Lucene search
K
RedosMost viewed

8276 matches found

Redos
Redos
•added 2026/02/16 12:0 a.m.•10 views

ROS-20260216-73-0033

A vulnerability in the Networking component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access ...

6.1CVSS5.6AI score0.00261EPSS
Exploits1
Redos
Redos
•added 2026/02/16 12:0 a.m.•10 views

ROS-20260216-73-0034

A vulnerability in the Networking component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access ...

6.1CVSS5.6AI score0.00261EPSS
Exploits1
Redos
Redos
•added 2026/02/16 12:0 a.m.•10 views

ROS-20260216-73-0039

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause...

7.5CVSS5.6AI score0.00864EPSS
Exploits0
Redos
Redos
•added 2026/02/16 12:0 a.m.•10 views

ROS-20260216-73-0042

A vulnerability in the Security component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause...

7.5CVSS5.6AI score0.00864EPSS
Exploits0
Redos
Redos
•added 2026/02/09 12:0 a.m.•10 views

ROS-20260209-73-0023

A vulnerability in the Zlib protocol implementation of the MongoDB database management system is related to improper handling of a length parameter mismatch. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...

8.7CVSS5.6AI score0.83007EPSS
Exploits39
Redos
Redos
•added 2026/02/09 12:0 a.m.•10 views

ROS-20260209-73-0033

A vulnerability in the JWE, JWS, JWT go-jose standards suite implementation package for the Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

4.3CVSS5.6AI score0.01956EPSS
Exploits0
Redos
Redos
•added 2026/02/05 12:0 a.m.•10 views

ROS-20260205-73-0028

A vulnerability in the crypto, lzo modules of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability may allow an attacker to violate data integrity and also cause a denial of service...

7.8CVSS7.4AI score0.00154EPSS
Exploits0
Redos
Redos
•added 2026/01/29 12:0 a.m.•10 views

ROS-20260129-73-0063

The vulnerability in the Go programming language is related to a flaw in the authorization procedure. Exploitation of the vulnerability allows an attacker acting remotely to affect the confidentiality and integrity of protected information...

6.5CVSS5.9AI score0.00274EPSS
Exploits0
Redos
Redos
•added 2026/01/29 12:0 a.m.•10 views

ROS-20260129-73-0074

A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already established network connection, without opening new network connections and without acknowledging the receipt of packets. Exploitation of the vulnerability could allo...

7.5CVSS5.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2026/01/29 12:0 a.m.•10 views

ROS-20260129-73-0046

Vulnerability in nextcloud related to flaws in access to personal information. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

4.9CVSS5.9AI score0.00302EPSS
Exploits0
Redos
Redos
•added 2026/01/20 12:0 a.m.•10 views

ROS-20260120-7323

A vulnerability in the drivers/net/caif/caifvirtio.c file of the Linux operating system kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.8AI score0.002EPSS
Exploits0
Redos
Redos
•added 2026/01/19 12:0 a.m.•10 views

ROS-20260119-7393

A vulnerability in the pcf85063nvmemread function of the drivers/rtc/rtc-pcf85063.c component of the Linux operating system kernel is related to writing beyond buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, violate its integrity, and...

7.8CVSS8AI score0.00203EPSS
Exploits0
Redos
Redos
•added 2026/01/19 12:0 a.m.•10 views

ROS-20260119-7356

A vulnerability in the arpxmitfinish function of the net/ipv4/arp.c module of the Linux kernel IPv4 protocol implementation is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protecte...

7.8CVSS7.8AI score0.00232EPSS
Exploits0
Redos
Redos
•added 2026/01/14 12:0 a.m.•10 views

ROS-20260114-7322

A vulnerability in the pfifotailenqueue function net/sched/schfifo.c of the Linux operating system kernel is associated with a functionality mismatch according to the specification. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...

7.8CVSS8.2AI score0.00256EPSS
Exploits0
Redos
Redos
•added 2025/12/23 12:0 a.m.•10 views

ROS-20251223-7315

Vulnerability in php-symfony4 related to the use of non-canonical url-paths for authorization solutions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

7.3CVSS7AI score0.01326EPSS
Exploits0
Redos
Redos
•added 2025/12/23 12:0 a.m.•10 views

ROS-20251223-7321

A vulnerability in the urllib.parse.urlsplit and urlparse functions of the Python programming language interpreter is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity...

6.3CVSS6.8AI score0.0067EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•10 views

ROS-20251215-7307

A vulnerability in the GNU Wget download manager is related to insufficient server-side request validation. Exploitation of the vulnerability could allow a remote attacker to perform an SSRF, phishing or man-in-the-middle attack...

6.5CVSS6.9AI score0.0111EPSS
Exploits0
Redos
Redos
•added 2025/12/01 12:0 a.m.•10 views

ROS-20251201-02

A vulnerability in the vfsinode.c component of the Linux kernel is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the llcpsock.c component of the Lin...

7.1CVSS6.7AI score0.0025EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•10 views

ROS-20251128-03

A vulnerability in the Vault access control system and Vault enterprise information archiving platform Enterprise is related to authentication bypass using an alternate path or channel in AWS authentication method. AWS authentication method. Exploitation of the vulnerability could allow an attack...

8.1CVSS6.9AI score0.00517EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•10 views

ROS-20251128-04

Vulnerability of the smb2isvalidoplockbreak function in the fs/smb/client/smb2misc.c module of the SMB client implementation of the Linux kernel is related to the reuse of the previously released SMB protocol client implementation of the Linux kernel is related to the reuse of previously freed...

7.1CVSS6.6AI score0.00239EPSS
Exploits0
Redos
Redos
•added 2025/11/25 12:0 a.m.•10 views

ROS-20251125-06

A vulnerability in the Moodle virtual learning environment is related to the disclosure of hidden group names to users, who have permission to create events in the calendar. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected...

6.5CVSS6.9AI score0.00246EPSS
Exploits0
Redos
Redos
•added 2025/11/25 12:0 a.m.•10 views

ROS-20251125-08

Apache Tomcat application server vulnerability is related to incorrect resource release. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Apache Tomcat application server vulnerability is associated with failure to take measures to...

9.6CVSS7.5AI score0.66535EPSS
Exploits4
Redos
Redos
•added 2025/11/06 12:0 a.m.•10 views

ROS-20251106-05

The bfdselfparseehframe function of the GNU Binutils development tool has a vulnerability related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in GNU Binutils software development to...

7.8CVSS7.2AI score0.00235EPSS
Exploits2
Redos
Redos
•added 2025/11/05 12:0 a.m.•10 views

ROS-20251105-06

The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...

9.9CVSS6.7AI score0.66258EPSS
Exploits5
Redos
Redos
•added 2025/10/31 12:0 a.m.•10 views

ROS-20251031-03

A vulnerability in the Apache ActiveMQ software platform is related to the recovery of invalid data in memory data. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by creating an OpenWire class. arbitrary code by creating a class over the OpenWire protoco...

10CVSS7.9AI score0.99654EPSS
Exploits31
Redos
Redos
•added 2025/10/16 12:0 a.m.•10 views

ROS-20251016-04

Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...

9.8CVSS9.4AI score0.87816EPSS
Exploits4
Redos
Redos
•added 2025/08/22 12:0 a.m.•10 views

ROS-20250822-21

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
Redos
Redos
•added 2025/08/22 12:0 a.m.•10 views

ROS-20250822-23

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
Redos
Redos
•added 2025/08/06 12:0 a.m.•10 views

ROS-20250806-13

Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the crypto-elliptic component of the Golang programming language is related to the...

9.1CVSS8.5AI score0.00856EPSS
Exploits2
Redos
Redos
•added 2025/07/10 12:0 a.m.•10 views

ROS-20250710-09

A vulnerability in the Apache MINA Java network application framework is related to incorrect handling ofjq SSL/TLS closenotify messages, as a result of which the software does not close the connection and keeps the socket open, allowing the client to subsequently receive open socket messages...

7.5CVSS6.6AI score0.02201EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•10 views

ROS-20250703-09

Vulnerability of RoundCube Webmail mail client is related to flaws in deserialization mechanism of from parameter processing. processing the from parameter. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending a specially crafted request...

9.9CVSS9.6AI score0.89462EPSS
Exploits29
Redos
Redos
•added 2025/06/02 12:0 a.m.•10 views

ROS-20250602-01

A vulnerability in the Bluetooth component of the Linux kernel is related to a memory leak in the function hcigetrandomaddress in net/bluetooth/hcisync.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the traceeventshist component of the...

8.1CVSS7.2AI score0.00449EPSS
Exploits0
Redos
Redos
•added 2025/05/26 12:0 a.m.•10 views

ROS-20250526-09

Vulnerability of moodle virtual learning environment is related to flaws in permission checking and user capabilities of the user. Exploitation of the vulnerability could allow an attacker acting remotely to access confidential information A vulnerability in the Multi-Factor Authentication...

5.3CVSS7.6AI score0.0029EPSS
Exploits0
Redos
Redos
•added 2025/05/26 12:0 a.m.•10 views

ROS-20250526-08

Vulnerability in the soupheaderparsequalitylist function of the libsoup GUI library GNOME of Linux operating systems is related to a memory leak when parsing a quality list containing elements with all zeros. Exploitation of the vulnerability could allow an attacker acting remotely, gain access t...

6.5CVSS6.7AI score0.00487EPSS
Exploits0
Redos
Redos
•added 2025/05/15 12:0 a.m.•10 views

ROS-20250515-12

A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...

9.8CVSS7.3AI score0.01061EPSS
Exploits0
Redos
Redos
•added 2025/05/15 12:0 a.m.•10 views

ROS-20250515-02

A vulnerability in the PHP Twig template language is due to sandbox security checks not being executed under certain circumstances. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the implemented securit...

8.6CVSS8.7AI score0.00826EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•10 views

ROS-2-232

2.232 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•10 views

ROS-2-18

2.18 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies about renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 till 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.2AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•10 views

ROS-2-32

2.32 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

7.1AI score
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•10 views

ROS-20250506-01

Vulnerability of net/ipv6 components of Linux operating system kernel is related to memory leak in function ip6negativeadvice in net/ipv6/route.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the can component of the Linux operating...

7.8CVSS8.5AI score0.00535EPSS
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•10 views

ROS-20250505-03

Vulnerability in MySQL Server component is related to improper order of behavior. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

4.9CVSS6.5AI score0.00396EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•10 views

ROS-20250424-14

Vulnerability in Apache Tomcat application server's JNDIRealm module implementation is related to flaws in the authentication mechanism. authentication mechanism. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information. Unauthorized...

6.5CVSS7.1AI score0.09886EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•10 views

ROS-20250417-11

Vulnerability of the phpseclib cryptographic protocol library is related to insufficient verification of user input data user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.00569EPSS
Exploits0
Redos
Redos
•added 2025/04/10 12:0 a.m.•10 views

ROS-20250410-01

A vulnerability in the mailbox component of the Linux kernel is related to resource management errors in the bcm2835mboxprobe function in drivers/mailbox/bcm2835-mailbox.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the uvcparseformat...

7.8CVSS7.7AI score0.03301EPSS
Exploits2
Redos
Redos
•added 2025/03/26 12:0 a.m.•10 views

ROS-20250326-03

The vulnerability in the document-oriented database management system MongoDB is related to bugs in the query analysis of some complex self-referential $lookup subconvectors, leading to sending to the server literal values in expressions for encrypted fields as plaintext instead of encrypted text...

3.3CVSS7.2AI score0.00119EPSS
Exploits0
Redos
Redos
•added 2025/03/11 12:0 a.m.•10 views

ROS-20250311-03

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/11 12:0 a.m.•10 views

ROS-20250311-06

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/11 12:0 a.m.•10 views

ROS-20250311-07

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/03 12:0 a.m.•10 views

ROS-20250303-07

The vulnerability of the ntfsreadmft function in the fs/ntfs3/inode.c module of the Linux kernel is related to the following issues lack of validation of allowed attribute sizes. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of...

7.8CVSS6.4AI score0.00264EPSS
Exploits0
Redos
Redos
•added 2025/03/03 12:0 a.m.•10 views

ROS-20250303-01

Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the lack of restrictions on authentication attempts. Exploitation of the vulnerability could allow an attacker acting remotely to reset arbitrary passwords...

7.1CVSS7.2AI score0.00602EPSS
Exploits0
Total number of security vulnerabilities5000