Lucene search
K
RedosMost viewed

8283 matches found

Redos
Redos
•added 2025/03/11 12:0 a.m.•8 views

ROS-20250311-08

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/07 12:0 a.m.•8 views

ROS-20250307-03

A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browser exists due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate privileges using a specially crafted HTML...

8.8CVSS8.7AI score0.07435EPSS
Exploits10
Redos
Redos
•added 2025/03/07 12:0 a.m.•8 views

ROS-20250307-07

A vulnerability in the OVN Open Virtual Network abstraction support system is related to bypassing the output access control lists ACLs in OVN deployments using crafted UDP packets. Exploitation The vulnerability could allow an attacker acting remotely to gain unauthorized access to the Virtual...

8.1CVSS7.4AI score0.00832EPSS
Exploits0
Redos
Redos
•added 2025/03/03 12:0 a.m.•8 views

ROS-20250303-02

Vulnerability in the htmlawed module of the GLPI computer hardware request, incident and inventory system is related to incorrect input validation in /vendor/htmlawed/htmlawed/htmlawed/htmLawedTest.php. Exploitation of the of the vulnerability could allow an attacker acting remotely to inject...

9.8CVSS7.1AI score0.99628EPSS
Exploits13
Redos
Redos
•added 2025/02/26 12:0 a.m.•8 views

ROS-20250226-04

A vulnerability in the Starlette ASGI web development framework is related to the allocation of unlimited memory. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

8.7CVSS6.3AI score0.00658EPSS
Exploits0
Redos
Redos
•added 2025/02/12 12:0 a.m.•8 views

ROS-20250212-04

A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the consumption of internal resources in werkzeug.formparser.MultiPartParser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.4CVSS8.1AI score0.00273EPSS
Exploits0
Redos
Redos
•added 2025/01/30 12:0 a.m.•8 views

ROS-20250130-01

Linux operating system kernel vulnerability is linked to security configuration errors. Exploitation exploitation of the vulnerability could allow an attacker to bypass the secure boot mechanism and escalate privileges...

6.7CVSS8.7AI score0.002EPSS
Exploits0
Redos
Redos
•added 2025/01/17 12:0 a.m.•8 views

ROS-20250117-06

A vulnerability in the drm/lima components of the Linux operating system kernel is related to the race condition in the function limaschedtimedoutjob in drivers/gpu/drm/lima/lima/limasched.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A...

7.8CVSS8AI score0.00317EPSS
Exploits0
Redos
Redos
•added 2025/01/15 12:0 a.m.•8 views

ROS-20250115-03

A vulnerability in the ldapescape function of the PHP programming language interpreter is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the dblib and...

9.8CVSS8.4AI score0.02286EPSS
Exploits4
Redos
Redos
•added 2025/01/13 12:0 a.m.•8 views

ROS-20250113-04

A vulnerability in the usb component of the Linux kernel is related to incorrect locking in the functions freeepfback, uaudiosetvolume, uaudiosetmute and gaudiosetup functions in drivers/usb/gadget/function/uaudio.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...

5.5CVSS6.8AI score0.0021EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•8 views

ROS-20250109-07

A vulnerability in the Downloads component of Microsoft Edge and Google Chrome browsers is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected information...

9.6CVSS8.7AI score0.06295EPSS
Exploits11
Redos
Redos
•added 2025/01/09 12:0 a.m.•8 views

ROS-20250109-05

Vulnerability in Firefox ESR, Firefox web browsers and Thunderbird email client is related to errors in data type conversion due to enabled autorun private mode. data type conversion errors due to enabled private mode autorun. Exploitation of the vulnerability could allow an attacker acting...

8.8CVSS8.5AI score0.72648EPSS
Exploits18
Redos
Redos
•added 2024/12/12 12:0 a.m.•8 views

ROS-20241212-22

Vulnerability of addRelatedObjects function of Zabbix universal monitoring system is related to failure to take measures to protect SQL query structure. to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges by...

9.9CVSS9.7AI score0.78831EPSS
Exploits13
Redos
Redos
•added 2024/12/09 12:0 a.m.•8 views

ROS-20241209-03

A vulnerability in the ntfs-3g utility of the NTFS-3G driver set of the NTFS-3G implementation of the NTFS file system is related to errors in the use of freed memory in ntfsuppercasembs in libntfs-3g/unistr.c. Exploitation of the vulnerability could allow an attacker to potentially cause a file...

4.5CVSS6.7AI score0.00159EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•8 views

ROS-20241029-03

The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...

6.5CVSS7.3AI score0.01345EPSS
Exploits0
Redos
Redos
•added 2024/10/18 12:0 a.m.•8 views

ROS-20241017-15

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

3.7CVSS7AI score0.01257EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•8 views

ROS-20240927-14

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

3.7CVSS7.2AI score0.00746EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•8 views

ROS-20240924-06

A vulnerability in the Garbage Collector component of the Firefox and Firefox ESR browsers and the Thunderbird email client is related to memory release errors in object operations. Thunderbird email client is associated with memory freeing errors when performing operations on objects. Exploitati...

9.8CVSS7.6AI score0.01585EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•8 views

ROS-20240924-05

The vulnerability in Firefox ESR web browsers, Firefox and Thunderbird email client is related to writing beyond the buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Thunderbird email client and Firefox,...

9.8CVSS7.3AI score0.01233EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•8 views

ROS-20240923-08

Vulnerabilities in Mozilla Firefox, Firefox ESR and Thunderbird email client are related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, spoofing attacks Vulnerability in the implementation of the HSTS HTTP Strict Transport Security...

8.8CVSS8.7AI score0.02155EPSS
Exploits2
Redos
Redos
•added 2024/09/11 12:0 a.m.•8 views

ROS-20240911-19

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•8 views

ROS-20240911-17

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•8 views

ROS-20240911-20

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/08/14 12:0 a.m.•8 views

ROS-20240814-06

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of hidden side channels. exploitation of hidden side channels. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected information...

8.1CVSS8.6AI score0.0107EPSS
Exploits3
Redos
Redos
•added 2024/08/02 12:0 a.m.•8 views

ROS-20240801-05

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS5.3AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•8 views

ROS-20240730-15

A vulnerability in the dstring.c component of the Debian GNU/Linux operating system cpio package is caused by an integer overflow. overflow. Exploitation of the vulnerability could allow an attacker to cause a stack overflow via a generated file...

7.8CVSS7.2AI score0.0415EPSS
Exploits1
Redos
Redos
•added 2024/07/30 12:0 a.m.•8 views

ROS-20240729-22

A vulnerability in the packageindex module of the library designed to simplify the packaging of setuptools projects is related to functions used to download packages from URLs, provided by users or obtained from package index servers, are susceptible to code injection. Exploitation of the...

8.8CVSS7.4AI score0.01939EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•8 views

ROS-20240409-18

Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

6.2CVSS6.5AI score0.00437EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•8 views

ROS-20240402-20

A vulnerability in the Cargo package manager of the Rust programming language is associated with incorrect verification of the of the cryptographic signature. Exploitation of the vulnerability could allow an attacker acting remotely, affect the integrity of protected information via SSH protocol...

5.9CVSS6.6AI score0.00649EPSS
Exploits0
Redos
Redos
•added 2024/03/22 12:0 a.m.•8 views

ROS-20240322-02

Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...

8CVSS8.2AI score0.01465EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1044

2.1044 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1911

2.1911 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.5AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1031

2.1031 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1769

2.1769 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1580

2.1580 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS6.7AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-935

2.935 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1079

2.1079 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1046

2.1046 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1675

2.1675 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1528

2.1528 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1141

2.1141 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1099

2.1099 Notification on the update of the Red OS OPERATING SYSTEM MIS RED SOFT LLC notifies of the renewal of the previously obtained certificate of conformity of FSTEC of Russia 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can contact the...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-773

2.773 Notification on the update of the Red OS OPERATION SYSTEM MIS RED SOFT LLC notifies of the extension of the validity of the previously obtained FSTEC of Russia Certificate of Conformity No. 4060 until 12.01.2029 of the operating system "RED OS", decimal number RU.29926343.02.01-01. You can...

7.3AI score
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1862

2.1862 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01861EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1652

2.1652 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1781

2.1781 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2024/03/13 12:0 a.m.•8 views

ROS-2-1966

2.1966 Multiple vulnerabilities of libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS10AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/11/13 12:0 a.m.•8 views

ROS-20231110-03

Vulnerability of the DirSync catlog synchronization mechanism of the Samba networking software package is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker, acting remotely, gain unauthorized access to protected information and increase...

9.8CVSS7.5AI score0.02409EPSS
Exploits1
Redos
Redos
•added 2023/10/16 12:0 a.m.•8 views

ROS-20231016-07

A vulnerability in the tiff.c file of the ImageMagick console graphics editor is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to force a user to open a specially crafted file, resulting in application crash and denial of servi...

6.2CVSS7.6AI score0.00314EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•8 views

ROS-2-1063

2.1063 Notification on update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technic...

7.3AI score
Exploits0
Total number of security vulnerabilities5000