Lucene search
K

8216 matches found

Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-1803

2.1803 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.4AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2023/07/06 12:0 a.m.•4 views

ROS-2-2122

2.2122 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS8.9AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•4 views

ROS-2-1955

2.1955 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS8.8AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•15 views

ROS-2-901

2.901 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS9.5AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•4 views

ROS-2-2124

2.2124 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS9.6AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•3 views

ROS-2-2136

2.2136 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•14 views

ROS-2-360

2.360 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of the operating system "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•9 views

ROS-2-351

2.351 Notification on the update of MIS OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•5 views

ROS-2-2191

2.2191 Remote Code Execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in Web Render components and could potentially be exploited for malicious code execution.IDENT of the Information Security Threat Data Bank of the FSTEC of...

7.5CVSS10AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-1209

2.1209 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

7.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2023/07/06 12:0 a.m.•6 views

ROS-2-1871

2.1871 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•32 views

ROS-2-543

2.543 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.5AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2023/07/06 12:0 a.m.•35 views

ROS-2-578

2.578 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.1AI score0.95785EPSS
Exploits5
Redos
Redos
•added 2023/07/06 12:0 a.m.•26 views

ROS-2-610

2.610 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS9.1AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•7 views

ROS-2-1685

2.1685 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•8 views

ROS-2-1887

2.1887 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS9.5AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•7 views

ROS-2-2164

2.2164 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.01428EPSS
Exploits1
Redos
Redos
•added 2023/07/06 12:0 a.m.•8 views

ROS-2-184

2.184 Notification on update of the RAND OPERATION SYSTEM "RED OS" No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...

7.3AI score
Exploits0
Redos
Redos
•added 2023/06/28 12:0 a.m.•24 views

ROS-20230628-01

The Nextcloud server vulnerability is related to a lack of brute force protection at the password reset endpoint. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the password reset links. password. The Nextcloud server vulnerability is related to the fact...

9.1CVSS7.3AI score0.00981EPSS
Exploits0
Redos
Redos
•added 2023/06/27 12:0 a.m.•13 views

ROS-20230627-02

Libjxl library vulnerability is related to a bug in decpatchdictionary.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.00765EPSS
Exploits0
Redos
Redos
•added 2023/06/27 12:0 a.m.•55 views

ROS-20230627-01

The vulnerability in the Moodle virtual learning environment is related to insufficient cleansing of data submitted by users, in the external Wiki method for listing pages, a user can send a specially crafted query to the affected application and execute limited SQL commands on the application's...

9.8CVSS9.3AI score0.44918EPSS
Exploits4
Redos
Redos
•added 2023/06/22 12:0 a.m.•29 views

ROS-20230621-06

The vulnerability in ImageMagick graphical editor is related to writing outside and buffer overflow on a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a crash of the of the application. The vulnerability in the ImageMagick graphical...

9.8CVSS7.5AI score0.08011EPSS
Exploits5
Redos
Redos
•added 2023/06/22 12:0 a.m.•23 views

ROS-20230622-07

The vulnerability in the libx11 library is due to the fact that the functions in src/InitExt.c in libX11 do not check that the the values provided for request, event, or error identifiers are within the boundaries of the of the arrays to which these functions write, using these identifiers as arr...

7.5CVSS7.8AI score0.01656EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•31 views

ROS-20230621-01

A vulnerability in the Django web application framework is related to the fact that the application does not perform file validation when using a single form field to upload multiple files. files when using a single form field to upload multiple files. Exploiting the vulnerability could allow an...

9.8CVSS9.1AI score0.0138EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•24 views

ROS-20230621-03

A vulnerability in the GPAC multimedia platform is related to null pointer dereferencing in gfisomfragmentaddsampleexisomedia/moviefragments.c:2883. Exploitation of the vulnerability could allow an attacker to cause a denial of service DoS, causing the application to crash or render it...

9.8CVSS8.3AI score0.00652EPSS
Exploits2
Redos
Redos
•added 2023/06/22 12:0 a.m.•28 views

ROS-20230621-02

A vulnerability in the LZWDecode function of the LibTIFF library is related to a null pointer dereferencing error in the libtiff/tiflzw.c file. Exploitation of the vulnerability could allow an attacker to create certain input data that could cause a program to dereference a NULL pointer when...

5.5CVSS6.1AI score0.0051EPSS
Exploits2
Redos
Redos
•added 2023/06/22 12:0 a.m.•34 views

ROS-20230621-04

A vulnerability in the curl program is related to incorrect certificate validation when matching wildcards in TLS certificates for IDNs. wildcards in TLS certificates for IDNs. Exploitation of the vulnerability could allow an attacker acting remotely to create a specially crafted certificate that...

7.5CVSS6.5AI score0.02489EPSS
Exploits2
Redos
Redos
•added 2023/06/22 12:0 a.m.•66 views

ROS-20230621-05

OpenSSL cryptographic library vulnerability is related to the use of OBJobj2txt directly or the using any of the OpenSSL OCSP, PKCS7/SMIME, CMS, CMP/CRMF, or TS subsystems without limiting the message size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denia...

6.5CVSS7AI score0.73461EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•34 views

ROS-20230622-08

Mozilla Thunderbird email client vulnerability is related to a boundary error in FileReader::DoReadData when reading a file. Exploitation of the vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system. memory corruption and...

8.8CVSS8AI score0.00918EPSS
Exploits0
Redos
Redos
•added 2023/06/22 12:0 a.m.•4 views

ROS-20230621-24

A vulnerability in the curl program is related to a post-release usage error in SSH fingerprint validation sha256. Exploitation of the vulnerability could allow an attacker acting remotely to use the application to connect to a malicious SSH server, cause a post-release exploit error, and gain...

7.5CVSS6.9AI score0.02658EPSS
Exploits4
Redos
Redos
•added 2023/06/20 12:0 a.m.•35 views

ROS-20230620-06

Vulnerability of the GENERALNAMEcmp function of OpenSSL library is related to a flaw in the mechanism of data type conversion data type conversion mechanism when processing x400 addresses. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A...

9.1CVSS7.9AI score0.59501EPSS
Exploits2
Redos
Redos
•added 2023/06/20 12:0 a.m.•26 views

ROS-20230620-01

Ffmpeg multimedia library vulnerability is related to NULL pointer dereferencing error in function decodemainheader in libavformat/nutdec.c. Exploitation of the vulnerability could allow an attacker, remotely, trick a victim into opening a specially crafted file and performing a denial-of-service...

5.3CVSS5.9AI score0.00817EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•18 views

ROS-20230620-02

Vulnerability of FreeImages library for working with graphic formats is related to reading data outside the buffer boundaries in memory. buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, to cause a denial of service via a crafted JXR file...

5.5CVSS5.5AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•26 views

ROS-20230620-05

A vulnerability in the formatting functionality of the SQL parser module for Python Sqlparse is related to a regular expression that is vulnerable to reuse. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS7.7AI score0.0098EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•40 views

ROS-20230620-03

A vulnerability in the HAProxy server software is related to a flaw in HTTP request processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute a "smuggling of HTTP requests" attack...

9.1CVSS9AI score0.05493EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•27 views

ROS-20230620-07

A vulnerability in the Python library for Redis redis-py is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

6.5CVSS6AI score0.01034EPSS
Exploits0
Redos
Redos
•added 2023/06/20 12:0 a.m.•26 views

ROS-20230620-04

The vulnerability of the traffic analysis program Wireshark is related to the failure to properly control the consumption of internal resources in the LISP dissector. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause resource exhaustion and perform a...

7.5CVSS6.7AI score0.0462EPSS
Exploits2
Redos
Redos
•added 2023/06/19 12:0 a.m.•23 views

ROS-20230619-01

The vulnerability in the GLPI web application is related to insufficient cleansing of user data in the administration panel of the administration panel, a user could inject and execute arbitrary HTML code and script in the browser of a user's browser in the context of a vulnerable website...

10CVSS7.6AI score0.00815EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•32 views

ROS-20230619-03

A vulnerability in Certifi's specialized certificate collection is related to the presence of a TrustCor certificate in the list of root certificates, the certificate was removed because TrustCor was also in the business of in the spyware business. Exploitation of the vulnerability could allow an...

7.5CVSS7.5AI score0.00535EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•23 views

ROS-20230619-04

A vulnerability in the OpenSSL cryptographic library is related to ignoring invalid policy certificates in leaf certificates that are skipped for this certificate. Exploitation of the of the vulnerability could allow an attacker to intentionally assert invalid certificate policies to completely...

5.3CVSS6.7AI score0.01583EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•22 views

ROS-20230619-06

Vulnerability in protobuf-c data serialization protocol is related to integer overflow in the function parserequiredmember. Exploitation of the vulnerability could allow an attacker acting remotely, to cause a complete compromise of the vulnerable system...

5.5CVSS6.2AI score0.00366EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•72 views

ROS-20230619-05

A vulnerability in the pip module of the Python programming language is related to incorrect input validation in the Policy component python-pip in Oracle Communications Cloud Native Core Policy. Exploitation The vulnerability could allow an attacker acting remotely to manipulate data. The...

7.5CVSS7.4AI score0.03028EPSS
Exploits3
Redos
Redos
•added 2023/06/19 12:0 a.m.•31 views

ROS-20230619-02

A vulnerability in the Redis database is related to insufficient validation of user-entered data, a user could use the HINCRBYFLOAT command to create an invalid hash field. Exploitation of the vulnerability could allow an attacker acting remotely to cause Redis to crash when accessing the affecte...

6.5CVSS6.7AI score0.00963EPSS
Exploits0
Redos
Redos
•added 2023/06/19 12:0 a.m.•29 views

ROS-20230619-07

Vulnerability of the beh Backend Error Handler component of the cups-filters print package exists due to failure to take measures to neutralize special elements used in the operating system command. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.03697EPSS
Exploits1
Redos
Redos
•added 2023/06/16 12:0 a.m.•8 views

ROS-20230616-08

The npm package manager vulnerability is related to the npm package ignoring the file exclusion directives .gitignore and .npmignore root-level file exclusions when run in a workspace or with the workspace flag e.g., --workspaces, --workspace=. Exploitation of the vulnerability could allow an...

7.5CVSS7.3AI score0.03465EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•32 views

ROS-20230616-04

Libxml2 library vulnerability is related to NULL pointer dereferencing error in the xmlSchemaFixupComplexType. Exploitation of the vulnerability could allow an attacker acting remotely, to transmit specially crafted data to an application and perform a denial of service attack. The Libxml2 librar...

6.5CVSS6.7AI score0.01086EPSS
Exploits1
Redos
Redos
•added 2023/06/16 12:0 a.m.•19 views

ROS-20230616-06

Nextcloud Mail application vulnerability is related to insufficient validation of user-entered data in the Mail app on the avatar endpoint. data in the Mail application on the avatar endpoint. Exploitation of the vulnerability could allow an attacker, acting remotely to access sensitive data...

5.3CVSS5.4AI score0.00529EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•31 views

ROS-20230616-05

A vulnerability in the Flask framework is related to the ability to send one client's session cookie to other users. users. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to protected information...

7.5CVSS7.5AI score0.01261EPSS
Exploits1
Redos
Redos
•added 2023/06/16 12:0 a.m.•26 views

ROS-20230616-01

The npm package manager vulnerability is related to the npm package ignoring the file exclusion directives .gitignore and .npmignore root-level file exclusions when run in a workspace or with the workspace flag e.g., --workspaces, --workspace=. Exploitation of the vulnerability could allow an...

7.5CVSS7.7AI score0.03465EPSS
Exploits0
Redos
Redos
•added 2023/06/16 12:0 a.m.•26 views

ROS-20230616-03

Vim text editor vulnerability is related to using pointer offset outside the allowed range in mbcharlen function in mbyte.c. range in the mbcharlen function in mbyte.c. Exploitation of the vulnerability could allow an attacker, remotely, trick the victim into opening a specially crafted file and...

6.8CVSS5.9AI score0.00409EPSS
Exploits1
Total number of security vulnerabilities8216