Lucene search
K
RedosMost viewed

8110 matches found

Redos
Redos
•added 2025/05/15 12:0 a.m.•49 views

ROS-20250515-05

A vulnerability in the Poppler PDF display library is related to a floating-point exception in the PSStack::roll function. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Poppler PDF mapping library is related to improper signature...

7.1CVSS6.9AI score0.00218EPSS
Exploits2
Redos
Redos
•added 2025/05/15 12:0 a.m.•49 views

ROS-20250515-15

A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...

9.8CVSS9.6AI score0.0104EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•49 views

ROS-20250430-15

Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...

4.3CVSS6.5AI score0.0016EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•49 views

ROS-20240411-08

The Jenkins Automation Server vulnerability involves the creation of temporary files with insecure permissions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, or delete files A vulnerability in the args4j library of the Jenkins Git server...

9.8CVSS7.6AI score0.99999EPSS
Exploits47
Redos
Redos
•added 2024/04/10 12:0 a.m.•49 views

ROS-20240410-09

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...

7.5CVSS7.1AI score0.99995EPSS
Exploits1
Redos
Redos
•added 2024/04/09 12:0 a.m.•49 views

ROS-20240409-02

Vulnerability of the hmac.comparedigest function of the Lib/hmac.py library of the programming language interpreter Python is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker acting remotely to escalate thei...

9.8CVSS7.3AI score0.04268EPSS
Exploits4
Redos
Redos
•added 2023/09/22 12:0 a.m.•49 views

ROS-20230922-01

Vulnerability in the StringSubstitutor component of the Apache Common Text library is related to mismanagement of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.3AI score0.99931EPSS
Exploits41
Redos
Redos
•added 2022/11/21 12:0 a.m.•49 views

ROS-20221121-03

Vulnerability of ImageMagick graphic editor is related to integer overflow in function ExportIndexQuantum in MagickCore/quantum-export.c. Exploitation of the vulnerability could allow an attacker, acting remotely, to pass specially crafted image data to an application, cause an integer overflow a...

7.8CVSS7.7AI score0.01542EPSS
Exploits1
Redos
Redos
•added 2022/08/26 12:0 a.m.•49 views

ROS-20220826-01

A vulnerability in the phpurlparseex function of the PHP programming language interpreter is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow a remote attacker to launch an SSRF attack Vulnerability in the SOAP extension of the PHP interpreter...

9.8CVSS8.5AI score0.5838EPSS
Exploits8
Redos
Redos
•added 2021/09/08 12:0 a.m.•49 views

ROS-2-476

2.476 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

8.1CVSS8.3AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•49 views

ROS-2-513

2.513 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

8.8CVSS7AI score0.02719EPSS
Exploits2
Redos
Redos
•added 2025/05/15 12:0 a.m.•48 views

ROS-20250515-13

A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...

9.8CVSS9.6AI score0.0104EPSS
Exploits0
Redos
Redos
•added 2025/05/15 12:0 a.m.•48 views

ROS-20250515-14

A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...

9.8CVSS9.6AI score0.0104EPSS
Exploits0
Redos
Redos
•added 2024/08/14 12:0 a.m.•48 views

ROS-20240814-04

A vulnerability in the ofxudmadevget function in the dmaengine component of the Linux operating system kernel is related to a a leakage bug in ofxudmadevget. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the scmidomainreset...

8.1CVSS6.8AI score0.00737EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•48 views

ROS-20240408-15

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/02 12:0 a.m.•48 views

ROS-20240402-07

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2022/03/01 12:0 a.m.•48 views

ROS-20220301-01

Vulnerability in the Bubblewrap sandbox tool, related to incorrect handling of the number of parameter of call parameters in the pkexec setuid binary. Exploitation of the vulnerability could allow an attacker to create environment variables so that they are processed and executed by pkexec, and...

7.8CVSS8.1AI score0.94921EPSS
Exploits151
Redos
Redos
•added 2025/04/30 12:0 a.m.•47 views

ROS-20250430-06

A vulnerability in the vim text editor function is related to the execution of shell commands via specially crafted tar archives. created tar archives. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the vim text editor function is relate...

7.1CVSS7.8AI score0.20775EPSS
Exploits0
Redos
Redos
•added 2024/08/22 12:0 a.m.•47 views

ROS-20240822-01

The vulnerability of the hubportinit function of the core component of the Linux operating system kernel is related to reading outside the memory boundaries. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected informatio...

7.8CVSS7.2AI score0.0094EPSS
Exploits0
Redos
Redos
•added 2024/08/14 12:0 a.m.•47 views

ROS-20240814-03

A vulnerability in the i40e component of the Linux operating system kernel is related to the incorrect release of a client instance, and subsequent removal of the i40e module. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the RDMA/srp...

7.8CVSS9.1AI score0.0025EPSS
Exploits0
Redos
Redos
•added 2024/05/14 12:0 a.m.•47 views

ROS-20240514-04

A vulnerability in the Netty networking software is associated with the occurrence of an interpretation conflict. Exploitation of the vulnerability could allow an attacker acting remotely to disclose and modify protected information A vulnerability in the Netty networking software is related to...

7.5CVSS6.8AI score0.02459EPSS
Exploits4
Redos
Redos
•added 2024/05/03 12:0 a.m.•47 views

ROS-20240503-10

Vulnerability of iconv function of glibc system library is related to possibility of writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to potentially execute arbitrary code by injecting a specially crafted PHP file...

7.3CVSS7.1AI score0.8833EPSS
Exploits16
Redos
Redos
•added 2024/03/29 12:0 a.m.•47 views

ROS-20240329-01

A vulnerability in the vim text editor is related to improper handling of exceptional conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service The vim text editor vulnerability is related to an attempt by vim to access an already freed structure window...

4.3CVSS7.2AI score0.00749EPSS
Exploits0
Redos
Redos
•added 2023/04/18 12:0 a.m.•47 views

ROS-20230418-05

A vulnerability in the OpenSSL cryptographic library is related to a boundary error in the PEMreadbioex function. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted PEM file to an application, cause a memory re-release error, and perform a typing...

7.5CVSS7.1AI score0.59501EPSS
Exploits0
Redos
Redos
•added 2022/08/24 12:0 a.m.•47 views

ROS-20220808-01

A vulnerability in the ActiveDirectory/DC database audit logging module of the Samba networking software suite is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Samba...

8.8CVSS7.4AI score0.01064EPSS
Exploits0
Redos
Redos
•added 2022/03/10 12:0 a.m.•47 views

ROS-20220310-01

PJSIP multimedia communication library vulnerability is related to a boundary error in the PJSUA API during the pjsuaplaylistcreate call. Exploitation of the vulnerability could allow an attacker acting remotely, cause a stack buffer overflow and execute arbitrary code on the target system The...

9.8CVSS9.7AI score0.02475EPSS
Exploits0
Redos
Redos
•added 2024/08/12 12:0 a.m.•46 views

ROS-20240812-15

Apache HTTP Server kernel vulnerability is related to ignoring outdated configuration of the of handlers by the "AddType" function. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. remotely to disclose protected information Vulnerability...

7.5CVSS6.8AI score0.35447EPSS
Exploits3
Redos
Redos
•added 2024/07/19 12:0 a.m.•46 views

ROS-20240719-02

Vulnerability in the makeHttpRequest function of the htdocs/js/ajaxfunctions.js file of the web administration tool LDAP phpLDAPAPadmin is related to inconsistent interpretation of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to cause smuggling of http...

6.5CVSS6.8AI score0.00426EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•46 views

ROS-20240503-02

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.1AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/04/12 12:0 a.m.•46 views

ROS-20240412-06

A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...

9.8CVSS8.6AI score0.87816EPSS
Exploits2
Redos
Redos
•added 2024/04/09 12:0 a.m.•46 views

ROS-20240409-11

Vulnerability in the WatchAnalytics extension of the hypertext environment implementation software tool MediaWiki is related to XSS exploitation using the Special:PageStatistics page parameter. Exploitation The exploitation of the vulnerability could allow a remote attacker to perform cross-site...

6.1CVSS5.9AI score0.00474EPSS
Exploits7
Redos
Redos
•added 2024/04/01 12:0 a.m.•46 views

ROS-20240401-01

Vulnerability of idedmacb function of QEMU hardware emulator is related to synchronization errors when processing the DRQSTAT parameter. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, or delete data or cause a denial of service Vulnerability in the...

10CVSS7.8AI score0.01401EPSS
Exploits0
Redos
Redos
•added 2023/10/16 12:0 a.m.•46 views

ROS-20231016-05

A vulnerability in the curl program line utility is related to a copy of the hostname in the buffer instead of the allowed address. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the libcurl library is related to...

9.8CVSS7.7AI score0.78483EPSS
Exploits6
Redos
Redos
•added 2022/10/04 12:0 a.m.•46 views

ROS-20221004-01

Vim text editor vulnerability is related to a boundary error during file processing in the function exfinally in exeval.c. Exploitation of the vulnerability could allow an attacker acting remotely, create a special file, force the victim to open it, cause memory corruption, and execute arbitrary...

7.8CVSS7.4AI score0.00797EPSS
Exploits4
Redos
Redos
•added 2022/05/25 12:0 a.m.•46 views

ROS-20220525-01

A vulnerability in the Vim text editor is related to a boundary error when processing unreliable input data. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file and initiate unauthorized writing and execution of...

7.8CVSS8.3AI score0.03001EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•46 views

ROS-2-792

2.792 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...

6.1CVSS6.8AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•46 views

ROS-2-597

2.597 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.Identifier of the Information Security Threats Data...

8.8CVSS8.6AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2024/08/19 12:0 a.m.•46 views

ROS-20240819-01

Vulnerability of rtl92epcidisconnect function in drivers/staging/rtl8192e/rtl8192e/rtlcore.c module of the RealTek RTL8192E wireless adapter driver of the Linux kernel is related to the reuse of previously freed memory. reuse of previously freed memory. Exploitation of the vulnerability could all...

7.8CVSS6.9AI score0.02701EPSS
Exploits1
Redos
Redos
•added 2024/04/11 12:0 a.m.•45 views

ROS-20240411-07

A vulnerability in the UEFI shim bootloader is related to errors in the MZ binary format. Exploitation of the vulnerability could allow an attacker to cause a denial of service The shim UEFI bootloader vulnerability is related to out-of-bounds read errors when attempting to check the SBAT...

8.3CVSS8.4AI score0.04852EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•45 views

ROS-2-566

2.566 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2023/04/20 12:0 a.m.•45 views

ROS-20230420-01

Vulnerability in the modproxy module of Apache HTTP Server is related to flaws in header handling Transfer-Encoding. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. hidden HTTP request HTTP Request Smuggling...

9.8CVSS8.7AI score0.8377EPSS
Exploits5
Redos
Redos
•added 2023/04/17 12:0 a.m.•45 views

ROS-20230417-04

A vulnerability in the CryptParameterDecryption function of the cryptoprocessor firmware of the Trusted Platform Module TPM is related to reading data beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

7.8CVSS7.5AI score0.05552EPSS
Exploits0
Redos
Redos
•added 2022/12/22 12:0 a.m.•45 views

ROS-20221222-03

A vulnerability in the Moodle course management system is related to insufficient validation of user-entered data in the LTI vendor library. data in the LTI vendor's library. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and tri...

9.1CVSS6.9AI score0.01352EPSS
Exploits0
Redos
Redos
•added 2022/12/22 12:0 a.m.•45 views

ROS-20221222-01

A vulnerability in the audinsendopen function of the xrdp server is related to the possibility of a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a remote machine Vulnerability in devredirprocclientdevlistannouncereq function ...

9.8CVSS9.5AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2022/10/25 12:0 a.m.•45 views

ROS-20221025-03

A vulnerability in Mozilla Firefox browser is related to improper management of internal resources in the application when processing window.print events. application when handling window.print events. Exploitation of the vulnerability could allow an attacker, acting remotely, trick a victim into...

8.8CVSS8.3AI score0.0083EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•45 views

ROS-20221007-04

Vulnerabilities in Firefox, Firefox ESR web browsers and Thunderbird email client are related to errors in the in the presentation of information by the user interface. Exploitation of the vulnerability could allow An attacker acting remotely could disclose protected information Vulnerability in...

8.8CVSS8.7AI score0.01342EPSS
Exploits0
Redos
Redos
•added 2022/06/08 12:0 a.m.•45 views

ROS-20220608-01

The vulnerability of the ClamAV antivirus software package is related to a boundary error in the module of database loading signatures. Exploitation of the vulnerability could allow an attacker acting remotely to transfer specially crafted data to an application, cause a buffer overflow in dynami...

8.6CVSS7.6AI score0.0663EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•45 views

ROS-2-850

2.850 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•45 views

ROS-2-613

2.613 Vulnerability in sudo CVE-2021-3156 1. Vulnerability Description: The vulnerability allows root access without authentication and without having the necessary credentials. The issue can be exploited by any user, regardless of their presence in system groups or the presence of an entry in th...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•45 views

ROS-2-600

2.600 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS7.1AI score0.52838EPSS
Exploits10
Total number of security vulnerabilities5000