Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2025/12/01 12:0 a.m.•9 views

ROS-20251201-02

A vulnerability in the vfsinode.c component of the Linux kernel is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the llcpsock.c component of the Lin...

7.1CVSS6.7AI score0.0025EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•9 views

ROS-20251128-02

A vulnerability in OpenBao's secret management and encryption system is related to the fact that OpenBao's audit logs incorrectly edited fields when the corresponding subsystems sent byte response parameters rather than strings. strings. Exploitation of the vulnerability could allow an attacker...

5.7CVSS6.8AI score0.00299EPSS
Exploits0
Redos
Redos
•added 2025/11/25 12:0 a.m.•9 views

ROS-20251125-04

A vulnerability in OpenBao's secret management and encryption system is related to the fact that the software stores sensitive information in log files. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...

7.5CVSS6.8AI score0.00286EPSS
Exploits0
Redos
Redos
•added 2025/11/25 12:0 a.m.•9 views

ROS-20251125-12

Vulnerability of QuerySet and Q objects of Django web application development platform is related to failure to take measures to protect the SQL query structure when processing an argument with the connector keyword. Exploitation of the vulnerability could allow an attacker acting remotely to...

9.1CVSS7.1AI score0.19396EPSS
Exploits10
Redos
Redos
•added 2025/11/25 12:0 a.m.•9 views

ROS-20251125-01

A vulnerability in the cross-platform software development framework Qt is related to a bug in the data boundary checking when reading data from Bluetooth L2CAP socket in processUnsolicitedReply and processReply in bluetooth/qlowenergycontrollerbluez.cpp. Exploitation of the vulnerability could...

3.1CVSS7.9AI score0.00172EPSS
Exploits0
Redos
Redos
•added 2025/11/25 12:0 a.m.•9 views

ROS-20251125-06

A vulnerability in the Moodle virtual learning environment is related to the disclosure of hidden group names to users, who have permission to create events in the calendar. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected...

6.5CVSS6.9AI score0.00246EPSS
Exploits0
Redos
Redos
•added 2025/11/24 12:0 a.m.•9 views

ROS-20251124-05

The Redis database management system DBMS vulnerability is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.9CVSS7.1AI score0.86767EPSS
Exploits14
Redos
Redos
•added 2025/11/17 12:0 a.m.•9 views

ROS-20251117-08

Vulnerability of the ksmbdexpiresession function in the fs/smb/server/mgmt/usersession.c module of the in-core CIFS/SMB3 ksmbd server kernel of the Linux operating system is related to reuse of previously of previously freed memory. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS8.1AI score0.00267EPSS
Exploits0
Redos
Redos
•added 2025/11/17 12:0 a.m.•9 views

ROS-20251117-04

A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...

8.8CVSS7.1AI score0.00541EPSS
Exploits9
Redos
Redos
•added 2025/10/21 12:0 a.m.•9 views

ROS-20251021-01

The vulnerability of the parisc component of the Linux kernel is related to incorrect error handling in the fixupexception function in arch/parisc/mm/fault.c, as well as in emulateldh, emulateldw, emulateldd, emulatesth, emulatestw, and emulatestd in arch/parisc/kernel/unaligned.c. Exploitation o...

7.8CVSS8.3AI score0.00276EPSS
Exploits0
Redos
Redos
•added 2025/10/16 12:0 a.m.•9 views

ROS-20251016-04

Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...

9.8CVSS9.4AI score0.87816EPSS
Exploits4
Redos
Redos
•added 2025/09/25 12:0 a.m.•9 views

ROS-20250925-04

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS6.5AI score0.01184EPSS
Exploits14
Redos
Redos
•added 2025/08/22 12:0 a.m.•9 views

ROS-20250822-07

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

7.5CVSS6.4AI score0.00693EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•9 views

ROS-20250822-13

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2025/08/21 12:0 a.m.•9 views

ROS-20250821-08

A vulnerability in the TCPDF PHP library is related to reading arbitrary files from the server's file system via the src tag. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information. information Vulnerability in TCPDF PHP library is related to improper...

7.5CVSS8.4AI score0.01325EPSS
Exploits3
Redos
Redos
•added 2025/08/19 12:0 a.m.•9 views

ROS-20250819-05

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...

9.4CVSS5.9AI score0.01184EPSS
Exploits11
Redos
Redos
•added 2025/08/13 12:0 a.m.•9 views

ROS-20250813-11

A vulnerability in the SMM component of AMD GPU firmware is related to incorrect processing of some special address ranges with invalid entries in the device table DTE. device table entries DTE. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A...

10CVSS7.9AI score0.00622EPSS
Exploits2
Redos
Redos
•added 2025/08/06 12:0 a.m.•9 views

ROS-20250806-01

Squid proxy server vulnerability is related to buffer overflow in dynamic memory when processing URN headers. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted HTTP requests. arbitrary code by sending specially crafted HTTP...

9.8CVSS7.7AI score0.22744EPSS
Exploits1
Redos
Redos
•added 2025/08/01 12:0 a.m.•9 views

ROS-20250801-01

A vulnerability in a set of add-on tools and libraries for the Go language designed to integrate with the OpenTelemetry, OpenTelemetry-Go Contrib is related to unconstrained and unregulated resource allocation when adding net.peer.sock.addr and net.peer.sock.port tags. regulation when adding...

7.5CVSS7.1AI score0.01592EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•9 views

ROS-20250724-11

Vulnerability in Apache HTTP Server web server kernel is related to access control bypass with resume session resumption in modssl. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the enforced security restrictions...

9.1CVSS6.1AI score0.0097EPSS
Exploits1
Redos
Redos
•added 2025/07/24 12:0 a.m.•9 views

ROS-20250724-06

A vulnerability in the Ruby websocket-extensions module that supports the implementation of WebSocket extensions is related to spending quadratic time parsing a header containing an unclosed string parameter value, which is a repeating two-byte sequence of backslash and some of backslash and some...

7.5CVSS7.4AI score0.04404EPSS
Exploits1
Redos
Redos
•added 2025/07/10 12:0 a.m.•9 views

ROS-20250710-14

Apache Tomcat application server vulnerability is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

7.5CVSS7.3AI score0.54877EPSS
Exploits1
Redos
Redos
•added 2025/06/25 12:0 a.m.•9 views

ROS-20250625-09

A vulnerability in the Apache Commons Configuration library is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using specially crafted script, dns, and url requests. using specially crafted script, dn...

9.8CVSS6.4AI score0.42646EPSS
Exploits3
Redos
Redos
•added 2025/06/25 12:0 a.m.•9 views

ROS-20250625-03

Vulnerability of eachpair function from strongparameters.rb of Ruby on Rails software platform is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential data Vulnerability in Ruby on Rails software...

7.5CVSS8.9AI score0.04198EPSS
Exploits2
Redos
Redos
•added 2025/06/24 12:0 a.m.•9 views

ROS-20250624-01

A vulnerability in the SEV-SNP functions of AMD processor firmware is related to incorrectly input validation for serial presence detection DIMM SPD metadata. Exploitation of the vulnerability allows an attacker to overwrite guest memory, resulting in a loss of the guest data integrity...

5.3CVSS7.2AI score0.00222EPSS
Exploits0
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250619-01

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to sending requests with an extremely large number of parameters. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Rack...

7.5CVSS7.4AI score0.00911EPSS
Exploits0
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250619-15

A software vulnerability in the Grafana monitoring and surveillance platform is related to a vulnerability in the of the XY Chart plugin to DOM XSS. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Grafana monitoring and surveillance platform...

8.3CVSS6.6AI score0.97809EPSS
Exploits6
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250619-11

The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...

9.8CVSS7.3AI score0.00791EPSS
Exploits0
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250619-13

The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...

9.8CVSS7.3AI score0.00791EPSS
Exploits0
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250619-05

A vulnerability in the PostgreSQL PgBouncer connection pooling program is related to the fact that a password can be used after it expires, because authquery does not take into account the value of Postgre's VALID UNTIL. Exploitation of the vulnerability allows an attacker acting remotely to gain...

9.8CVSS8AI score0.00305EPSS
Exploits0
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250619-07

Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to a lack of quota checking for attachments. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in cloud software for creating and...

6.5CVSS4.7AI score0.00662EPSS
Exploits0
Redos
Redos
•added 2025/06/19 12:0 a.m.•9 views

ROS-20250616-22

A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...

7.5CVSS5.1AI score0.00348EPSS
Exploits0
Redos
Redos
•added 2025/06/16 12:0 a.m.•9 views

ROS-20250616-14

Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

5.9CVSS5.8AI score0.00612EPSS
Exploits0
Redos
Redos
•added 2025/05/26 12:0 a.m.•9 views

ROS-20250526-03

Nomad application orchestrator vulnerability related to vulnerability to directory path escaping Distributions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.6CVSS6.7AI score0.00388EPSS
Exploits0
Redos
Redos
•added 2025/05/26 12:0 a.m.•9 views

ROS-20250526-02

Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file...

5.5CVSS7.1AI score0.00446EPSS
Exploits0
Redos
Redos
•added 2025/05/22 12:0 a.m.•9 views

ROS-20250522-01

Vulnerability in the scsi component of the Linux operating system kernel is related to a use-after release in the scsihexpandernoderemove function in drivers/scsi/mpt3sas/mpt3sasscsih.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the...

7.8CVSS7.2AI score0.00312EPSS
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•9 views

ROS-2-35

2.35 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

7.1AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•9 views

ROS-2-65

2.65 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

7.1AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•9 views

ROS-2-223

2.223 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia â„–4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•9 views

ROS-2-407

2.407 Notification on update of the Red OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...

7AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•9 views

ROS-2-261

2.261 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

7.1AI score
Exploits0
Redos
Redos
•added 2025/05/13 12:0 a.m.•9 views

ROS-2-138

2.138 Notification on updating of the Anti-Malware Protection System "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need t...

7AI score
Exploits0
Redos
Redos
•added 2025/05/06 12:0 a.m.•9 views

ROS-20250505-12

A vulnerability in the OpenSSH cryptographic security tool is related to the fact that a challenge is only sent if the the combination of username and public key can be valid for logging in. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data. dat...

5.3CVSS6.9AI score0.05039EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•9 views

ROS-20250424-34

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.0033EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•9 views

ROS-20250424-06

A vulnerability in the listitemverbose function of the Libarchive library is related to a bounds error in the processing of .tar .tar files in the listitemverbose function in tar/util.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A...

7.8CVSS7.7AI score0.00337EPSS
Exploits2
Redos
Redos
•added 2025/04/21 12:0 a.m.•9 views

ROS-20250421-01

Vulnerability of the vmfaultt vasmmapfault function of the arch/powerpc/platforms/book3s/vas-api.c module of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.8AI score0.00271EPSS
Exploits1
Redos
Redos
•added 2025/04/17 12:0 a.m.•9 views

ROS-20250417-03

The Jenkins Automation Server vulnerability is related to the fact that the vulnerable plugin does not edit encrypted secret values when accessing config.xml of agents via REST API or CLI. Exploitation of the vulnerability could Allow an attacker acting remotely to gain access to potentially...

5.4CVSS7.2AI score0.00684EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•9 views

ROS-20250403-04

A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.00804EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•9 views

ROS-20250403-12

OpenSearch software package vulnerability related to out-of-bounds memory reads. Exploitation of the vulnerability could allow an attacker to obtain sensitive data...

5.7CVSS6.5AI score0.00512EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•9 views

ROS-20250402-08

The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the application allows the use of entity aliases mapped to a single resource with the same alias name. Exploitation of the vulnerability could allow an attacker actin...

9.1CVSS7AI score0.00781EPSS
Exploits0
Total number of security vulnerabilities5000