Lucene search
K
RedosMost viewed

8050 matches found

Redos
Redos
•added 2024/04/05 12:0 a.m.•44 views

ROS-20240405-10

A vulnerability in the Perl programming language is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code...

7.8CVSS9.8AI score0.00832EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•44 views

ROS-20240403-02

Vulnerability of ntfsnamesfullcollate function of NTFS file system for NTFS-3G FUSE module is related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges using a specially crafted NTFS image file The NT...

7.8CVSS8.3AI score0.00504EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•44 views

ROS-2-555

2.555 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/04/17 12:0 a.m.•44 views

ROS-20230417-04

A vulnerability in the CryptParameterDecryption function of the cryptoprocessor firmware of the Trusted Platform Module TPM is related to reading data beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

7.8CVSS7.5AI score0.05552EPSS
Exploits0
Redos
Redos
•added 2022/10/25 12:0 a.m.•44 views

ROS-20221025-03

A vulnerability in Mozilla Firefox browser is related to improper management of internal resources in the application when processing window.print events. application when handling window.print events. Exploitation of the vulnerability could allow an attacker, acting remotely, trick a victim into...

8.8CVSS8.3AI score0.0083EPSS
Exploits0
Redos
Redos
•added 2022/10/17 12:0 a.m.•44 views

ROS-20221017-01

A vulnerability in the FreeRDP remote desktop protocol implementation is related to the disclosure of uninitialized data on unix systems when using the /parallel command line switch. uninitialized data on unix systems when using the /parallel command line switch. Exploitation of the vulnerability...

7.5CVSS7.5AI score0.00985EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•44 views

ROS-20221007-04

Vulnerabilities in Firefox, Firefox ESR web browsers and Thunderbird email client are related to errors in the in the presentation of information by the user interface. Exploitation of the vulnerability could allow An attacker acting remotely could disclose protected information Vulnerability in...

8.8CVSS8.7AI score0.01342EPSS
Exploits0
Redos
Redos
•added 2022/03/29 12:0 a.m.•44 views

ROS-20220329-04

Vulnerability in nbd network block device implementation, related to stack-based buffer overflow during NBDOPTINFO or NBDOPTGO messages. Exploitation of the vulnerability could allow an attacker, acting remotely and not authenticated, to pass specially crafted data to an application, causing a...

9.8CVSS9.7AI score0.0347EPSS
Exploits3
Redos
Redos
•added 2021/12/24 12:0 a.m.•44 views

ROS-2-850

2.850 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•44 views

ROS-2-472

2.472 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

8.6AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2024/08/02 12:0 a.m.•43 views

ROS-20240801-01

A vulnerability in the modrewrite function of Apache HTTP Server is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.1CVSS8AI score0.99957EPSS
Exploits1
Redos
Redos
•added 2024/06/03 12:0 a.m.•43 views

ROS-20240603-04

Vulnerability of modproxy module of Apache HTTP Server web server is related to failure to take measures to process CRLF sequences in HTTP headers. CRLF sequences in HTTP headers. Exploitation of the vulnerability could allow an attacker, acting remotely to perform HTTP response splitting attacks...

9CVSS6.6AI score0.57941EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•43 views

ROS-20240409-06

A vulnerability in SaltStack Salt's configuration management and remote operations execution system is related to receiving multiple bad packets to the server equal to the number of worker threads, Salt will stop responding back requests before restarting. Exploitation of the vulnerability could...

7.8CVSS7.8AI score0.03332EPSS
Exploits1
Redos
Redos
•added 2024/03/28 12:0 a.m.•43 views

ROS-20240328-06

A vulnerability in the libssh library is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the ProxyCommand/ProxyJump component of the libssh library is related to improper control of co...

5.3CVSS6AI score0.01421EPSS
Exploits0
Redos
Redos
•added 2023/11/15 12:0 a.m.•43 views

ROS-20231114-01

A vulnerability in the Blink Media component of the Google Chrome browser is related to memory usage after it has been after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Blink Frames component of Goog...

9.6CVSS8.1AI score0.31864EPSS
Exploits1
Redos
Redos
•added 2023/11/09 12:0 a.m.•43 views

ROS-20231109-01

Go programming language vulnerability is related to insecure external control of critical state data state when processing the setuid and setgid attributes. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and gain access to read, modify, or...

9.8CVSS8.3AI score0.03332EPSS
Exploits0
Redos
Redos
•added 2023/10/13 12:0 a.m.•43 views

ROS-20231013-05

Vulnerability of prfunctiontype function in prdbg.c file of GNU Binutils development tool is related to a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the parsestabstructfields function of the GNU development tool...

5.5CVSS6.8AI score0.00654EPSS
Exploits7
Redos
Redos
•added 2023/07/06 12:0 a.m.•43 views

ROS-2-618

2.618 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.7AI score0.83406EPSS
Exploits0
Redos
Redos
•added 2022/11/23 12:0 a.m.•43 views

ROS-20221123-01

The vulnerability of qfbufaddline function of Vim text editor is related to memory usage after its release. Exploitation of the vulnerability may allow an intruder to affect the confidentiality, integrity and availability of protected information Vulnerability of the inscompladd function of the...

7.8CVSS7.8AI score0.01074EPSS
Exploits4
Redos
Redos
•added 2022/10/28 12:0 a.m.•43 views

ROS-20221028-01

Exim mail server vulnerability is related to the dmarcdnslookup function of the dmarc.c file of the DMARC handler component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory freeing and gain access to sensitive data Exim mail server vulnerability is...

9.8CVSS7.6AI score0.03661EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•43 views

ROS-20221007-05

Firefox browser vulnerability is related to a bounds error in HTML content processing. Exploitation The vulnerability could allow a remote attacker to create a customized website, trick the victim into opening it, cause memory corruption, and execute arbitrary code on the target system. the victi...

8.8CVSS9AI score0.01342EPSS
Exploits0
Redos
Redos
•added 2022/09/08 12:0 a.m.•43 views

ROS-20220908-01

A vulnerability in the netfilter subsystem of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to escalate privileges and execute arbitrary code A vulnerability in the Linux kernel is related to the fact that when...

7.8CVSS8.2AI score0.12746EPSS
Exploits22
Redos
Redos
•added 2022/02/01 12:0 a.m.•43 views

ROS-20220128-01

The vulnerability in the Polkit library for UNIX-like operating systems is related to improper handling of the number of call parameters in the pkexec setuid binary, which causes the binary to executes environment variables as commands. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS7.6AI score0.94921EPSS
Exploits151
Redos
Redos
•added 2021/09/08 12:0 a.m.•43 views

ROS-2-661

2.661 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.8AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2021/09/08 12:0 a.m.•43 views

ROS-2-987

2.987 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.4AI score0.52838EPSS
Exploits11
Redos
Redos
•added 2021/09/08 12:0 a.m.•43 views

ROS-2-520

2.520 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2021/09/08 12:0 a.m.•43 views

ROS-2-796

2.796 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

5.9CVSS7.5AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2024/12/04 12:0 a.m.•42 views

ROS-20241204-02

Vulnerability in the ca8210 component of the Linux operating system kernel is related to a memory leak in the function ca8210asyncxmitcomplete in drivers/net/ieee802154/ca8210.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the max97...

9.8CVSS7.7AI score0.01128EPSS
Exploits2
Redos
Redos
•added 2024/08/05 12:0 a.m.•42 views

ROS-20240805-03

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.1AI score0.99999EPSS
Exploits23
Redos
Redos
•added 2024/06/07 12:0 a.m.•42 views

ROS-20240607-04

Vulnerability of the virNetClientIOEventLoop method of the Libvirt virtualization management library is related to incorrect execution of the data pointer to the structure virNetClientIOEventLoop in the virNetClientIOEventLoop method virNetClientIOIOEventData. Exploitation of the vulnerability...

6.2CVSS6.7AI score0.00486EPSS
Exploits0
Redos
Redos
•added 2024/06/06 12:0 a.m.•42 views

ROS-20240606-01

A vulnerability in QEMU's USB EHCI controller emulation is related to the lack of checks if the buffer pointer overlaps with the MMIO register when transmitting USB packets. the buffer pointer overlaps with the MMIO region when transmitting USB packets. Exploitation of the vulnerability could all...

8.2CVSS6.9AI score0.01405EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•42 views

ROS-20240329-02

A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.6005EPSS
Exploits1
Redos
Redos
•added 2024/03/19 12:0 a.m.•42 views

ROS-20240319-01

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

6.5CVSS7.8AI score0.93305EPSS
Exploits11
Redos
Redos
•added 2024/03/13 12:0 a.m.•42 views

ROS-2-461

2.461 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.5CVSS7AI score0.02719EPSS
Exploits0
Redos
Redos
•added 2023/10/30 12:0 a.m.•42 views

ROS-20231030-01

A vulnerability in the modmacro component of the Apache HTTP Server web server is related to an out-of-field read. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

7.5CVSS6.8AI score0.02978EPSS
Exploits0
Redos
Redos
•added 2023/09/20 12:0 a.m.•42 views

ROS-20230919-02

Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...

8.8CVSS7.5AI score0.00756EPSS
Exploits0
Redos
Redos
•added 2023/09/19 12:0 a.m.•42 views

ROS-20230918-02

A vulnerability in the OpenSSL cryptographic library is related to insufficient validation of user input data in the POLY1305 MAC message authentication code implementation. data in the POLY1305 MAC message authentication code implementation. Exploitation of the vulnerability could allow an...

7.8CVSS7AI score0.00862EPSS
Exploits0
Redos
Redos
•added 2023/07/10 12:0 a.m.•42 views

ROS-20230710-01

A vulnerability in Podman software is related to a type mixing error. Exploitation of the vulnerability could allow an attacker acting remotely to send specially crafted data to the application, cause a type-mixing error, and reinterpret the resulting content differently. The Podman software...

8.8CVSS6.7AI score0.04238EPSS
Exploits3
Redos
Redos
•added 2022/11/18 12:0 a.m.•42 views

ROS-20221118-04

A vulnerability in Mozilla Firefox browser is related to a post-release memory usage error in the InputStream implementation. Exploitation of the vulnerability could allow an attacker acting remotely, to force a victim to visit a specially crafted website, trigger a post-release usage error and...

6.5CVSS8.7AI score0.00696EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•42 views

ROS-20221103-03

A vulnerability in the Apache Batik XML SVG graphics rendering, generation, and management library is related to the fact that, the application allows Java classes to be run via JavaScript. Exploitation of the vulnerability could allow an attacker acting remotely to use JavaScript to execute a Ja...

7.5CVSS8.1AI score0.0232EPSS
Exploits0
Redos
Redos
•added 2022/10/25 12:0 a.m.•42 views

ROS-20221025-04

Mozilla Thunderbird email client vulnerability is related to a boundary error in the engine's garbage collector JS. Exploitation of the vulnerability could allow an attacker acting remotely to create a customized website, trick the victim into opening it, cause memory corruption, and execute...

8.8CVSS8AI score0.0083EPSS
Exploits0
Redos
Redos
•added 2022/05/30 12:0 a.m.•42 views

ROS-20220530-04

Vulnerability of Array method of Mozilla Firefox and Mozilla Firefox ESR browsers and Thunderbird mail client is related to code generation errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary JavaScript code. remotely to execute arbitrary...

8.8CVSS8.8AI score0.26709EPSS
Exploits0
Redos
Redos
•added 2022/03/14 12:0 a.m.•42 views

ROS-20220314-02

Vulnerability of copypagetoiterpipe and pushpipe functions of Linux kernel is related to errors when saving permissions. Exploitation of the vulnerability could allow an attacker to overwrite the contents of the page cache of arbitrary files...

7.8CVSS7.7AI score0.88106EPSS
Exploits100
Redos
Redos
•added 2025/05/13 12:0 a.m.•41 views

ROS-2-576

2.576 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/09/18 12:0 a.m.•41 views

ROS-20240918-04

Webmin hosting control panel vulnerability is related to failure to take measures to protect the structure of a web page. of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the ajaxterm module of the Webmin hosti...

8.8CVSS6.7AI score0.00708EPSS
Exploits9
Redos
Redos
•added 2024/06/11 12:0 a.m.•41 views

ROS-20240611-12

Vulnerability of the named DNS server daemon BIND is related to an operation overrunning the buffer boundaries in memory as a result of recursion during processing of received packets. as a result of uncontrolled recursion when processing received packets. Exploitation of the vulnerability could...

7.5CVSS7.1AI score0.02626EPSS
Exploits0
Redos
Redos
•added 2024/04/25 12:0 a.m.•41 views

ROS-20240425-04

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

8.6CVSS7.7AI score0.93305EPSS
Exploits4
Redos
Redos
•added 2023/10/30 12:0 a.m.•41 views

ROS-20231030-05

Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...

7.5CVSS6.8AI score0.70595EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•41 views

ROS-2-1443

2.1443 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.1AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2023/04/14 12:0 a.m.•41 views

ROS-20230414-04

The curl program vulnerability is related to a memory usage error after release when processing rejected requests from HTTP proxy using SMB or TELNET protocols. Exploitation of the vulnerability could allow an attacker acting remotely to cause a post-release memory usage error and cause the...

5.9CVSS6.8AI score0.02511EPSS
Exploits1
Total number of security vulnerabilities5000