Lucene search
K

8244 matches found

Redos
Redos
•added 2022/03/18 12:0 a.m.•66 views

ROS-20220318-01

A vulnerability in the Webmin administration software suite is related to incorrect access restrictions in the File Manager module. Exploitation of the vulnerability could allow a remote attacker to bypass the security restrictions and compromise a vulnerable system. security restrictions and...

9CVSS8.8AI score0.96977EPSS
Exploits14
Redos
Redos
•added 2022/03/17 12:0 a.m.•87 views

ROS-20220317-01

Apache HTTP Server web server vulnerability is related to a bounds error in LimitXMLRequestBody. Exploitation vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system Apache HTTP Server web server vulnerability is related to...

9.8CVSS9.3AI score0.69803EPSS
Exploits0
Redos
Redos
•added 2022/03/15 12:0 a.m.•31 views

ROS-20220315-01

A vulnerability in the libxml2 XML document parsing library is related to a post-release memory usage error when processing ID and IDREF attributes in the valid.c file. release when processing ID and IDREF attributes in valid.c file. Exploitation of the vulnerability could allow an attacker actin...

7.5CVSS9.1AI score0.0601EPSS
Exploits0
Redos
Redos
•added 2022/03/14 12:0 a.m.•58 views

ROS-20220314-01

Vulnerability in Mozilla Firefox browser, related to a logic error in iframe processing. Exploitation the vulnerability could allow an attacker acting remotely and who has the ability to control the contents of an isolated iframe program environment , allow-popups, but not allow-scripts, could...

9.6CVSS7.9AI score0.00931EPSS
Exploits4
Redos
Redos
•added 2022/03/14 12:0 a.m.•43 views

ROS-20220314-02

Vulnerability of copypagetoiterpipe and pushpipe functions of Linux kernel is related to errors when saving permissions. Exploitation of the vulnerability could allow an attacker to overwrite the contents of the page cache of arbitrary files...

7.8CVSS7.7AI score0.88106EPSS
Exploits100
Redos
Redos
•added 2022/03/10 12:0 a.m.•47 views

ROS-20220310-01

PJSIP multimedia communication library vulnerability is related to a boundary error in the PJSUA API during the pjsuaplaylistcreate call. Exploitation of the vulnerability could allow an attacker acting remotely, cause a stack buffer overflow and execute arbitrary code on the target system The...

9.8CVSS9.7AI score0.02475EPSS
Exploits0
Redos
Redos
•added 2022/03/09 12:0 a.m.•68 views

ROS-20220309-02

The vulnerability in the XSLT parameter of Mozilla Firefox and Focus browsers is related to memory usage after its freeing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the WebGPU 3D graphics processing and computing softwa...

9.6CVSS9.4AI score0.14261EPSS
Exploits2
Redos
Redos
•added 2022/03/09 12:0 a.m.•26 views

ROS-20220309-01

A vulnerability in the cyrus-sasl authentication mechanism implementation is related to insufficient password cleansing in the SQL plug-in provided with Cyrus SASL. Exploitation of the vulnerability could allow an attacker, acting remotely, send a specially crafted query to a vulnerable applicati...

8.8CVSS9.1AI score0.04123EPSS
Exploits0
Redos
Redos
•added 2022/03/04 12:0 a.m.•54 views

ROS-20220304-01

Vulnerability in snapd's snap packet management daemon, related to insufficient validation of interface snapd content and layout paths. Exploitation of the vulnerability could allow an attacker to enforce arbitrary AppArmor policy rules through a corrupted content interface and layout declaration...

8.8CVSS8.6AI score0.00966EPSS
Exploits5
Redos
Redos
•added 2022/03/01 12:0 a.m.•8 views

ROS-20220301-02

Vim text editor vulnerability, related to NULL pointer dereferencing error in Vim when switching tabs in command line window. when switching tabs in a command line window. Exploitation of the vulnerability could allow an attacker, remotely to perform a denial-of-service DoS attack...

6.2CVSS7.2AI score0.01525EPSS
Exploits1
Redos
Redos
•added 2022/03/01 12:0 a.m.•48 views

ROS-20220301-01

Vulnerability in the Bubblewrap sandbox tool, related to incorrect handling of the number of parameter of call parameters in the pkexec setuid binary. Exploitation of the vulnerability could allow an attacker to create environment variables so that they are processed and executed by pkexec, and...

7.8CVSS8.1AI score0.94921EPSS
Exploits151
Redos
Redos
•added 2022/02/26 12:0 a.m.•6 views

ROS-2-2253

2.2253 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2022/02/26 12:0 a.m.•23 views

ROS-2-1013

2.1013 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2022/02/26 12:0 a.m.•27 views

ROS-2-712

2.712 Mozilla Thunderbird email client vulnerability CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2022/02/26 12:0 a.m.•25 views

ROS-2-708

2.708 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.1AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2022/02/25 12:0 a.m.•24 views

ROS-20220225-03

Vulnerability in the zsh shell is related to improper neutralization of special elements, used in PROMPTSUBST recursive extension OS commands when processing malicious output. Exploitation of the vulnerability could allow an attacker acting remotely to enter and execute arbitrary commands on the...

7.8CVSS7.8AI score0.0198EPSS
Exploits0
Redos
Redos
•added 2022/02/25 12:0 a.m.•53 views

ROS-20220225-02

Vulnerability in the Drupal content management system, related to incorrect access restrictions in the in the quick edit module. Exploitation of the vulnerability could allow an attacker acting remotely, to view content restricted by other means A vulnerability in Drupal's content management...

7.5CVSS6.6AI score0.01247EPSS
Exploits0
Redos
Redos
•added 2022/02/25 12:0 a.m.•87 views

ROS-20220225-01

Expat parsing library vulnerability, related to integer overflow in copyString. Exploitation vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause a denial of service condition on the target system. data, trigg...

9.8CVSS9.3AI score0.34174EPSS
Exploits1
Redos
Redos
•added 2022/02/22 12:0 a.m.•29 views

ROS-20220209-01

A vulnerability in the BIND DNS server is related to improper consumption of internal resources during cache processing. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource exhaustion and Perform a denial-of-service DoS attack...

5.3CVSS7.3AI score0.08001EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•59 views

ROS-20220210-01

A vulnerability in Mozilla Thunderbird email client and Firefox browser is related to incorrect handling of extension updates. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into install a particular type of browser extension and, during automatic...

9.6CVSS8.7AI score0.00926EPSS
Exploits1
Redos
Redos
•added 2022/02/22 12:0 a.m.•61 views

ROS-20220204-01

A vulnerability in the Django web application framework is related to an infinite loop when parsing files . Exploitation of the vulnerability could allow an attacker acting remotely to upload a specially a specially crafted file to a server, utilize all available system resources, and cause a...

7.5CVSS7.3AI score0.49246EPSS
Exploits1
Redos
Redos
•added 2022/02/22 12:0 a.m.•65 views

ROS-20220208-01

Samba network file system vulnerability, related to insecure link clicks. Exploitation vulnerability could allow an attacker acting remotely to create a symbolic link to determine whether a file or directory exists in the file system area of the server Samba network file system vulnerability,...

9CVSS7.9AI score0.74042EPSS
Exploits1
Redos
Redos
•added 2022/02/22 12:0 a.m.•68 views

ROS-20220217-01

MariaDB database management system vulnerability, related to a formatted string error in the in the implementation of the CONNECT function. Exploitation of the vulnerability could allow an attacker acting remotely, send a specially crafted SQL query containing format string specifiers and execute...

7.8CVSS8.1AI score0.00645EPSS
Exploits1
Redos
Redos
•added 2022/02/22 12:0 a.m.•24 views

ROS-20220217-02

Vulnerability in Mozilla Thunderbird email client, related to a boundary error in message processing email messages. Exploitation of the vulnerability could allow an attacker, acting remotely, to send an a specially crafted email to a victim, initiate an out-of-bounds entry, and execute arbitrary...

8.8CVSS9AI score0.00701EPSS
Exploits0
Redos
Redos
•added 2022/02/22 12:0 a.m.•11 views

ROS-20220210-03

Vulnerability of HTTP client library httplib2, is related to the fact that the application does not properly control the consumption of internal resources. internal resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause resource exhaustion by...

7.5CVSS7.1AI score0.03876EPSS
Exploits1
Redos
Redos
•added 2022/02/22 12:0 a.m.•361 views

ROS-20220207-01

Vulnerability in the implementation of the tipccryptokeyrcv function of the protocol for intra-cluster communication Transparent Inter-Process Communication TIPC of Linux kernel is related to insufficient input data verification when processing MSGCRYPTO messages. input data validation when...

9.8CVSS7.4AI score0.57853EPSS
Exploits5
Redos
Redos
•added 2022/02/02 12:0 a.m.•54 views

ROS-20220202-01

Vulnerability in the GLPI request and incident handling system, related to insufficient clearing of the of user data in the reset button. Exploitation of the vulnerability could allow an attacker, acting remotely, to force a victim to click on a specially crafted link and execute arbitrary HTML a...

6.1CVSS6.7AI score0.01134EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•39 views

ROS-20220125-02

Nginx web server vulnerability is related to a logical error in TLS implementation when working with different protocols but using compatible certificates, such as multi-domain or wildcard certificates. certificates. Exploitation of the vulnerability could allow an attacker acting remotely to...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•8 views

ROS-20220125-20

Cryptsetup package vulnerability is related to modification of metadata to disable encryption in partitions in the LUKS2 Linux Unified Key Setup format. Exploitation of the vulnerability could allow an attacker to force a user to permanently disable the encryption layer of this media. a user to...

4.3CVSS6.6AI score0.0028EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•32 views

ROS-20220125-01

The HTTP client vulnerability for Python urllib3 is related to incorrect input validation when processing URLs with multiple "@" characters in the credentials component. Exploitation of the vulnerability could allow an attacker, remotely, cause resource exhaustion and perform a denial of service...

7.5CVSS7.5AI score0.03273EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•20 views

ROS-20220125-15

A vulnerability in the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm in the ElGamal implementation. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to sensitive information on the system. remotely, to...

5.9CVSS7.6AI score0.01423EPSS
Exploits1
Redos
Redos
•added 2022/02/01 12:0 a.m.•23 views

ROS-20220125-16

A vulnerability in the GNU Binary Utilities toolkit binutils is related to a boundary error in the stabxcoffbuiltintype function in stabs.c. Exploitation of the vulnerability could allow an attacker, acting remotely, to initiate unauthorized writing and execution of arbitrary code on the target...

7.8CVSS7.9AI score0.01312EPSS
Exploits1
Redos
Redos
•added 2022/02/01 12:0 a.m.•8 views

ROS-20220125-09

A vulnerability in the nghttp2 library is related to a memory release error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service on the target system...

6.8AI score
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•54 views

ROS-20220125-13

Vulnerability of PostgreSQL database management system is related to failure to take measures to encrypt protected data of protected data. Exploitation of the vulnerability could allow a remote attacker, realize a man-in-the-middle attack Vulnerability in libpq library of PostgreSQL database...

8.1CVSS6.8AI score0.01901EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•27 views

ROS-20220125-12

Vulnerability in the executable environment for running containerd containers is due to incorrect default permissions for the container root directories and some plugins. default permissions for container root directories and some plugins. Exploitation of the vulnerability could allow an attacker...

7.8CVSS7.6AI score0.00482EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•53 views

ROS-20220125-11

A vulnerability in the Http2MultiplexHandler class of the Netty networking software is related to incorrect request processing when converting HTTP/2 stream to HTTP/1.1. The exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity. an attacker acting...

5.9CVSS6.8AI score0.18891EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•23 views

ROS-20220125-03

The vulnerability in the Clam AntiVirus software package is related to a flaw in the OOXML parsing module. OOXML parsing module. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted OOXML file and perform a denial-of-service DoS attack. a specially...

7.5CVSS7.3AI score0.03061EPSS
Exploits1
Redos
Redos
•added 2022/02/01 12:0 a.m.•36 views

ROS-20220125-04

Apache Log4j2 Java program logging library vulnerability is related to the lack of additional JNDI access controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using the JDBC Appender. remotely execute arbitrary code using the JDBC Appender...

8.5CVSS8.8AI score0.97906EPSS
Exploits9
Redos
Redos
•added 2022/02/01 12:0 a.m.•52 views

ROS-20220125-17

A vulnerability in the QEMU hardware emulator is related to a single offset error when emulating a SCSI device in QEMU. Exploitation of the vulnerability could allow an attacker acting remotely, cause QEMU to crash The QEMU hardware emulator vulnerability is related to a memory usage error after ...

7.5CVSS6.8AI score0.00522EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•43 views

ROS-20220128-01

The vulnerability in the Polkit library for UNIX-like operating systems is related to improper handling of the number of call parameters in the pkexec setuid binary, which causes the binary to executes environment variables as commands. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS7.6AI score0.94921EPSS
Exploits151
Redos
Redos
•added 2022/02/01 12:0 a.m.•27 views

ROS-20220125-18

A vulnerability in the Xen hypervisor is related to the incorrect configuration of a number of devices and the incorrect data structure release, including I/O page tables. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service and other issues,...

7.6CVSS7.7AI score0.00427EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•53 views

ROS-20220128-03

A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...

5.5CVSS6.1AI score0.00634EPSS
Exploits4
Redos
Redos
•added 2022/02/01 12:0 a.m.•23 views

ROS-20220125-06

The vulnerability in the Flatpak deployment, package management utility is due to the application not properly checks whether the permissions displayed to the user for the application during installation correspond to the actual permissions granted to the application at runtime. during installati...

8.6CVSS8.5AI score0.01346EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•31 views

ROS-20220125-14

Lxml library vulnerability is related to insufficient cleansing of user data in the cleanup program HTML in the lxml.html file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a victim to click on a specially crafted link and execute arbitrary HTML code and scri...

8.2CVSS7.6AI score0.02456EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•22 views

ROS-20220125-07

A vulnerability in the GIMP bitmap graphics editor is related to improper input validation, where the path name in the constructed command line is not escaped or filtered. Exploitation of the vulnerability could allow an attacker acting remotely to send special data to the application and execute...

7.8CVSS7.7AI score0.01439EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•21 views

ROS-20220125-05

A vulnerability in the GNU Mailman email distribution management package is related to insufficient validation of the source of an HTTP request. the source of the HTTP request. Exploitation of the vulnerability could allow a remote attacker, cause a victim to visit a customized web page and perfo...

8.8CVSS8.5AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•64 views

ROS-20220125-10

A vulnerability in the Node.js software platform is related to the formatting logic of the console.table function. Exploitation of the vulnerability could allow an attacker acting remotely to send a special request and assign an empty string to the prototype object's numeric keys A vulnerability ...

8.2CVSS6.8AI score0.21514EPSS
Exploits2
Redos
Redos
•added 2022/02/01 12:0 a.m.•57 views

ROS-20220125-08

The Sendmail mail transfer agent vulnerability is related to a logical error in the TLS implementation when working with different protocols but using compatible certificates such as multi-domain or wildcard certificates. wildcard certificates. Exploitation of the vulnerability could allow an...

7.4CVSS7.4AI score0.02037EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•8 views

ROS-20220125-19

The XFS file system vulnerability is due to the OS kernel incorrectly imposing security restrictions security restrictions. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information on the system...

5.5CVSS7.2AI score0.00286EPSS
Exploits0
Redos
Redos
•added 2022/02/01 12:0 a.m.•59 views

ROS-20220128-02

A vulnerability in the Python Pillow image library is related to buffer re-reading during the ImagePath.Path initialization in the pathgetbbox function in path.c. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted file to a vulnerable library and...

9.8CVSS8.7AI score0.03399EPSS
Exploits0
Total number of security vulnerabilities8244