Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
added 2024/09/16 12:0 a.m.15 views

ROS-20240916-03

A vulnerability in the Node.js software platform is related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to disable the validation of the integrity A vulnerability in the APIgenerateKeys function of the Node.js software platform is...

9.8CVSS8.1AI score0.02209EPSS
Exploits2
Redos
Redos
added 2024/08/28 12:0 a.m.15 views

ROS-20240827-17

Vulnerability in the /api/v1/alerts file of the Prometheus monitoring system component for processing alerts Alertmanager is related to incorrect neutralization of input data during web page generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.5CVSS7.7AI score0.00568EPSS
Exploits0
Redos
Redos
added 2024/08/28 12:0 a.m.15 views

ROS-20240828-02

A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.8CVSS7.6AI score0.00748EPSS
Exploits1
Redos
Redos
added 2024/08/28 12:0 a.m.15 views

ROS-20240827-02

Vulnerability of rfbClientCleanup function of libvncclient component of LibVNCServer cross-platform library is related to a memory leak. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.6AI score0.00947EPSS
Exploits0
Redos
Redos
added 2024/08/28 12:0 a.m.15 views

ROS-20240827-19

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...

6.1CVSS6.1AI score0.01119EPSS
Exploits1
Redos
Redos
added 2024/08/26 12:0 a.m.15 views

ROS-20240826-21

Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...

6.5CVSS7.7AI score0.0148EPSS
Exploits1
Redos
Redos
added 2024/08/20 12:0 a.m.15 views

ROS-20240820-13

A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...

3.1CVSS3.6AI score0.00601EPSS
Exploits0
Redos
Redos
added 2024/08/15 12:0 a.m.15 views

ROS-20240815-04

A vulnerability in the ieeewritefile component of the Netwide Assembler NASM is related to a segmentation violation in the ieeewritefile component in /output/outieee.c segmentation in the ieeewritefile component in /output/outieee.c. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS7.5AI score0.00357EPSS
Exploits2
Redos
Redos
added 2024/08/12 12:0 a.m.15 views

ROS-20240812-01

The vulnerability in the Kerberos 5 Heimdal implementation is due to bugs in the Heimdal PKI certificate checks, affecting KDC via PKINIT and kinit via PKINIT, as well as any third-party applications, that utilize libhx509 Heimdal. Exploitation of the vulnerability could allow an attacker acting...

7.5CVSS6.8AI score0.00891EPSS
Exploits0
Redos
Redos
added 2024/08/12 12:0 a.m.15 views

ROS-20240812-06

A vulnerability in GLPI's asset management and data center software is related to the The introduction of a malicious link by an unauthenticated user. Exploitation of the vulnerability could allow an attacker acting remotely to conduct an XSS attack Vulnerability in GLPI's request, incident and...

9.8CVSS7.3AI score0.49425EPSS
Exploits1
Redos
Redos
added 2024/08/07 12:0 a.m.15 views

ROS-20240807-04

MuPDF PDF viewer's fznewpixmapfromfloatdata function vulnerability is related to the division by zero. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in bmpdecompressrle4 function of MuPDF PDF viewer is related to division by...

7.5CVSS6.6AI score0.00914EPSS
Exploits3
Redos
Redos
added 2024/08/05 12:0 a.m.15 views

ROS-20240805-06

An Envoy proxy vulnerability is related to incorrect validation of an erroneous pointer value. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to crash. application crash...

7.5CVSS6.8AI score0.00679EPSS
Exploits0
Redos
Redos
added 2024/07/30 12:0 a.m.15 views

ROS-20240730-02

Lasso library vulnerability is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity and availability of protected information...

7.5CVSS6.7AI score0.01325EPSS
Exploits0
Redos
Redos
added 2024/07/26 12:0 a.m.15 views

ROS-20240726-06

The vulnerability in the WebKitGTK and WPE WebKit web page display modules is related to the existence of a method of limited sandbox traversal, which allows an isolated process to trick host processes into thinking that the isolated process is not sandboxed. them into thinking that the isolated...

5.3CVSS6.5AI score0.00501EPSS
Exploits1
Redos
Redos
added 2024/07/17 12:0 a.m.15 views

ROS-20231019-02

A vulnerability in Nextcloud cloud storage creation and utilization software is related to gaining write/read privileges on any file share. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...

7.5CVSS7AI score0.00575EPSS
Exploits0
Redos
Redos
added 2024/06/26 12:0 a.m.15 views

ROS-20240626-16

A vulnerability in the CRI-O container mechanism is related to the creation of a symbolic link pointing to an arbitrary directory or file on the host through directory traversal. an arbitrary directory or file on the host through directory traversal. Exploitation of the vulnerability could allow ...

8.1CVSS6.9AI score0.01237EPSS
Exploits0
Redos
Redos
added 2024/06/11 12:0 a.m.15 views

ROS-20240611-06

A vulnerability in the OpenSSL Handler component of the Iperf3 network bandwidth measurement tool is related to the use of synchronization side-channel in RSA decryption operations. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...

5.9CVSS7.3AI score0.01107EPSS
Exploits0
Redos
Redos
added 2024/06/11 12:0 a.m.15 views

ROS-20240611-11

A vulnerability in the CDP PDU Packet Handler component of the LLDP protocol implementation under Unix Lldpd is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information. remotely to gain...

9.8CVSS6.6AI score0.00954EPSS
Exploits0
Redos
Redos
added 2024/05/14 12:0 a.m.15 views

ROS-20240514-16

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
added 2024/04/18 12:0 a.m.15 views

ROS-20240418-01

Unbound DNS server vulnerability is related to execution of a loop with an unreachable exit condition. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.2AI score0.02516EPSS
Exploits1
Redos
Redos
added 2024/04/11 12:0 a.m.15 views

ROS-20240411-12

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.15 views

ROS-2-1606

2.1606 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.15 views

ROS-2-1598

2.1598 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS7.7AI score0.03582EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.15 views

ROS-2-1586

2.1586 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
added 2024/03/13 12:0 a.m.15 views

ROS-2-1221

2.1221 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.5AI score0.03636EPSS
Exploits7
Redos
Redos
added 2024/03/13 12:0 a.m.15 views

ROS-2-1743

2.1743 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

10CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.15 views

ROS-2-1353

2.1353 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-136

2.136 Notification on update of the Anti-Malware Protection System "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your...

7.2AI score
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-1566

2.1566 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.7AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-1532

2.1532 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-130

2.130 Notification on update of the RAND OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-1544

2.1544 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits2
Redos
Redos
added 2023/07/06 12:0 a.m.15 views

ROS-2-1238

2.1238 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromis...

7.7AI score0.01764EPSS
Exploits3
Redos
Redos
added 2022/10/17 12:0 a.m.15 views

ROS-20221017-02

The Open Asset Import Library Assimp 3D model import library vulnerability is related to a segmentation violation via the Assimp::XFileImporter::CreateMeshes component. segmentation via Assimp::XFileImporter::CreateMeshes component. Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS6.2AI score0.00624EPSS
Exploits1
Redos
Redos
added 2022/06/28 12:0 a.m.15 views

ROS-20220628-02

A vulnerability in the Bluetooth protocol stack for Linux BlueZ is related to insufficient validation of user input during A2DP profile processing. user input during A2DP profile processing. Exploitation of the vulnerability could allow an attacker, remotely, transmit specially crafted data to th...

7.8AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.15 views

ROS-2-1213

2.1213 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.8AI score0.03582EPSS
Exploits1
Redos
Redos
added 2021/12/24 12:0 a.m.15 views

ROS-2-1625

2.1625 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.9AI score0.03582EPSS
Exploits1
Redos
Redos
added 2021/12/24 12:0 a.m.15 views

ROS-2-1719

2.1719 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker could pass specially crafted data to an application, cause an integer overflow, and execute arbitrar...

8.8CVSS8.3AI score0.04028EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.15 views

ROS-2-1655

2.1655 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1650

2.1650 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-829

2.829 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1460

2.1460 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.83406EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-936

2.936 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

9.8CVSS9.2AI score0.03636EPSS
Exploits8
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-863

2.863 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

6.1CVSS9.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1687

2.1687 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

6.1CVSS7.2AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1670

2.1670 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1472

2.1472 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-971

2.971 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1526

2.1526 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.2AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-1012

2.1012 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Total number of security vulnerabilities5000