Lucene search
K

8244 matches found

Redos
Redos
•added 2021/12/24 12:0 a.m.•36 views

ROS-2-1661

2.1661 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.5AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/12/24 12:0 a.m.•38 views

ROS-2-602

2.602 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

7.7AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-1239

2.1239 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

8.8CVSS7.6AI score0.01764EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•23 views

ROS-2-1327

2.1327 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•9 views

ROS-2-2296

2.2296 Notification on the update of the Red OS OPERATING SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the firewall Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technical support...

7AI score
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•20 views

ROS-2-443

2.443 Vulnerabilities in Squid Proxy Server 1. Vulnerability description: Problems are present in the code processing the "@" block at the beginning of a URL "user@host" and allow bypassing access restriction rules, poisoning cache contents and performing a cross-site scripting attack.Identifier...

6.9AI score
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•20 views

ROS-2-886

2.886 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

9.8CVSS7.8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-812

2.812 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6CVSS7.5AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-544

2.544 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.4AI score0.0199EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•35 views

ROS-2-1251

2.1251 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS8.4AI score0.52838EPSS
Exploits10
Redos
Redos
•added 2021/12/24 12:0 a.m.•20 views

ROS-2-814

2.814 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...

7.5CVSS7.6AI score0.03155EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-1384

2.1384 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•3 views

ROS-2-1992

2.1992 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A vulnerability in the Nettle library that involves the use of a failed cryptographic algorithm and allows an unauthenticated remote attacker to execute arbitrary code.Identifier of the Information Security Threats...

8.1CVSS9.7AI score0.01607EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•24 views

ROS-2-924

2.924 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•22 views

ROS-20211223-02

LibreOffice office suite vulnerability involves improper signature verification. Exploitation The vulnerability could allow an attacker acting remotely to manipulate a document so that the content was displayed as correctly signed, even though it was not the content associated with the the...

7.5CVSS7.3AI score0.00709EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•70 views

ROS-20211223-07

BusyBox command line utility suite vulnerability is related to reading beyond memory boundaries. Exploitation The vulnerability could allow an attacker acting remotely to cause a read outside bounds error and read the contents of memory on the system or perform a denial of service DoS attack. A...

7.2CVSS7.3AI score0.02793EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•76 views

ROS-20211223-01

Vulnerability in the JNDI component of Apache Log4j2 Java program logging library is related to errors in the data deserialization errors. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability in Log4j Java program logging library exists d...

9CVSS8.6AI score0.99999EPSS
Exploits43
Redos
Redos
•added 2021/12/24 12:0 a.m.•39 views

ROS-20211223-06

A vulnerability in the polkitsystembusnamegetcredssync function of the dbus-daemon of the Polkit library is related to with access control flaws. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

7.8CVSS7.7AI score0.22193EPSS
Exploits37
Redos
Redos
•added 2021/12/24 12:0 a.m.•68 views

ROS-20211223-03

Vulnerability in an open source implementation of the OpenLDAP protocol is related to a reachability assertion. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted packet with a short timestamp to slapd and perform a denial of service...

7.5CVSS7.7AI score0.84224EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•80 views

ROS-20211223-04

Apache HTTP server vulnerability is related to buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to send a special HTTP request to a vulnerable web server, cause a buffer overflow, and execute arbitrary code on the target system. buffer overflow and execut...

9.8CVSS9.9AI score0.97108EPSS
Exploits4
Redos
Redos
•added 2021/12/24 12:0 a.m.•19 views

ROS-20211223-05

Asterisk computer telephony application vulnerability involves an input validation error. Exploitation The vulnerability could allow a remote attacker to send a packet containing an unsupported multimedia format and perform a denial of service DoS attack. unsupported media format and perform a...

7.5CVSS7.2AI score0.0911EPSS
Exploits1
Redos
Redos
•added 2021/12/24 12:0 a.m.•15 views

ROS-2-1514

2.1514 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•28 views

ROS-2-884

2.884 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•28 views

ROS-2-658

2.658 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.6AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•25 views

ROS-2-646

2.646 Follow link in chrony CVE-2020-14367 1. Vulnerability Description: CVE-2020-14367 Vulnerability allows a remote attacker to compromise a target system due to issues with a symbolic link to a service.FSTEC Russia Information Security Threats Data Bank Identifier: BDU:2021-01809 2. Possible...

6.4AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•3 views

ROS-2-2193

2.2193 Multiple vulnerabilities in Redis CVE-2021-29477,CVE-2021-29478 1. Vulnerability Description: A vulnerability exists due to an integer overflow in the STRALGO LCS command. A remote attacker can pass specially crafted data to an application, cause an integer overflow, and execute arbitrary...

8.8CVSS9.4AI score0.04028EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•7 views

ROS-2-1806

2.1806 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

8.8CVSS8.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•5 views

ROS-2-2109

2.2109 Vulnerability in Mozilla Thunderbird email client CVE-2021-29964, CVE-2021-29967 1. Vulnerability description: CVE-2021-29964 A vulnerability in the Mozilla Thunderbird email client, is related to boundary conditions. Exploitation of the vulnerability could allow an attacker acting remotel...

8.8CVSS8.6AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•3 views

ROS-2-2020

2.2020 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8.1AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•3 views

ROS-2-2201

2.2201 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...

9.8CVSS7.4AI score0.10634EPSS
Exploits2
Redos
Redos
•added 2021/12/24 12:0 a.m.•10 views

ROS-2-1886

2.1886 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•18 views

ROS-2-1596

2.1596 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.7AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•15 views

ROS-2-1655

2.1655 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•8 views

ROS-2-1790

2.1790 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•5 views

ROS-2-2099

2.2099 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/24 12:0 a.m.•11 views

ROS-2-1667

2.1667 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.9AI score0.05984EPSS
Exploits0
Redos
Redos
•added 2021/12/23 12:0 a.m.•34 views

ROS-2-718

2.718 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.3AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/12/23 12:0 a.m.•24 views

ROS-2-1014

2.1014 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•27 views

ROS-2-641

2.641 Vulnerability in OpenVPN CVE-2020-11810 1. Vulnerability description: A corrective release of the OpenVPN 2.4.9 virtual private networking package has been generated. The new version addresses a vulnerability CVE-2020-11810 that allows a client session to be transferred to a new IP address...

4.3CVSS4.6AI score0.01609EPSS
Exploits1
Redos
Redos
•added 2021/09/08 12:0 a.m.•14 views

ROS-2-1240

2.1240 Remote Code Execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.7AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-590

2.590 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...

10CVSS8AI score0.06132EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•24 views

ROS-2-1007

2.1007 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: A vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

8.8CVSS9.1AI score0.01368EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•13 views

ROS-2-1698

2.1698 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.61061EPSS
Exploits6
Redos
Redos
•added 2021/09/08 12:0 a.m.•25 views

ROS-2-1235

2.1235 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

8.8CVSS8.4AI score0.4644EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-1186

2.1186 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...

8.8CVSS7.3AI score0.05107EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•19 views

ROS-2-813

2.813 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker t...

8.8CVSS7.5AI score0.01905EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•49 views

ROS-2-513

2.513 BusyBox Denial of Service CVE-2021-28831 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to improper handling of the error bit in the huftbuild result pointer in the decopressgunzip.c file. A...

8.8CVSS7AI score0.02719EPSS
Exploits2
Redos
Redos
•added 2021/09/08 12:0 a.m.•11 views

ROS-2-794

2.794 Multiple Vulnerabilities in Moodle 1. Vulnerability description: The vulnerability discovered allows a remote attacker to perform cross-site scripting XSS attacks. The vulnerability allows a remote user to gain unauthorized access to other restricted features. Vulnerability allows a remote...

7.7AI score
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•23 views

ROS-2-822

2.822 Remote code execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in the Web Render components and could potentially be exploited for malicious code execution.Identifier of the Information Security Threats Data Bank of the...

7.5CVSS7.5AI score0.01905EPSS
Exploits0
Redos
Redos
•added 2021/09/08 12:0 a.m.•10 views

ROS-2-960

2.960 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.06305EPSS
Exploits1
Total number of security vulnerabilities8244