Lucene search
K
RedosMost viewed

8046 matches found

Redos
Redos
•added 2022/04/12 12:0 a.m.•57 views

ROS-20220412-02

Vulnerability in Mozilla Firefox browser, due to the fact that regex for Rust does not control properly internal resource consumption when parsing unreliable input data. Exploitation of the vulnerability could allow a remote attacker to pass specially crafted data to an application and perform a...

8.8CVSS8.3AI score0.1446EPSS
Exploits7
Redos
Redos
•added 2022/04/12 12:0 a.m.•57 views

ROS-20220412-03

Vulnerability in Mozilla Thunderbird email client, related to a memory freeing error when processing HTML content after the VR process is destroyed. Exploitation of the vulnerability could allow an attacker, acting remotely, create a specially crafted web page, trick the victim into opening it,...

8.8CVSS8.3AI score0.1446EPSS
Exploits7
Redos
Redos
•added 2022/03/22 12:0 a.m.•57 views

ROS-20220322-01

Vulnerability in Mozilla Thunderbird email client, related to a memory usage error upon release when processing HTML content. Exploitation of the vulnerability could allow an attacker, acting remotely, to activate the post-release usage by forcing text to be recomposed in a SVG object and executi...

9.6CVSS8AI score0.00931EPSS
Exploits4
Redos
Redos
•added 2022/03/14 12:0 a.m.•57 views

ROS-20220314-01

Vulnerability in Mozilla Firefox browser, related to a logic error in iframe processing. Exploitation the vulnerability could allow an attacker acting remotely and who has the ability to control the contents of an isolated iframe program environment , allow-popups, but not allow-scripts, could...

9.6CVSS7.9AI score0.00931EPSS
Exploits4
Redos
Redos
•added 2022/02/01 12:0 a.m.•57 views

ROS-20220125-08

The Sendmail mail transfer agent vulnerability is related to a logical error in the TLS implementation when working with different protocols but using compatible certificates such as multi-domain or wildcard certificates. wildcard certificates. Exploitation of the vulnerability could allow an...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
Redos
Redos
•added 2022/01/12 12:0 a.m.•57 views

ROS-20220112-04

A vulnerability in the Django web application framework is related to excessive data output by the application during the processing error conditions. Exploitation of the vulnerability could allow an attacker acting remotely, to obtain sensitive system information. Django web application framewor...

7.5CVSS6.4AI score0.02397EPSS
Exploits0
Redos
Redos
•added 2024/08/13 12:0 a.m.•56 views

ROS-20240813-03

Vulnerability of the usersdmatxadd function of the Infiniband driver of the Linux kernel is related to a pointer dereferencing error. pointer dereferencing error. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of the i2cputadapter...

7.8CVSS7.1AI score0.00378EPSS
Exploits0
Redos
Redos
•added 2024/04/25 12:0 a.m.•56 views

ROS-20240425-01

Vulnerability of Apache HTTP Server web server in the part of HTTP/2 protocol implementation is related to uncontrolled resource consumption due to incorrect header termination detection during CONTINUATION frame processing. CONTINUATION frames. Exploitation of the vulnerability could allow an...

7.5CVSS7.9AI score0.91327EPSS
Exploits2
Redos
Redos
•added 2024/04/03 12:0 a.m.•56 views

ROS-20240403-01

A vulnerability in the column.title and cellLinkTooltip components of the Grafana web-based data presentation tool is related to insufficient protection of the web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges A vulnerability in t...

9.8CVSS8.2AI score0.68603EPSS
Exploits9
Redos
Redos
•added 2022/10/13 12:0 a.m.•56 views

ROS-20221013-01

A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug builds caused by a syntactically invalid type signature with improperly nested brackets and curly braces. Exploitation of the vulnerability could allow an attacker to execute a...

6.5CVSS7.8AI score0.0131EPSS
Exploits3
Redos
Redos
•added 2022/01/12 12:0 a.m.•56 views

ROS-20220112-03

The vsftpd FTP server vulnerability is related to a provenance check error in the TLS implementation when working with different protocols. different protocols. Exploitation of the vulnerability could allow an attacker acting remotely and capable of performing a MitM attack at the TCP/IP level,...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
Redos
Redos
•added 2023/06/27 12:0 a.m.•55 views

ROS-20230627-01

The vulnerability in the Moodle virtual learning environment is related to insufficient cleansing of data submitted by users, in the external Wiki method for listing pages, a user can send a specially crafted query to the affected application and execute limited SQL commands on the application's...

9.8CVSS9.3AI score0.44918EPSS
Exploits4
Redos
Redos
•added 2023/04/06 12:0 a.m.•55 views

ROS-20230406-01

A vulnerability in the curl program is related to the incorrect replacement of the tilde character when used as a prefix in the first path element, in addition to its intended use as the first element to specify a path relative to a user's home directory. element to specify a path relative to the...

9.8CVSS8.9AI score0.02195EPSS
Exploits2
Redos
Redos
•added 2022/03/29 12:0 a.m.•55 views

ROS-20220329-01

A vulnerability in the zlib data compression library is related to incorrect limitation of operations within the memory buffer due to insufficient validation of user input during data compression. memory due to insufficient validation of user-entered data during data compression. Exploitation...

7.5CVSS7.2AI score0.51733EPSS
Exploits1
Redos
Redos
•added 2022/01/12 12:0 a.m.•55 views

ROS-20220112-01

A vulnerability in the X.Org Server - X Window System server implementation is caused by an out-of-memory write in the SProcScreenSaverSuspend function in the Screen Saver extension. Exploitation of the vulnerability could allow an attacker to send a specially crafted suspend request, initiate an...

7.8CVSS8.2AI score0.00571EPSS
Exploits0
Redos
Redos
•added 2025/05/15 12:0 a.m.•54 views

ROS-20250515-03

Vulnerability of flacbuffercopy function of libsndfile library is related to reading data outside the buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information and cause a denial of service. unauthorized acces...

7.1CVSS7.2AI score0.01754EPSS
Exploits1
Redos
Redos
•added 2022/11/03 12:0 a.m.•54 views

ROS-20221103-06

Apache Tomcat application server vulnerability is related to incorrect implementation of read/write locking. writes. Exploitation of the vulnerability could allow an attacker acting remotely to cause a concurrency error and force client connections to share an instance of Http11Processor...

7.5CVSS7.1AI score0.10997EPSS
Exploits15
Redos
Redos
•added 2022/10/13 12:0 a.m.•54 views

ROS-20221013-02

The vulnerability in the Moodle course management system is related to the fact that the H5P attempted action report does not group permissions are not taken into account when displaying to non-editing teachers information about attempts/users in groups to which they should not have access. about...

9.8CVSS7.1AI score0.49102EPSS
Exploits2
Redos
Redos
•added 2022/03/04 12:0 a.m.•54 views

ROS-20220304-01

Vulnerability in snapd's snap packet management daemon, related to insufficient validation of interface snapd content and layout paths. Exploitation of the vulnerability could allow an attacker to enforce arbitrary AppArmor policy rules through a corrupted content interface and layout declaration...

8.8CVSS8.6AI score0.00966EPSS
Exploits5
Redos
Redos
•added 2022/02/02 12:0 a.m.•54 views

ROS-20220202-01

Vulnerability in the GLPI request and incident handling system, related to insufficient clearing of the of user data in the reset button. Exploitation of the vulnerability could allow an attacker, acting remotely, to force a victim to click on a specially crafted link and execute arbitrary HTML a...

6.1CVSS6.7AI score0.01134EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•53 views

ROS-20250430-13

HAProxy server software vulnerability is related to bounds errors in regsub function in src/sample.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

6.8CVSS6.7AI score0.00688EPSS
Exploits0
Redos
Redos
•added 2022/09/26 12:0 a.m.•53 views

ROS-20220926-01

A vulnerability in the Vim text editor is related to a boundary error in the utfcptr2len function in mbyte. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a heap buffer overflow, and execute arbitrary code...

7.8CVSS8.2AI score0.00501EPSS
Exploits2
Redos
Redos
•added 2022/02/01 12:0 a.m.•53 views

ROS-20220125-13

Vulnerability of PostgreSQL database management system is related to failure to take measures to encrypt protected data of protected data. Exploitation of the vulnerability could allow a remote attacker, realize a man-in-the-middle attack Vulnerability in libpq library of PostgreSQL database...

8.1CVSS6.8AI score0.01901EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•53 views

ROS-20220125-11

A vulnerability in the Http2MultiplexHandler class of the Netty networking software is related to incorrect request processing when converting HTTP/2 stream to HTTP/1.1. The exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity. an attacker acting...

5.9CVSS6.8AI score0.18891EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•53 views

ROS-20220128-03

A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...

5.5CVSS6.1AI score0.00634EPSS
Exploits4
Redos
Redos
•added 2022/01/14 12:0 a.m.•53 views

ROS-20220114-01

Vulnerability in Firefox browser, related to incorrect processing of user data. of user data. Exploitation of the vulnerability could allow an attacker acting remotely to mislead, by showing an incorrect origin when requesting to run a program and processing an external URL protocol Firefox brows...

10CVSS8.9AI score0.01344EPSS
Exploits6
Redos
Redos
•added 2025/04/30 12:0 a.m.•52 views

ROS-20250430-04

A vulnerability in the libsoup library of the GNOME GUI is related to an infinite loop when reading WebSocket data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service GNOME GUI libsoup library vulnerability is related to NULL pointer dereferenci...

9CVSS8.7AI score0.00933EPSS
Exploits3
Redos
Redos
•added 2024/02/12 12:0 a.m.•52 views

ROS-20240212-01

A vulnerability in the PKCS11 function of the ssh-agent component of the OpenSSH cryptographic security tool is related to the following the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute...

9.8CVSS7.9AI score0.76768EPSS
Exploits10
Redos
Redos
•added 2022/05/18 12:0 a.m.•52 views

ROS-20220518-02

A vulnerability in Mozilla Thunderbird email client is related to incorrect processing of user input data when processing signed and encrypted attached messages. user input when processing signed and encrypted attached messages. Exploitation exploitation of the vulnerability could allow a remote...

9.8CVSS8.4AI score0.01005EPSS
Exploits3
Redos
Redos
•added 2022/02/25 12:0 a.m.•52 views

ROS-20220225-02

Vulnerability in the Drupal content management system, related to incorrect access restrictions in the in the quick edit module. Exploitation of the vulnerability could allow an attacker acting remotely, to view content restricted by other means A vulnerability in Drupal's content management...

7.5CVSS6.6AI score0.01247EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•52 views

ROS-20220125-17

A vulnerability in the QEMU hardware emulator is related to a single offset error when emulating a SCSI device in QEMU. Exploitation of the vulnerability could allow an attacker acting remotely, cause QEMU to crash The QEMU hardware emulator vulnerability is related to a memory usage error after ...

7.5CVSS6.8AI score0.00526EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•52 views

ROS-2-517

2.517 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.8CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/09/24 12:0 a.m.•51 views

ROS-20240924-03

Vulnerability of the ice component of the Linux kernel is related to the NULL pointer dereferencing in the kzalloc. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the arm64/mm component of the Linux kernel is related to incorrect handling o...

7.8CVSS7AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2023/11/21 12:0 a.m.•51 views

ROS-20231115-04

Visual Studio Coden source code editor vulnerability related to improper control of code generation. code generation. Exploitation of the vulnerability may allow an attacker to execute arbitrary code Visual Studio Code source code editor vulnerability is related to insufficient protection of...

7.8CVSS7.8AI score0.67469EPSS
Exploits3
Redos
Redos
•added 2023/02/03 12:0 a.m.•51 views

ROS-20230203-01

A vulnerability in the GNU Tar archiver is related to the fromheader function in list.c via the V7 archive, in which mtime contains approximately 11 whitespace characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to transmit special data to the application and...

5.5CVSS6.3AI score0.04524EPSS
Exploits1
Redos
Redos
•added 2024/04/23 12:0 a.m.•50 views

ROS-20240423-01

Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...

7.5CVSS8.8AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/04/02 12:0 a.m.•50 views

ROS-20240402-12

A vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to update any personal or global external storage, making it inaccessible to everyone else. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass existing...

9.8CVSS6.6AI score0.0095EPSS
Exploits4
Redos
Redos
•added 2024/04/02 12:0 a.m.•50 views

ROS-20240402-08

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2023/10/03 12:0 a.m.•50 views

ROS-20230929-01

Vulnerability in the URI component of the Ruby programming language, related to improper handling of invalid URLs containing certain characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the...

7.5CVSS5.6AI score0.05533EPSS
Exploits0
Redos
Redos
•added 2022/03/22 12:0 a.m.•50 views

ROS-20220322-02

A vulnerability in the libarchive archiving library is related to a symbolic link when extracting files from an archive. Exploitation of the vulnerability could allow an attacker to create a specially crafted symbolic link to a critical file on the system, place it in an archive, and change the...

7.8CVSS7.9AI score0.00367EPSS
Exploits0
Redos
Redos
•added 2025/07/31 12:0 a.m.•49 views

ROS-20250731-01

Vulnerability in the implementation of OAuth request signing logic for Python OAuthLib is due to insufficient user data validation in urivalidate functions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.5AI score0.01258EPSS
Exploits1
Redos
Redos
•added 2025/05/15 12:0 a.m.•49 views

ROS-20250515-05

A vulnerability in the Poppler PDF display library is related to a floating-point exception in the PSStack::roll function. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Poppler PDF mapping library is related to improper signature...

7.1CVSS6.9AI score0.00218EPSS
Exploits2
Redos
Redos
•added 2025/05/15 12:0 a.m.•49 views

ROS-20250515-15

A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...

9.8CVSS9.6AI score0.0104EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•49 views

ROS-20250505-10

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.00527EPSS
Exploits1
Redos
Redos
•added 2025/04/30 12:0 a.m.•49 views

ROS-20250430-14

The vulnerability of ASP.NET Core software platform and Microsoft's software development tool Visual Studio is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01383EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•49 views

ROS-20250430-05

Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...

10CVSS8.2AI score0.97673EPSS
Exploits36
Redos
Redos
•added 2025/04/30 12:0 a.m.•49 views

ROS-20250430-15

Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...

4.3CVSS6.5AI score0.0016EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•49 views

ROS-20241021-09

A vulnerability in the ntfs3 component of the Linux operating system kernel is related to read errors outside the bounds in the ntfslistea function in fs/ntfs3/xattr.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the qedr component of...

7.8CVSS8.2AI score0.00282EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•49 views

ROS-20240611-07

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...

7.5CVSS7.1AI score0.99995EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•49 views

ROS-20240411-08

The Jenkins Automation Server vulnerability involves the creation of temporary files with insecure permissions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, or delete files A vulnerability in the args4j library of the Jenkins Git server...

9.8CVSS7.6AI score0.99999EPSS
Exploits47
Total number of security vulnerabilities5000