Lucene search
K
RedosMost viewed

8181 matches found

Redos
Redos
•added 2024/05/29 12:0 a.m.•38 views

ROS-20240529-01

Vulnerability in the Lightweight HTTP Server component of the Oracle Java SE software platform and virtual machine Oracle GraalVM Enterprise Edition is related to unrestricted resource allocation. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...

7.5CVSS7.4AI score0.46677EPSS
Exploits6
Redos
Redos
•added 2024/05/03 12:0 a.m.•38 views

ROS-20240503-01

A vulnerability in the Web Audio component of Microsoft Edge and Google Chrome browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Skia graphics library of Google Chro...

9.8CVSS8.7AI score0.13556EPSS
Exploits2
Redos
Redos
•added 2024/04/02 12:0 a.m.•38 views

ROS-20240402-17

A vulnerability in the net/http package of the Go programming language is related to information disclosure. vulnerability could allow a remote attacker to disclose protected information. A vulnerability in the cmd-go component of the Go programming language is related to public data transmission...

7.5CVSS7.1AI score0.02758EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•38 views

ROS-20240329-11

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.5AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/18 12:0 a.m.•38 views

ROS-20240318-01

Aiohttp HTTP client vulnerability exists due to insufficient input validation. Exploitation vulnerability could allow an attacker acting remotely to modify an HTTP request or create a new HTTP request The aiohttp HTTP client vulnerability is related to code analyzer errors when the header is...

7.5CVSS5.8AI score0.01422EPSS
Exploits5
Redos
Redos
•added 2023/09/20 12:0 a.m.•38 views

ROS-20230920-03

A vulnerability in the WebP image display module of the Google Chrome browser is related to reading outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7.1AI score0.99694EPSS
Exploits9
Redos
Redos
•added 2023/02/03 12:0 a.m.•38 views

ROS-20230203-03

A vulnerability in the GNU Binary Utilities binutils object code manipulation toolkit is related to a memory access error. Exploitation of the vulnerability could allow an attacker acting remotely to analyze an ELF file containing corrupted information. remotely, to analyze an ELF file containing...

5.5CVSS6.1AI score0.00437EPSS
Exploits1
Redos
Redos
•added 2023/01/27 12:0 a.m.•38 views

ROS-20230127-02

Vim text editor vulnerability is related to NULL pointer dereferencing error in function guix11createblankmouse in guix11.c. Exploiting the vulnerability could allow an attacker, remotely, trick the victim into opening a specially crafted file and performing a denial-of-service attack DoS. "denia...

7.8CVSS8.2AI score0.00555EPSS
Exploits1
Redos
Redos
•added 2022/06/01 12:0 a.m.•38 views

ROS-20220131-01

Vulnerability in the ptp4l service of the LinuxPTP precision time protocol PTP implementation software is caused by an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, cause the application to crash as a result of creatin...

8.8CVSS8.2AI score0.02955EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•38 views

ROS-2-654

2.654 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: A vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

7.8CVSS5.3AI score0.99295EPSS
Exploits81
Redos
Redos
•added 2021/09/08 12:0 a.m.•38 views

ROS-2-550

2.550 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote attacke...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•38 views

ROS-2-1464

2.1464 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/09/08 12:0 a.m.•38 views

ROS-2-655

2.655 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

5.9CVSS7AI score0.04006EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•37 views

ROS-20241112-12

A vulnerability in the drm/vmwgfx components of the Linux operating system kernel is related to memory corruption in the vmwducursormobsize and vmwducursorplanecleanupfb functions in the drivers/gpu/drm/vmwgfx/vmwgfxkms.c. Exploitation of the vulnerability could allow an attacker to elevate the...

8.8CVSS7.3AI score0.00646EPSS
Exploits0
Redos
Redos
•added 2024/11/05 12:0 a.m.•37 views

ROS-20241105-01

A vulnerability in the i2c component of the Linux kernel is related to a stack overflow in the function mlxbfi2csmbusstarttransaction in drivers/i2c/busses/i2c-mlxbf.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the netfilter componen...

9.1CVSS8.2AI score0.01635EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•37 views

ROS-20240815-05

A vulnerability in the centralized service for maintaining configuration information, naming, providing Apache ZooKeeper's centralized service for maintaining configuration information and naming, providing distributed synchronization, and providing group services is related to the lack of ACL...

9.1CVSS8.1AI score0.73654EPSS
Exploits1
Redos
Redos
•added 2024/08/13 12:0 a.m.•37 views

ROS-20240813-02

Vulnerability of nvmettcpbuildpduiovec function in drivers/nvme/target/tcp.c module of NVMe driver of Linux kernel is related to null pointer dereference. of Linux operating system is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denia...

7.8CVSS8.2AI score0.78388EPSS
Exploits0
Redos
Redos
•added 2024/07/31 12:0 a.m.•37 views

ROS-20240731-05

A vulnerability in the SHA-3 cryptographic hash function of the eXtended Keccak Code Package XKCP software package is related to errors in block processing of input data and type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code during...

9.8CVSS8.2AI score0.05193EPSS
Exploits1
Redos
Redos
•added 2024/07/04 12:0 a.m.•37 views

ROS-20240704-07

A vulnerability in the parseQuery function of the Webpack loader-utilss package is related to improperly controlled modification of object characteristic attributes. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary JavaScript code Ansi-regex ANSI...

9.8CVSS8.2AI score0.24928EPSS
Exploits8
Redos
Redos
•added 2024/07/04 12:0 a.m.•37 views

ROS-20240704-10

A vulnerability in the python38.pth file of the Python programming language interpreter is related to ignoring the sys.path constraints specified in python38.pth . Exploitation of the vulnerability could allow an attacker acting remotely to download code from arbitrary locations A vulnerability i...

9.8CVSS7.4AI score0.06304EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•37 views

ROS-20240627-04

A vulnerability in the ioctl component of the Flatpak application and environment management tool is related to copying text from the virtual console and pasting it into the command buffer, from which the command can be run after exiting the Flatpak application. Exploitation of the vulnerability...

10CVSS6.9AI score0.00887EPSS
Exploits0
Redos
Redos
•added 2024/05/22 12:0 a.m.•37 views

ROS-20240522-05

A vulnerability in the Hotspot component of Java SE software platforms, Oracle GraalVM Enterprise Virtual Machine Edition is related to insufficient input data validation. Exploitation of the vulnerability could allow A remote attacker to create, delete, or modify access to data Vulnerability in...

7.5CVSS6.8AI score0.17673EPSS
Exploits2
Redos
Redos
•added 2024/04/12 12:0 a.m.•37 views

ROS-20240412-04

A vulnerability in Salt's configuration management and remote execution system is related to the copying a script along a predictable path. Exploitation of the vulnerability could allow an attacker, acting remotely to run their own script. A vulnerability in the symbolic.py component of the Pytho...

8.1CVSS7.6AI score0.01207EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•37 views

ROS-20240410-20

A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...

9.8CVSS7.3AI score0.00468EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•37 views

ROS-20240403-14

A vulnerability in the Google Sheets data source of the Grafana monitoring and surveillance platform is related to the failure to handling error messages properly, potentially exposing the Google Sheet API key. Exploitation of the vulnerability could allow an attacker acting remotely to gain acce...

8.8CVSS7.6AI score0.09216EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•37 views

ROS-20240402-02

A vulnerability in the CRI-O container mechanism is related to experimental annotation, causing the the container becomes unrestricted. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS6.6AI score0.00859EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•37 views

ROS-20240402-14

Vulnerability of a VPN packet based on IPSec strongSwan protocol is caused by a bug in the charon-tkm process with the key exchange IKE protocol implementation based on TKMv2 Trusted Key Manager. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.7AI score0.0229EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•37 views

ROS-20240329-05

Vulnerability in the vim text editor is related to the use of an insecure search path. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the vimregsubboth function of the vim text editor is caused by a buffer overflow in dynamic...

7.8CVSS8.5AI score0.00624EPSS
Exploits4
Redos
Redos
•added 2024/03/29 12:0 a.m.•37 views

ROS-20240329-13

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.1AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•37 views

ROS-20240328-12

The vulnerability of the Sparseunipropstring function of the regcomp.c file of the Perl programming language interpreter is related to the operation exceeding the memory buffer boundaries. is related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability coul...

7.1AI score
Exploits0
Redos
Redos
•added 2024/03/28 12:0 a.m.•37 views

ROS-20240328-03

Vulnerability of avc420ensurebuffer and avc444ensurebuffer functions of FreeRDP RDP client is related to memory usage after its release. memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service or other impact A...

9.8CVSS7AI score0.01064EPSS
Exploits3
Redos
Redos
•added 2024/03/28 12:0 a.m.•37 views

ROS-20240328-11

The vulnerability in Curl is related to the installation of "supercookie files" in Curl, which are then passed back to a to more sources. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality of protected information...

6.5CVSS6.9AI score0.01685EPSS
Exploits1
Redos
Redos
•added 2024/03/13 12:0 a.m.•37 views

ROS-2-1005

2.1005 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2024/02/08 12:0 a.m.•37 views

ROS-20240208-01

A vulnerability in the sudo system administration program is related to an error in processing ipahostname, where ipahostname from /etc/sssd/sssd.conf was not propagated to sudo. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions to...

8.8CVSS7.2AI score0.00687EPSS
Exploits0
Redos
Redos
•added 2024/02/02 12:0 a.m.•37 views

ROS-20230920-01

Vulnerability of winbinddpamauthcrap.c component of Samba networking software package is related to operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in SMB2 packet signing...

7.5CVSS7.4AI score0.62606EPSS
Exploits0
Redos
Redos
•added 2023/11/16 12:0 a.m.•37 views

ROS-20231116-01

A vulnerability in the RoundCube email client is related to improper input neutralization during the creation of a of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a cross-site scripted attack. cross-site scripting attacks...

6.1CVSS6.2AI score0.00641EPSS
Exploits0
Redos
Redos
•added 2023/10/16 12:0 a.m.•37 views

ROS-20231016-04

A vulnerability in the VP8 encoding function of the libvpx library in Google Chrome browser is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker, remotely execute arbitrary code when a user opens a speciall...

8.8CVSS8.2AI score0.49013EPSS
Exploits3
Redos
Redos
•added 2023/09/08 12:0 a.m.•37 views

ROS-20230907-03

The vulnerability in the BIND DNS server is related to a stack buffer overflow when BIND is acting as a "resolver" when the number of recursive queries has reached an acceptable maximum and the server settings have been configured. "resolver", when the number of recursive queries has reached an...

7.5CVSS8.8AI score0.03776EPSS
Exploits0
Redos
Redos
•added 2023/09/08 12:0 a.m.•37 views

ROS-20230907-04

Vulnerability of DHcheck, DHcheckex or EVPPKEYparamcheck functions of OpenSSL library is related to using a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Vulnerability of DHcheck,...

5.3CVSS5.9AI score0.05533EPSS
Exploits0
Redos
Redos
•added 2023/08/25 12:0 a.m.•37 views

ROS-20230825-05

The QEMU hardware emulator vulnerability is related to the VNC server, when a client connects to the server, QEMU checks if the current number of connections exceeds a certain threshold, and if so, clears the previous connection, if the previous connection is in the confirmation phase and fails,...

7.5CVSS6.7AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•37 views

ROS-2-540

2.540 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8.7AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•37 views

ROS-2-599

2.599 Denial of service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•37 views

ROS-2-507

2.507 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS8.2AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2023/04/28 12:0 a.m.•37 views

ROS-20230428-03

A vulnerability in the WSGI Werkzeug web application library is related to the fact that the application does not properly control the consumption of internal resources when parsing data from a composite form with a large number of fields. internal resource consumption when parsing data from a...

7.5CVSS6.6AI score0.0142EPSS
Exploits0
Redos
Redos
•added 2023/01/24 12:0 a.m.•37 views

ROS-20230124-02

Vim text editor vulnerability is related to an incorrect memory access error with collapsing and using "L" in the src/normal.c function. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a buffer overflow and denial of service...

7.8CVSS7.8AI score0.00467EPSS
Exploits1
Redos
Redos
•added 2022/12/16 12:0 a.m.•37 views

ROS-20221216-02

A vulnerability in the Rsync file transfer and synchronization utility is related to authorization errors. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files...

7.4CVSS8.7AI score0.0165EPSS
Exploits1
Redos
Redos
•added 2022/12/16 12:0 a.m.•37 views

ROS-20221216-01

A vulnerability in the libarchive archiving library is related to the lack of error checking after the call to the calloc function, which may return with a NULL pointer in case of a function crash, resulting in a NULL pointer dereference. resultant dereferencing of the NULL pointer. Exploitation ...

9.8CVSS8.8AI score0.01936EPSS
Exploits0
Redos
Redos
•added 2022/03/24 12:0 a.m.•37 views

ROS-20220324-01

Vulnerability of cgroupreleaseagentwrite function kernel/cgroup/cgroup-v1.c of Linux kernel is related to lack of privilege control when setting releaseagent. Linux kernel is related to lack of privilege control when setting releaseagent. Exploiting the vulnerability could allow an attacker to...

7.8CVSS7.7AI score0.05528EPSS
Exploits12
Redos
Redos
•added 2021/12/24 12:0 a.m.•37 views

ROS-2-602

2.602 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

7.7AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•37 views

ROS-2-715

2.715 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS9.1AI score0.02662EPSS
Exploits0
Total number of security vulnerabilities5000