Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2025/01/14 12:0 a.m.•12 views

ROS-20250114-08

A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2024/12/20 12:0 a.m.•12 views

ROS-20241220-04

Vulnerability of ServerConfig.PublicKeyCallback function of the library for Go crypto programming language is related to a flaw in the authorization procedure for key processing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

9.1CVSS7.1AI score0.03153EPSS
Exploits2
Redos
Redos
•added 2024/12/11 12:0 a.m.•12 views

ROS-20241211-03

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.04422EPSS
Exploits1
Redos
Redos
•added 2024/12/04 12:0 a.m.•12 views

ROS-20241204-01

A vulnerability in the libstub component of the Linux kernel is related to the use of an uninitialized resource in the uninitialized resource in the efifree function in drivers/firmware/efi/libstub/fdt.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of servic...

5.5CVSS6.7AI score0.00253EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•12 views

ROS-20241203-21

The vulnerability of drawio diagramming software is related to improper neutralization of the of special elements used in the OS command. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary commands...

7.8CVSS8AI score0.01338EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•12 views

ROS-20241112-09

A vulnerability in the Consul service configuration tool is related to input validation errors when processing catalog traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and read arbitrary files on the system...

8.3CVSS6.8AI score0.00473EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•12 views

ROS-20241112-05

A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.8CVSS7.2AI score0.00894EPSS
Exploits0
Redos
Redos
•added 2024/11/07 12:0 a.m.•12 views

ROS-20241107-02

A vulnerability in the x86/mmu components of the Linux operating system kernel is related to incorrect calculations in the kvmtdpmmutrysplithugepages, kvmtdpmmucleardirtyslot, and cleardirtyptmasked functions in the arch/x86/kvm/mmu/tdpmmu.c. Exploitation of the vulnerability could allow an...

7.4CVSS7AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•12 views

ROS-20241028-02

The vulnerability of the net-netip component of Golang programming language is related to incorrect operation of Is methods IsPrivate, IsLoopback, etc. methods. Exploitation of the vulnerability can allow an intruder to bypass the existing access restriction policy...

9.8CVSS7.2AI score0.01952EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•12 views

ROS-20241021-03

Vulnerability of the tic4xprintcond function of the opcodes/tic4x-dis.c component of the GNU development tool Binutils is related to memory initialization errors. Exploitation of the vulnerability allows an attacker, acting remotely, to gain access to confidential data...

7.5CVSS7.3AI score0.00659EPSS
Exploits1
Redos
Redos
•added 2024/10/17 12:0 a.m.•12 views

ROS-20241017-06

A vulnerability in the PeCoffLoaderRelocateImage function of the Tianocore EDK2 library is related to the invocation of memory corruption memory due to overflow through a contiguous network. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to...

5.9CVSS7.2AI score0.0037EPSS
Exploits0
Redos
Redos
•added 2024/10/17 12:0 a.m.•12 views

ROS-20241017-02

Vulnerability in the "CONNECT", "DISCONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" components of the message broker Eclipse Mosquitto is related to segmentation errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive...

7.5CVSS6.7AI score0.00748EPSS
Exploits0
Redos
Redos
•added 2024/10/15 12:0 a.m.•12 views

ROS-20241015-01

Vulnerability in the Image Element Handler component of the Haskell library for conversion from markup formats Pandoc is related to the provision of a specially crafted image element as input when creating files using the --extract-media parameter or outputting to PDF. file creation using the...

6.3CVSS7.2AI score0.00368EPSS
Exploits1
Redos
Redos
•added 2024/09/05 12:0 a.m.•12 views

ROS-20240905-01

Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...

9.8CVSS6.7AI score0.00641EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•12 views

ROS-20240827-03

Vulnerability of the file actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...

5.4CVSS6.3AI score0.0068EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•12 views

ROS-20240827-10

A vulnerability in the File Name Handler component of the vim text editor exists due to a bug in the use of pointers after memory release in the dialogchanged function. pointers after memory release in dialogchanged function. Exploitation of the vulnerability could allow an an attacker to cause a...

5.3CVSS6.5AI score0.00363EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•12 views

ROS-20240826-23

A vulnerability in the Blender three-dimensional computer graphics software suite is related to the lack of validation for values less than 0. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause a denial of...

7.8CVSS7.2AI score0.01135EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•12 views

ROS-20240826-27

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•12 views

ROS-20240815-16

Vulnerability in authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS6.9AI score0.01261EPSS
Exploits1
Redos
Redos
•added 2024/08/06 12:0 a.m.•12 views

ROS-20240806-02

A vulnerability in the XML Handler component of the cross-platform messenger for the Jabber Gajim protocol is related to the the creation of XML strophs, allowing messages that were not sent by other users. Exploitation of the vulnerability could allow an attacker acting remotely to have an Impac...

5.3CVSS7.2AI score0.00467EPSS
Exploits0
Redos
Redos
•added 2024/08/02 12:0 a.m.•12 views

ROS-20240801-03

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS5.3AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/08/02 12:0 a.m.•12 views

ROS-20240801-04

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS5.3AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/07/31 12:0 a.m.•12 views

ROS-20240731-02

A vulnerability in the application programming interface of the libcue library is related to an operation exceeding the boundaries of the of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by downloading a control table from ...

8.8CVSS7.1AI score0.1657EPSS
Exploits1
Redos
Redos
•added 2024/06/13 12:0 a.m.•12 views

ROS-20240613-04

Vulnerability of RelinquishDCMInfo function of dcm.c component of ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial of service via a...

7.1CVSS6.9AI score0.01113EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•12 views

ROS-20240611-03

A vulnerability in the MIME-tools component of the open-source content filter for Amavis email is related to an interpretation conflict when a MIME email message has multiple boundary parameters. Exploitation of the vulnerability could allow an attacker acting remotely to elevate the privileges...

7.4CVSS7.1AI score0.00826EPSS
Exploits0
Redos
Redos
•added 2024/05/29 12:0 a.m.•12 views

ROS-20240529-04

A vulnerability in the ImageIO component of the Oracle Java SE software platform and the Oracle GraalVM Virtual Machine Enterprise Edition is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a partial denial of service Vulnerability i...

7.5CVSS7.6AI score0.48235EPSS
Exploits6
Redos
Redos
•added 2024/05/21 12:0 a.m.•12 views

ROS-20240521-11

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
•added 2024/05/03 12:0 a.m.•12 views

ROS-20240503-13

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

8.2CVSS8AI score0.0112EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•12 views

ROS-20240503-17

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

8.2CVSS8AI score0.0112EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•12 views

ROS-20240503-16

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

8.2CVSS8AI score0.0112EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•12 views

ROS-20240411-10

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•12 views

ROS-20240409-19

Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...

7.5CVSS6.7AI score0.00976EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•12 views

ROS-20240408-25

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.93305EPSS
Exploits4
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-1613

2.1613 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-9

2.9 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.2AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-145

2.145 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01 You can contact the technical...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-26

2.26 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.2AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-383

2.383 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-1502

2.1502 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.6AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-1453

2.1453 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-1767

2.1767 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

10CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•12 views

ROS-2-1454

2.1454 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-128

2.128 Notification on the update of OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-1745

2.1745 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-154

2.154 Notification on update of the Anti-Malware Protection System "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your...

7.2AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-1499

2.1499 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS8AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-251

2.251 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-127

2.127 Notification on update of the RAND OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-1413

2.1413 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.9AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•12 views

ROS-2-237

2.237 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Total number of security vulnerabilities5000