Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
added 2024/12/11 12:0 a.m.11 views

ROS-20241211-07

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.04422EPSS
Exploits1
Redos
Redos
added 2024/12/11 12:0 a.m.11 views

ROS-20241211-11

A vulnerability in the HTTP client library for Python urllib3 is related to the fact that the Prox-Authorization header is not removed during source-to-source redirection when using proxy server support urllib3 with ProxyManager . Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS7.2AI score0.01141EPSS
Exploits1
Redos
Redos
added 2024/12/09 12:0 a.m.11 views

ROS-20241209-05

The vulnerability of Salt's configuration management and remote execution system is related to the fact that the application does not cause a crash when bad column data is detected. Exploitation of the vulnerability could allow an attacker acting remotely to use the default value from state inste...

7AI score
Exploits0
Redos
Redos
added 2024/12/05 12:0 a.m.11 views

ROS-20241205-01

The vulnerability of the asm-bug component of the Linux operating system kernel is related to incorrect error handling in arch/arm64/include/asm/asm-bug.h. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the sr component of the...

6.2CVSS6.6AI score0.00237EPSS
Exploits0
Redos
Redos
added 2024/12/03 12:0 a.m.11 views

ROS-20241203-18

An open source RDP server vulnerability is related to ineffective operation of the configuration parameter, that limits the maximum number of login attempts. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS8.1AI score0.00602EPSS
Exploits0
Redos
Redos
added 2024/10/23 12:0 a.m.11 views

ROS-20241023-03

A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to improper privilege assignment. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate privileges...

7.2CVSS7.3AI score0.00528EPSS
Exploits0
Redos
Redos
added 2024/10/18 12:0 a.m.11 views

ROS-20241017-10

Dovecot mail server vulnerability is related to unrestricted resource allocation. Exploitation The vulnerability could allow an attacker acting remotely to perform a denial of service...

5CVSS7.1AI score0.00839EPSS
Exploits2
Redos
Redos
added 2024/10/08 12:0 a.m.11 views

ROS-20241008-01

Vulnerability in the DWARF Object Handler component of the library for providing access to debugging information DWARF libdwarf is associated with a re-release vulnerability. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a memory leak...

7.5CVSS6.7AI score0.01089EPSS
Exploits0
Redos
Redos
added 2024/10/08 12:0 a.m.11 views

ROS-20241008-02

A vulnerability in the Portainer container management platform is related to an improperly used algorithm encryption algorithm in the AesEncrypt function. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the confidentiality, integrity, and availability of...

7.5CVSS6.5AI score0.00284EPSS
Exploits0
Redos
Redos
added 2024/10/04 12:0 a.m.11 views

ROS-20241004-06

A vulnerability in the ksmbd component of the Linux operating system kernel is related to a link reset after using the opinfo. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.1CVSS7.3AI score0.00233EPSS
Exploits0
Redos
Redos
added 2024/09/27 12:0 a.m.11 views

ROS-20240927-15

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

3.7CVSS7.2AI score0.00746EPSS
Exploits0
Redos
Redos
added 2024/09/27 12:0 a.m.11 views

ROS-20240927-04

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

3.7CVSS7AI score0.00746EPSS
Exploits0
Redos
Redos
added 2024/09/18 12:0 a.m.11 views

ROS-20240918-05

A vulnerability in the net component of the Golang programming language is related to the execution of a loop with an inaccessible exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.9CVSS7AI score0.01001EPSS
Exploits0
Redos
Redos
added 2024/09/04 12:0 a.m.11 views

ROS-20240904-10

A vulnerability in the Clojure dynamic programming language is related to the deserialization of untrusted data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Clojure dynamic programming language is related to the...

9.8CVSS7.8AI score0.01533EPSS
Exploits2
Redos
Redos
added 2024/09/02 12:0 a.m.11 views

ROS-20240902-21

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

8.8CVSS8.1AI score0.00536EPSS
Exploits0
Redos
Redos
added 2024/09/02 12:0 a.m.11 views

ROS-20240902-07

A vulnerability in the cpio binary archiver is related to regression when using the command line parameter --no-absolute-filenames. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

4.9CVSS6.8AI score0.00906EPSS
Exploits0
Redos
Redos
added 2024/09/02 12:0 a.m.11 views

ROS-20240902-06

Vulnerability of swfgetstring function of GPAC multimedia platform, is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the gfdashsetupperio...

7.1CVSS6.5AI score0.00528EPSS
Exploits2
Redos
Redos
added 2024/08/07 12:0 a.m.11 views

ROS-20240807-01

Vulnerability in the implementation of ColladaParser::ExtractDataObjectFromChannel function of the Open Asset Import Library Assimp 3D models Open Asset Import Library Assimp is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to gai...

8.8CVSS8.4AI score0.00723EPSS
Exploits1
Redos
Redos
added 2024/07/30 12:0 a.m.11 views

ROS-20240730-16

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...

7.4CVSS7.4AI score0.01026EPSS
Exploits0
Redos
Redos
added 2024/07/13 12:0 a.m.11 views

ROS-20240711-04

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

8.3CVSS6.7AI score0.01279EPSS
Exploits0
Redos
Redos
added 2024/05/21 12:0 a.m.11 views

ROS-20240521-09

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
added 2024/05/14 12:0 a.m.11 views

ROS-20240514-13

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
added 2024/04/08 12:0 a.m.11 views

ROS-20240408-24

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.93305EPSS
Exploits4
Redos
Redos
added 2024/04/08 12:0 a.m.11 views

ROS-20240408-23

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.93305EPSS
Exploits4
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-204

2.204 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-51

2.51 Notification on the update of OPERATION SYSTEM "RED OS" MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-1354

2.1354 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.1AI score0.01428EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-373

2.373 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technic...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-1894

2.1894 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS10AI score0.61061EPSS
Exploits6
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-1048

2.1048 Notification on the update of the Red OS OPERATION SYSTEM MIS update RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-56

2.56 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technica...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-405

2.405 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technic...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-386

2.386 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technic...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.11 views

ROS-2-1766

2.1766 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-343

2.343 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technica...

7.3AI score
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-1583

2.1583 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-1739

2.1739 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS9.2AI score0.01368EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-129

2.129 Notification on update of the RAND OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-2062

2.2062 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-131

2.131 Notification on update of the RAND OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-1822

2.1822 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.11 views

ROS-2-1361

2.1361 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
added 2022/02/22 12:0 a.m.11 views

ROS-20220210-03

Vulnerability of HTTP client library httplib2, is related to the fact that the application does not properly control the consumption of internal resources. internal resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause resource exhaustion by...

7.5CVSS7.1AI score0.03876EPSS
Exploits1
Redos
Redos
added 2022/01/14 12:0 a.m.11 views

ROS-20220114-02

Vulnerability in Mozilla Thunderbird email client, related to memory usage after memory freeing due to a race condition when playing audio files. Exploitation of the vulnerability could allow an attacker acting remotely to create a specially crafted audio shell, trigger a post-release usage error...

10CVSS9.2AI score0.01344EPSS
Exploits6
Redos
Redos
added 2021/12/24 12:0 a.m.11 views

ROS-2-913

2.913 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.11 views

ROS-2-1667

2.1667 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-794

2.794 Multiple Vulnerabilities in Moodle 1. Vulnerability description: The vulnerability discovered allows a remote attacker to perform cross-site scripting XSS attacks. The vulnerability allows a remote user to gain unauthorized access to other restricted features. Vulnerability allows a remote...

7.7AI score
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-2169

2.2169 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.4AI score0.10634EPSS
Exploits2
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-2187

2.2187 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

6.1CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-1363

2.1363 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.2AI score0.03582EPSS
Exploits1
Total number of security vulnerabilities5000