Lucene search
K
RedosMost viewed

8219 matches found

Redos
Redos
added 2025/04/24 12:0 a.m.9 views

ROS-20250424-34

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.0033EPSS
Exploits1
Redos
Redos
added 2025/04/21 12:0 a.m.9 views

ROS-20250421-01

Vulnerability of the vmfaultt vasmmapfault function of the arch/powerpc/platforms/book3s/vas-api.c module of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.8AI score0.00271EPSS
Exploits1
Redos
Redos
added 2025/04/17 12:0 a.m.9 views

ROS-20250417-03

The Jenkins Automation Server vulnerability is related to the fact that the vulnerable plugin does not edit encrypted secret values when accessing config.xml of agents via REST API or CLI. Exploitation of the vulnerability could Allow an attacker acting remotely to gain access to potentially...

5.4CVSS7.2AI score0.00684EPSS
Exploits0
Redos
Redos
added 2025/04/03 12:0 a.m.9 views

ROS-20250403-04

A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.00804EPSS
Exploits0
Redos
Redos
added 2025/04/03 12:0 a.m.9 views

ROS-20250403-12

OpenSearch software package vulnerability related to out-of-bounds memory reads. Exploitation of the vulnerability could allow an attacker to obtain sensitive data...

5.7CVSS6.5AI score0.00512EPSS
Exploits0
Redos
Redos
added 2025/04/02 12:0 a.m.9 views

ROS-20250402-08

The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the application allows the use of entity aliases mapped to a single resource with the same alias name. Exploitation of the vulnerability could allow an attacker actin...

9.1CVSS7AI score0.00781EPSS
Exploits0
Redos
Redos
added 2025/03/12 12:0 a.m.9 views

ROS-20250312-01

The vulnerability of thejd drm/amd/display component of the Linux kernel is related to incorrect verification of the input data in the calculatettucursor function in the drivers/gpu/drm/amd/display/dc/dml/dcn21/displayrqdlgcalc21.c, in the calculatettucursor function in the...

7.8CVSS7.2AI score0.00327EPSS
Exploits0
Redos
Redos
added 2025/03/11 12:0 a.m.9 views

ROS-20250311-03

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
added 2025/02/26 12:0 a.m.9 views

ROS-20250226-13

The Eclipse Jetty servlet container vulnerability is due to the application not properly controlling the internal resource consumption in the ThreadLimitHandler.getRemote function. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...

6.5CVSS6.3AI score0.01037EPSS
Exploits0
Redos
Redos
added 2025/02/26 12:0 a.m.9 views

ROS-20250226-05

A vulnerability in AMD processors is associated with improper access control in System Management Mode SMM. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.7AI score0.00989EPSS
Exploits0
Redos
Redos
added 2025/02/26 12:0 a.m.9 views

ROS-20250226-06

A vulnerability in python-multipart, a streaming multi-component parser for Python, is related to the fact that the application generates redundant log entries when parsing form data. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.4AI score0.00644EPSS
Exploits0
Redos
Redos
added 2025/02/26 12:0 a.m.9 views

ROS-20250226-03

Vulnerability of MongoDB database management system is related to incorrect consistency checking in the input data during index processing with PrepareUnique parameter. input data during index processing with PrepareUnique parameter. Exploitation of the vulnerability could allow an attacker actin...

6.5CVSS6.6AI score0.0057EPSS
Exploits0
Redos
Redos
added 2025/01/31 12:0 a.m.9 views

ROS-20250131-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to improper error handling in the f2fsmarkinodedirtysync function in f2fs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsi component of...

7.8CVSS5.9AI score0.00274EPSS
Exploits0
Redos
Redos
added 2025/01/21 12:0 a.m.9 views

ROS-20250418-01

A vulnerability in the gui/util/qktxhandler.cpp component of the KTX image processing module of the cross-platform Qt software development framework is related to a buffer overrun. Qt software development framework is related to an operation exceeding buffer boundaries in memory. memory...

6.5CVSS6.9AI score0.00452EPSS
Exploits0
Redos
Redos
added 2025/01/21 12:0 a.m.9 views

ROS-20250121-07

Vulnerability of ECMP dissector of computer network traffic analyzer Wireshark is related to insufficient inadequate validation of user input. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in FiveCo RAP dissector of Wireshark computer network...

7.8CVSS6.8AI score0.00306EPSS
Exploits1
Redos
Redos
added 2025/01/21 12:0 a.m.9 views

ROS-20250121-08

Vulnerability of Asterisk management systems is related to improper access restrictions for users with the the "write=originate" role. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges on the system...

8.8CVSS6.8AI score0.04703EPSS
Exploits4
Redos
Redos
added 2025/01/20 12:0 a.m.9 views

ROS-20250120-01

Vulnerability of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers of operating systems Windows is related to leaked video frames from different sources. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information...

7.5CVSS7AI score0.00701EPSS
Exploits0
Redos
Redos
added 2025/01/14 12:0 a.m.9 views

ROS-20250114-10

Vulnerability in the animation control and synchronization handler on web pages of Mozilla Firefox browsers, Firefox ESR is related to the possibility of memory usage after its release. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting it into...

9.8CVSS9.6AI score0.32568EPSS
Exploits1
Redos
Redos
added 2025/01/14 12:0 a.m.9 views

ROS-20250114-14

A vulnerability in the compress component of the Linux operating system kernel is related to incorrect blocking in the f2fsreleasecompressblocks and f2fsreservecompressblocks functions in f2fs/file.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

7.1CVSS6.8AI score0.00239EPSS
Exploits0
Redos
Redos
added 2025/01/10 12:0 a.m.9 views

ROS-20250110-09

Vulnerability in Erlang programming language OTP library set is related to incorrect certificate validation. certificate. Exploitation of the vulnerability allows an attacker acting remotely to perform a MitM attack...

5.5CVSS6.8AI score0.00251EPSS
Exploits0
Redos
Redos
added 2024/12/11 12:0 a.m.9 views

ROS-20241211-04

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.04422EPSS
Exploits1
Redos
Redos
added 2024/12/09 12:0 a.m.9 views

ROS-20241209-02

A vulnerability in some IntelR TDX modules is related to improper input validation. Exploitation of the vulnerability could allow a privileged attacker to potentially escalate privileges through local access. Vulnerability related to processor instruction sequencing causes unexpected behavior on...

8.2CVSS6.4AI score0.00379EPSS
Exploits0
Redos
Redos
added 2024/12/09 12:0 a.m.9 views

ROS-20241209-04

A vulnerability in the JavaScript library for securely cleaning and protecting DOMPurify HTML code is related to flaws in the validation of input data containing signs of an XSS attack. Exploitation of the vulnerability could Allow a remote attacker to perform a cross-site scripted attack...

10CVSS6.2AI score0.01093EPSS
Exploits2
Redos
Redos
added 2024/10/18 12:0 a.m.9 views

ROS-20241017-16

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

3.7CVSS7AI score0.01257EPSS
Exploits0
Redos
Redos
added 2024/10/18 12:0 a.m.9 views

ROS-20241017-14

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

3.7CVSS7AI score0.01257EPSS
Exploits0
Redos
Redos
added 2024/10/15 12:0 a.m.9 views

ROS-20241015-17

A vulnerability in the Networking component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect authorization. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity ...

3.7CVSS7.1AI score0.01361EPSS
Exploits0
Redos
Redos
added 2024/10/01 12:0 a.m.9 views

ROS-20241001-08

Vulnerability of SPRT dissector of Wireshark computer network traffic analyzer related to access to an uninitialized pointer. uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service via packet injection or a specially crafted capture...

7.8CVSS7.2AI score0.00317EPSS
Exploits1
Redos
Redos
added 2024/09/11 12:0 a.m.9 views

ROS-20240911-22

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
added 2024/08/26 12:0 a.m.9 views

ROS-20240826-26

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
Redos
Redos
added 2024/08/20 12:0 a.m.9 views

ROS-20240820-12

A vulnerability in the JavaFX component of Oracle GraalVM Enterprise Edition virtual machine and Oracle Java SE software platform is related to insufficient input validation. Oracle Java SE platform is related to insufficient input data validation. Exploitation of the vulnerability could allow an...

3.1CVSS3.6AI score0.00601EPSS
Exploits0
Redos
Redos
added 2024/08/20 12:0 a.m.9 views

ROS-20240820-06

The aiohttp HTTP client vulnerability is related to flaws in HTTP request processing. Exploitation of the vulnerability could allow an attacker acting remotely to perform an "HTTP request smuggling" attack...

7.2AI score
Exploits0
Redos
Redos
added 2024/08/16 12:0 a.m.9 views

ROS-20240816-14

A vulnerability in the phardirread function of the PHP interpreter is caused by a buffer overflow on the stack. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Vulnerability in PHP programming language interpreter is related to incorrect restriction of XM...

9.8CVSS8.9AI score0.08003EPSS
Exploits4
Redos
Redos
added 2024/08/16 12:0 a.m.9 views

ROS-20240816-15

A vulnerability in the PHP programming language interpreter is related to the erroneous handling of cookies due to the replacement of spaces, dots, and open square brackets with underscores. as a result of replacing spaces, periods and open square brackets with underscores. Exploitation...

6.5CVSS7AI score0.3786EPSS
Exploits0
Redos
Redos
added 2024/07/30 12:0 a.m.9 views

ROS-20240730-18

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...

7.4CVSS7.4AI score0.00918EPSS
Exploits0
Redos
Redos
added 2024/05/29 12:0 a.m.9 views

ROS-20240529-05

A vulnerability in the ImageIO component of the Oracle Java SE software platform and the Oracle GraalVM Virtual Machine Enterprise Edition is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a partial denial of service Vulnerability i...

7.5CVSS7.6AI score0.48235EPSS
Exploits6
Redos
Redos
added 2024/05/21 12:0 a.m.9 views

ROS-20240521-10

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1021

2.1021 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-779

2.779 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS RED SOFT LLC notifies of the extension of the validity of the previously obtained FSTEC of Russia Certificate of Conformity No. 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You ca...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1694

2.1694 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows a remote unauthenticated attacker to execute arbitrary code.Identifier of the Information Security Threats Dat...

8.1CVSS8.2AI score0.01607EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1759

2.1759 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1611

2.1611 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.3AI score0.10634EPSS
Exploits2
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1734

2.1734 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1519

2.1519 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1663

2.1663 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS8.1AI score0.01368EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1752

2.1752 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS6.8AI score0.01861EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1029

2.1029 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-753

2.753 Notification of Update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technical...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-356

2.356 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia №4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-412

2.412 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the technic...

7.3AI score
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.9 views

ROS-2-1552

2.1552 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS7.9AI score0.01428EPSS
Exploits1
Total number of security vulnerabilities5000