux operating system kernel is related to incorrect input validation in the afe4403readraw function in drivers/iio/health/afe4403.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the netfilte...

7.8CVSS7.7AI score0.00286EPSS
Exploits0
Redos
Redos
•added 2025/02/13 12:0 a.m.•16 views

ROS-20250213-01

A vulnerability in the iavf component of the Linux kernel is related to an incorrect locking in the function iavfinitmodule in drivers/net/ethernet/intel/iavf/iavfmain.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in...

7.8CVSS6.8AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2025/02/11 12:0 a.m.•17 views

ROS-20250211-01

Vulnerability of the qethl2br2devworker function in the drivers/s390/net/qethl2main.c module of the drivers/s390/net/qethl2main.c kernel of the Linux operating system on the s390 platform is related to the reuse of previously released memory of the s390 Linux kernel is related to the reuse of...

7.8CVSS7.8AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2025/01/17 12:0 a.m.•16 views

ROS-20250117-07

A vulnerability in the dmaengine component of the Linux operating system kernel is related to the transfer of private resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the powerpc/fixmap component of the Linux kernel is related to...

5.5CVSS7.3AI score0.0024EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•16 views

ROS-20250110-12

Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource "Race Situation". "Race Situation". Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code by downloading specially crafted JSP files Apache Tomcat...

9.8CVSS7.4AI score0.43663EPSS
Exploits13
Redos
Redos
•added 2024/12/16 12:0 a.m.•16 views

ROS-20241216-04

A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...

8.8CVSS7AI score0.00797EPSS
Exploits1
Redos
Redos
•added 2024/12/03 12:0 a.m.•16 views

ROS-20240203-05

Apache Tomcat application server vulnerability is related to an unchecked error condition. Exploitation The vulnerability could allow an attacker acting remotely to bypass the authentication process and cause a denial of service Apache Tomcat application server vulnerability is related to...

9.8CVSS8.2AI score0.06287EPSS
Exploits2
Redos
Redos
•added 2024/11/27 12:0 a.m.•16 views

ROS-20241127-01

A vulnerability in the bna component of the Linux operating system kernel is related to out-of-bounds read errors in the bnaddebugfswriteregrd and bnaddebugfswriteregwr functions in the drivers/net/ethernet/brocade/bna/bnaddebugfs.c. Exploitation of the vulnerability could allow an attacker to...

9.8CVSS8.2AI score0.00747EPSS
Exploits0
Redos
Redos
•added 2024/11/25 12:0 a.m.•16 views

ROS-20241125-02

A vulnerability in the hns3 component of the Linux operating system kernel is related to out-of-bounds read errors in the hns3getcoalinfo function in drivers/net/ethernet/hisilicon/hns3/hns3debugfs.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

7.8CVSS6.7AI score0.00253EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•16 views

ROS-20231121-04

Vulnerability in Nextcloud cloud storage creation and utilization software is related to improper access controls. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain access to sensitive information Nextcloud cloud storage creation and utilization software...

6.5CVSS7AI score0.00652EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•16 views

ROS-20241121-06

A vulnerability in the Consul service configuration tool is related to the use of URL paths in L7 traffic. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access rules based on HTTP request paths. HTTP request paths The vulnerability in the Consul service...

8.1CVSS5.9AI score0.00725EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241113-02

A vulnerability in the HDMA component of the Linux operating system kernel is related to race conditions in the functions dwhdmav0corewritechunk and dwhdmav0corestart in drivers/dma/dw-edma/dw-hdma-v0-core.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the...

5.5CVSS7AI score0.00246EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241112-08

A vulnerability in the Raft Consensus Algorithm of the Raft data distribution algorithm of the Integrated storage Raft storage of HashiCorp Vault and Vault Enterprise platforms for archiving corporate information is associated with unlimited resource consumption as a result of nodes incorrectly...

7.5CVSS6.7AI score0.00479EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•16 views

ROS-20241029-04

A vulnerability in the containers-common library of the Golang programming language is related to incorrect handling of certain file paths due to incorrect validation. certain file paths due to improper validation. Exploitation of the vulnerability could allow an attacker acting remotely to explo...

8.2CVSS7.1AI score0.0099EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•16 views

ROS-20241029-05

A vulnerability in the Podman OCI container management and startup software tool is related to bugs in the option bind-propagation of the Dockerfile RUN --mount instruction. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...

4.7CVSS6.9AI score0.00287EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•16 views

ROS-20241023-09

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•16 views

ROS-20241023-02

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•16 views

ROS-20241008-05

A vulnerability in the ProcXkbGetKbdByName function of the xkb/xkb.c component of the Wayland protocol implementation for X.Org XWayland, an implementation of the X Window System X.Org Server is related to incorrect memory freeing before deleting the last link. Exploitation of the vulnerability...

8.8CVSS7.5AI score0.01681EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•16 views

ROS-20241004-02

Vulnerability of the mremap function of Linux kernel operating systems is related to memory usage after its release as a result of a race situation when processing the rmap memory management structure. Exploitation of the vulnerability could allow an attacker to cause a denial of service or eleva...

7CVSS6.7AI score0.00232EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•16 views

ROS-20241002-04

A vulnerability in the xenvifgetrequests function in the drivers/net/xen-netback/netback.c module of the cross-platform Xen hypervisor of the Linux kernel is related to the null pointer dereferencing in the function xenvifgetrequests. Exploiting the vulnerability could allow an attacker to cause ...

7.5CVSS6.6AI score0.01177EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•16 views

ROS-20240927-02

A vulnerability in the Google Chrome browser is related to the execution of certain user interface gestures Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed the user interface using a specially crafted HTML page A vulnerability in Google Chrome browse...

8.8CVSS6.6AI score0.00265EPSS
Exploits3
Redos
Redos
•added 2024/09/18 12:0 a.m.•16 views

ROS-20240918-02

A vulnerability in the WebKitGTK web page display module is related to disclosure of information in an erroneous data area of data. Exploitation of the vulnerability allows an attacker acting remotely to gain access to the sensitive data...

6.5CVSS6.7AI score0.01259EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•16 views

ROS-20240917-08

Vulnerability of classes ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network of the ipaddress module of the Python programming language interpreter CPython is related to the incorrect IP address range validation. Exploitation of the vulnerability could...

7.5CVSS6.8AI score0.01034EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•16 views

ROS-20240916-08

Vulnerability of MongoDB database management system is related to errors in TLS certificate validation procedure. of TLS certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, establish an unauthorized connection to the MongoDB server...

9.8CVSS7.1AI score0.005EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•16 views

ROS-20240916-07

A vulnerability in the fetch function of the Node.js software platform involves uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service DoS...

6.5CVSS7AI score0.01309EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•16 views

ROS-20240911-08

The vulnerability of the configobj ini file reader and writer is related to the placement of a malicious value into a server-side configuration file by a developer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.9CVSS6.7AI score0.01259EPSS
Exploits1
Redos
Redos
•added 2024/09/02 12:0 a.m.•16 views

ROS-20240902-16

The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials A vulnerability in the net/http module o...

9.1CVSS6.7AI score0.01414EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-05

The Unbound DNS server vulnerability is related to the ability of a process outside of the unbound group to reconfigure the of the unbound execution environment. Exploitation of the vulnerability allows an attacker acting remotely to impact the integrity and availability of the system. Impact the...

8CVSS6.8AI score0.00318EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-11

Vulnerability in the HTTP2 Stream Handler component of Apache Tomcat application server is related to insufficient exceptional state handling. exceptional state handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a...

7.5CVSS6.5AI score0.04602EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-02

Vulnerability of rfbClientCleanup function of libvncclient component of LibVNCServer cross-platform library is related to a memory leak. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.6AI score0.00947EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240828-02

A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.8CVSS7.6AI score0.00748EPSS
Exploits1
Redos
Redos
•added 2024/08/15 12:0 a.m.•16 views

ROS-20240815-04

A vulnerability in the ieeewritefile component of the Netwide Assembler NASM is related to a segmentation violation in the ieeewritefile component in /output/outieee.c segmentation in the ieeewritefile component in /output/outieee.c. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS7.5AI score0.00357EPSS
Exploits2
Redos
Redos
•added 2024/08/12 12:0 a.m.•16 views

ROS-20240812-06

A vulnerability in GLPI's asset management and data center software is related to the The introduction of a malicious link by an unauthenticated user. Exploitation of the vulnerability could allow an attacker acting remotely to conduct an XSS attack Vulnerability in GLPI's request, incident and...

9.8CVSS7.3AI score0.49425EPSS
Exploits1
Redos
Redos
•added 2024/08/12 12:0 a.m.•16 views

ROS-20240812-01

The vulnerability in the Kerberos 5 Heimdal implementation is due to bugs in the Heimdal PKI certificate checks, affecting KDC via PKINIT and kinit via PKINIT, as well as any third-party applications, that utilize libhx509 Heimdal. Exploitation of the vulnerability could allow an attacker acting...

7.5CVSS6.8AI score0.00891EPSS
Exploits0
Redos
Redos
•added 2024/08/12 12:0 a.m.•16 views

ROS-20240812-13

A vulnerability in GLPI's asset and data center management software involves server-side request forgery. Exploitation of the vulnerability could allow an attacker acting remotely to perform an SSRF-based attack using the creation of an arbitrary object. remotely to execute an SSRF-based attack...

9.6CVSS7.5AI score0.58818EPSS
Exploits2
Redos
Redos
•added 2024/08/07 12:0 a.m.•16 views

ROS-20240807-04

MuPDF PDF viewer's fznewpixmapfromfloatdata function vulnerability is related to the division by zero. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in bmpdecompressrle4 function of MuPDF PDF viewer is related to division by...

7.5CVSS6.6AI score0.00914EPSS
Exploits3
Redos
Redos
•added 2024/08/05 12:0 a.m.•16 views

ROS-20240805-06

An Envoy proxy vulnerability is related to incorrect validation of an erroneous pointer value. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to crash. application crash...

7.5CVSS6.8AI score0.00679EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•16 views

ROS-20240730-02

Lasso library vulnerability is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity and availability of protected information...

7.5CVSS6.7AI score0.01325EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•16 views

ROS-20240729-04

A vulnerability in the JsonErrorReportValve class of the Apache Tomcat application server is related to a flaw in the mechanism of for encoding or escaping output data. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the integrity of protected information...

7.5CVSS6.5AI score0.02505EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•16 views

ROS-20240726-06

The vulnerability in the WebKitGTK and WPE WebKit web page display modules is related to the existence of a method of limited sandbox traversal, which allows an isolated process to trick host processes into thinking that the isolated process is not sandboxed. them into thinking that the isolated...

5.3CVSS6.5AI score0.00501EPSS
Exploits1
Redos
Redos
•added 2024/07/17 12:0 a.m.•16 views

ROS-20231019-02

A vulnerability in Nextcloud cloud storage creation and utilization software is related to gaining write/read privileges on any file share. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...

7.5CVSS7AI score0.00575EPSS
Exploits0
Redos
Redos
•added 2024/07/13 12:0 a.m.•16 views

ROS-20240711-01

Vulnerability The frames.html file is a tool for creating documentation for the Ruby programming language YARD is related to improper handling of user-controlled data obtained from a URL hash in the embedded JavaScript code in the "frames.erb" template file. Exploitation of the vulnerability coul...

6.1CVSS5.8AI score0.0106EPSS
Exploits1
Redos
Redos
•added 2024/07/04 12:0 a.m.•16 views

ROS-20240704-03

Vulnerability in gnome Vte terminal is related to escape-sequence window resizing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

4.4CVSS6.6AI score0.00238EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•16 views

ROS-20240702-05

A vulnerability in the qstr method in the adodb library PDO driver is associated with the ability for remote attackers to to conduct SQL injection attacks using vectors associated with misquoted vectors. Exploitation of the vulnerability could allow an attacker acting remotely to conduct an attac...

9.8CVSS7.8AI score0.02984EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•16 views

ROS-20240611-11

A vulnerability in the CDP PDU Packet Handler component of the LLDP protocol implementation under Unix Lldpd is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information. remotely to gain...

9.8CVSS6.6AI score0.00954EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•16 views

ROS-20240611-06

A vulnerability in the OpenSSL Handler component of the Iperf3 network bandwidth measurement tool is related to the use of synchronization side-channel in RSA decryption operations. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...

5.9CVSS7.3AI score0.01107EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1440

2.1440 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS8.6AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1598

2.1598 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS7.7AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•16 views

ROS-2-1000

2.1000 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS10AI score0.01157EPSS
Exploits0
Total number of security vulnerabilities5000