Lucene search
K
RedosMost viewed

8244 matches found

Redos
Redos
•added 2024/11/08 12:0 a.m.•14 views

ROS-20241108-03

Vulnerability of multiqtune function of schmultiq component of Linux kernel is related to writing outside of dynamic memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code in kernel mode by executing specially specially...

7.8CVSS7.8AI score0.00284EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•14 views

ROS-20241029-07

The vulnerability in Buildah container image management tool is related to input validation errors in the directory traversal sequences in cache mounts. Exploitation of the vulnerability could allow an infringing user to escalate privileges on the system...

7.8CVSS7.4AI score0.00392EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•14 views

ROS-20241021-04

A vulnerability in the Dovecot mail server is related to the fact that the application does not control the consumption of internal resources properly when parsing too large email headers. internal resources properly when parsing excessively large email headers. Exploitation of the vulnerability...

7.5CVSS6.6AI score0.01284EPSS
Exploits1
Redos
Redos
•added 2024/10/22 12:0 a.m.•14 views

ROS-20241021-06

A vulnerability in the ASGI Starlette toolkit for creating asynchronous Python web services is related to the following the ability for a remote unauthenticated user to view files in a web service. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensiti...

7.5CVSS6.9AI score0.02032EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•14 views

ROS-20241001-13

A vulnerability in the Botan C++ cryptographic library is related to asymmetric resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the C++ Botan cryptographic library is related to errors in parsing...

5.3CVSS6.6AI score0.00845EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•14 views

ROS-20241002-02

Vulnerability of the tcindex indexing filter net/sched/clstcindex.c in the kernel of the of the Linux operating system is related to incorrect filter management, which leads to the repeated freeing previously freed memory. Exploitation of the vulnerability could allow an attacker to elevate...

7.8CVSS7AI score0.01029EPSS
Exploits1
Redos
Redos
•added 2024/09/24 12:0 a.m.•14 views

ROS-20240924-02

Vulnerability in Thunderbird email client and Firefox browsers, Firefox ESR is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in Firefox ESR, Firefox web browsers...

9.8CVSS7.1AI score0.01233EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•14 views

ROS-20240923-04

A vulnerability in the Node.js software platform is related to flaws in HTTP request processing. Exploitation vulnerability could allow an attacker acting remotely to send a covert HTTP request HTTP Request Smuggling attack. HTTP Request Smuggling...

6.5CVSS7AI score0.01155EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•14 views

ROS-20240917-04

A vulnerability in the crypto.X509Certificate function of the Node.js software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

5.3CVSS6.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•14 views

ROS-20240916-11

Vulnerability of the sssctl command of the remote directory access control service and authentication mechanism SSSD is related to the lack of input data cleanup measures. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, a...

9.3CVSS7.5AI score0.02524EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•14 views

ROS-20240916-05

A vulnerability in the email module of the Python programming language interpreter is due to insufficient inadequate input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the security mechanism...

5.3CVSS7.2AI score0.02507EPSS
Exploits1
Redos
Redos
•added 2024/09/11 12:0 a.m.•14 views

ROS-20240911-03

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to ignoring the certificate validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...

5.6CVSS7.3AI score0.0034EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•14 views

ROS-20240827-13

A vulnerability in the UltraJSON package of the Python programming language is related to the implementation of an incorrect control flow control flow. Exploitation of the vulnerability could allow an attacker acting remotely to cause impact data integrity...

7.5CVSS6.6AI score0.02283EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•14 views

ROS-20240828-01

A vulnerability in the koji RPM-based build system is related to improper neutralization of input data during the during web page generation. Exploitation of the vulnerability could allow an attacker to conduct XSS attacks using a specially crafted web interface. using a specially crafted web...

6.3AI score
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•14 views

ROS-20240827-18

Vulnerability of the actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb file of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...

5.4CVSS6.3AI score0.0068EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•14 views

ROS-20240828-08

Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to using uninitialized resource. is related to the use of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in...

9.8CVSS7.8AI score0.00598EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•14 views

ROS-20240827-20

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during generation of the of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Ruby...

6.1CVSS6.1AI score0.01119EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•14 views

ROS-20240826-05

Vulnerability in FontForge font editing software exists due to failure to take measures to neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

4.2CVSS7.3AI score0.01082EPSS
Exploits1
Redos
Redos
•added 2024/08/20 12:0 a.m.•14 views

ROS-20240820-14

A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...

3.1CVSS3.6AI score0.00601EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•14 views

ROS-20240820-07

Vulnerability of subselect component of MariaDB database management system is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow a remote intruder, affect confidentiality, integrity, availability of protected information Vulnerability...

7.5CVSS6.9AI score0.02082EPSS
Exploits2
Redos
Redos
•added 2024/08/08 12:0 a.m.•14 views

ROS-20240808-04

A vulnerability in the phpCAS::setUrl function of the phpCAS authentication library is related to the use of HTTP headers to determine the URL of a service used to validate tickets. HTTP to determine the URL of the service used to validate tickets, allowing the control of the host header and use ...

8CVSS7.2AI score0.01064EPSS
Exploits0
Redos
Redos
•added 2024/08/07 12:0 a.m.•14 views

ROS-20240807-02

Vulnerability of CountVowelPosition function of Espeak compact free software speech synthesizer is related to stack buffer overflow. with a stack buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service SetUpPhonemeTable compact free software speech...

5.5CVSS7.2AI score0.00405EPSS
Exploits5
Redos
Redos
•added 2024/07/29 12:0 a.m.•14 views

ROS-20240729-14

A vulnerability in the logentryattr function of the 389-ds-base component is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.2AI score0.00304EPSS
Exploits0
Redos
Redos
•added 2024/07/13 12:0 a.m.•14 views

ROS-20240709-04

The vulnerability in the C++ Botan cryptographic library is related to resource allocation without constraints and regulation. Exploitation of the vulnerability could allow an attacker acting remotely to forge a an ECDSA X.509 certificate...

7.5CVSS6.8AI score0.005EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•14 views

ROS-20240627-02

A vulnerability in the VPN protocol library using the "IPsec" libreswan is related to a statement of reachability when processing IKEv1 packets without specifying the esp string. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.008EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•14 views

ROS-20240411-09

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•14 views

ROS-20240411-11

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1636

2.1636 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS9.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1681

2.1681 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1374

2.1374 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1457

2.1457 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-224

2.224 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.2AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1582

2.1582 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-30

2.30 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-123

2.123 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1309

2.1309 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1577

2.1577 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

10CVSS7.4AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•14 views

ROS-2-1438

2.1438 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.4AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-1733

2.1733 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.6AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-273

2.273 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-1500

2.1500 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS7.9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-1803

2.1803 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.4AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-360

2.360 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-1708

2.1708 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

10CVSS8.8AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2022/10/25 12:0 a.m.•14 views

ROS-20221025-01

A vulnerability in the specialized shapelib library is related to a double memory release in the contrib/shpsort.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other unspecified impact by controlling malloc...

9.8CVSS8.9AI score0.01239EPSS
Exploits1
Redos
Redos
•added 2022/10/04 12:0 a.m.•14 views

ROS-20221004-02

Vulnerability of lighttpd web server is related to a null pointer dereferencing error in modwstunnel module module when processing invalid HTTP requests. Exploitation of the vulnerability could allow an attacker, remotely, send specially crafted HTTP requests to a vulnerable web server and execut...

7.5CVSS7.3AI score0.0198EPSS
Exploits1
Redos
Redos
•added 2022/03/23 12:0 a.m.•14 views

ROS-20220323-01

A vulnerability in the phpMyAdmin web interface for DBMS administration is related to the application's excessive output of data in the "lang" and "pmaparameter" parameters and in the cookie section. data in the "lang", "pmaparameter" parameters and cookie section. Exploitation of the vulnerabili...

7.5CVSS7.4AI score0.01245EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•14 views

ROS-2-1622

2.1622 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•14 views

ROS-2-1543

2.1543 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

7.4AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•14 views

ROS-2-1424

2.1424 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01861EPSS
Exploits0
Total number of security vulnerabilities5000