Lucene search
K
RedosMost viewed

8159 matches found

Redos
Redos
•added 2025/04/09 12:0 a.m.•12 views

ROS-20250409-01

A vulnerability in the NFSD component of the Linux kernel is related to the dereferencing of a NULL pointer in the nfsd4processcbupdate function in fs/nfsd/nfs4callback.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the ALSA compone...

7.8CVSS7.5AI score0.03558EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•12 views

ROS-20250403-02

A vulnerability in the QPDF PDF conversion command line utility is related to the creation of a .pdf file with the PlASCII85Decoder::write parameter in libqpdf. .pdf file with the PlASCII85Decoder::write parameter in libqpdf. Exploitation of the vulnerability could allow an attacker to execute...

5.3CVSS8.1AI score0.00503EPSS
Exploits1
Redos
Redos
•added 2025/04/02 12:0 a.m.•13 views

ROS-20250402-05

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Html Sanitizer applications is related to with insufficient cleaning of user-supplied data. Exploitation of the vulnerability could allow An attacker acting remotely could conduct cross-site scripting attacks...

6.1CVSS6.4AI score0.00581EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•12 views

ROS-20250402-03

A vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the possibility of memory usage after release. Thunderbird is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow a...

9.8CVSS8.7AI score0.01196EPSS
Exploits1
Redos
Redos
•added 2025/04/02 12:0 a.m.•12 views

ROS-20250402-06

Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...

6.7CVSS7.3AI score0.00235EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•12 views

ROS-20250326-02

A vulnerability in the document-oriented MongoDB database management system is related to the lack of authorization checks. authorization checks. Exploitation of the vulnerability could allow a remote intruder gain unauthorized access to protected information...

6.5CVSS7AI score0.00376EPSS
Exploits0
Redos
Redos
•added 2025/03/11 12:0 a.m.•12 views

ROS-20250311-02

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/07 12:0 a.m.•12 views

ROS-20250307-12

Nomad application orchestrator vulnerability related to customization of wildcard namespace usage. namespace. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL policy by allowing reads from other namespaces. ACL policy by allowing reads from other namespaces...

7.1CVSS7.2AI score0.00412EPSS
Exploits0
Redos
Redos
•added 2025/02/19 12:0 a.m.•12 views

ROS-20250219-03

A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information A vulnerability in th...

9.8CVSS8.9AI score0.03092EPSS
Exploits2
Redos
Redos
•added 2025/02/03 12:0 a.m.•12 views

ROS-20250203-06

A vulnerability in the LibreOffice office suite is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to disclose confidential information LibreOffice office suite vulnerability is related to incorrect path name restriction to a...

6.7CVSS6.8AI score0.00528EPSS
Exploits0
Redos
Redos
•added 2025/02/03 12:0 a.m.•12 views

ROS-20250203-13

A vulnerability in the Active Record component of the Ruby on Rails software platform is related to the possibility of injecting SQL code through comments. SQL code through comments. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability of...

8.8CVSS7.6AI score0.02153EPSS
Exploits2
Redos
Redos
•added 2025/01/30 12:0 a.m.•12 views

ROS-20250130-02

Vulnerability of the nftverdictinit function in the net/netfilter/nftablesapi.c module of the operating system kernel Linux is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of...

7.8CVSS7.9AI score0.28058EPSS
Exploits16
Redos
Redos
•added 2025/01/28 12:0 a.m.•12 views

ROS-20250128-09

A vulnerability in the Container Storage Interface CSI component of the Nomad application orchestrator is related to an improper authorization. Exploitation of the vulnerability could allow an attacker acting remotely, Affect the integrity of protected information...

7.7CVSS6.5AI score0.00456EPSS
Exploits0
Redos
Redos
•added 2025/01/27 12:0 a.m.•12 views

ROS-20250127-03

A vulnerability in the drm/lima components of the Linux operating system kernel is related to incorrect calculation in the virtualncidevwrite function in drivers/nfc/virtualncidev.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in an x8...

7.8CVSS8.1AI score0.00281EPSS
Exploits0
Redos
Redos
•added 2025/01/22 12:0 a.m.•12 views

ROS-20250122-01

A vulnerability in the SUNRPC component of the Linux operating system kernel is related to an incorrect lock in the xsgetsrcport function in net/sunrpc/xprtsock.c, in rpcsysfsxprtsrcaddrshow function in net/sunrpc/sysfs.c. Exploitation of the vulnerability could allow an attacker to cause a denia...

5.5CVSS6.5AI score0.00254EPSS
Exploits0
Redos
Redos
•added 2025/01/17 12:0 a.m.•12 views

ROS-20250117-01

Exiv2 media metadata management library vulnerability is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...

4.3CVSS6.5AI score0.01104EPSS
Exploits0
Redos
Redos
•added 2025/01/15 12:0 a.m.•12 views

ROS-20250115-01

A vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird email client is related to improper permission persistence. exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information, to affect the confidentiality of protected informati...

7.5CVSS8.1AI score0.00611EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•12 views

ROS-20250114-04

The incognito mode vulnerability in Mozilla Firefox, Firefox ESR browsers is due to the application not properly impose security restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions Incognito mode vulnerability in...

9.8CVSS7.4AI score0.00738EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•12 views

ROS-20250114-08

A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•12 views

ROS-20250114-02

LibreOffice office suite vulnerability is related to incorrect cryptographic signature verification. signature. Exploitation of the vulnerability could allow an attacker to create a specially crafted document, which, upon recovery, would report the valid status of the electronic signature A...

10CVSS6.8AI score0.00428EPSS
Exploits0
Redos
Redos
•added 2024/12/20 12:0 a.m.•12 views

ROS-20241220-04

Vulnerability of ServerConfig.PublicKeyCallback function of the library for Go crypto programming language is related to a flaw in the authorization procedure for key processing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

9.1CVSS7.1AI score0.03092EPSS
Exploits2
Redos
Redos
•added 2024/12/18 12:0 a.m.•12 views

ROS-20241218-01

Vulnerability of the kmallocreserve function in the net/core/skbuff.c module of the network subsystem of the Linux kernel is related to integer overflow. Linux kernel subsystem is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

8.1CVSS7.1AI score0.01077EPSS
Exploits5
Redos
Redos
•added 2024/12/11 12:0 a.m.•12 views

ROS-20241211-03

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

8.8CVSS8.6AI score0.04422EPSS
Exploits1
Redos
Redos
•added 2024/12/04 12:0 a.m.•12 views

ROS-20241204-01

A vulnerability in the libstub component of the Linux kernel is related to the use of an uninitialized resource in the uninitialized resource in the efifree function in drivers/firmware/efi/libstub/fdt.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of servic...

5.5CVSS6.7AI score0.00253EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•12 views

ROS-20241203-21

The vulnerability of drawio diagramming software is related to improper neutralization of the of special elements used in the OS command. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary commands...

7.8CVSS8AI score0.01338EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•12 views

ROS-20241112-05

A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.8CVSS7.2AI score0.00894EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•12 views

ROS-20241112-09

A vulnerability in the Consul service configuration tool is related to input validation errors when processing catalog traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and read arbitrary files on the system...

8.3CVSS6.8AI score0.00473EPSS
Exploits0
Redos
Redos
•added 2024/11/07 12:0 a.m.•12 views

ROS-20241107-02

A vulnerability in the x86/mmu components of the Linux operating system kernel is related to incorrect calculations in the kvmtdpmmutrysplithugepages, kvmtdpmmucleardirtyslot, and cleardirtyptmasked functions in the arch/x86/kvm/mmu/tdpmmu.c. Exploitation of the vulnerability could allow an...

7.4CVSS7AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•12 views

ROS-20241028-02

The vulnerability of the net-netip component of Golang programming language is related to incorrect operation of Is methods IsPrivate, IsLoopback, etc. methods. Exploitation of the vulnerability can allow an intruder to bypass the existing access restriction policy...

9.8CVSS7.2AI score0.01952EPSS
Exploits0
Redos
Redos
•added 2024/10/17 12:0 a.m.•12 views

ROS-20241017-06

A vulnerability in the PeCoffLoaderRelocateImage function of the Tianocore EDK2 library is related to the invocation of memory corruption memory due to overflow through a contiguous network. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to...

5.9CVSS7.2AI score0.0037EPSS
Exploits0
Redos
Redos
•added 2024/10/17 12:0 a.m.•12 views

ROS-20241017-02

Vulnerability in the "CONNECT", "DISCONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" components of the message broker Eclipse Mosquitto is related to segmentation errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive...

7.5CVSS6.7AI score0.00748EPSS
Exploits0
Redos
Redos
•added 2024/10/15 12:0 a.m.•12 views

ROS-20241015-01

Vulnerability in the Image Element Handler component of the Haskell library for conversion from markup formats Pandoc is related to the provision of a specially crafted image element as input when creating files using the --extract-media parameter or outputting to PDF. file creation using the...

6.3CVSS7.2AI score0.00349EPSS
Exploits1
Redos
Redos
•added 2024/10/08 12:0 a.m.•12 views

ROS-20241008-03

A vulnerability in the TLS protocol implementation of Apache Tomcat application server is associated with uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service...

8.6CVSS7AI score0.01702EPSS
Exploits0
Redos
Redos
•added 2024/09/05 12:0 a.m.•12 views

ROS-20240905-01

Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...

9.8CVSS6.7AI score0.00641EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•12 views

ROS-20240827-03

Vulnerability of the file actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...

5.4CVSS6.3AI score0.0068EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•12 views

ROS-20240827-10

A vulnerability in the File Name Handler component of the vim text editor exists due to a bug in the use of pointers after memory release in the dialogchanged function. pointers after memory release in dialogchanged function. Exploitation of the vulnerability could allow an an attacker to cause a...

5.3CVSS6.5AI score0.00363EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•12 views

ROS-20240826-23

A vulnerability in the Blender three-dimensional computer graphics software suite is related to the lack of validation for values less than 0. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause a denial of...

7.8CVSS7.2AI score0.01135EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•12 views

ROS-20240826-27

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
Redos
Redos
•added 2024/08/15 12:0 a.m.•12 views

ROS-20240815-16

Vulnerability in authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS6.9AI score0.01261EPSS
Exploits1
Redos
Redos
•added 2024/08/06 12:0 a.m.•12 views

ROS-20240806-02

A vulnerability in the XML Handler component of the cross-platform messenger for the Jabber Gajim protocol is related to the the creation of XML strophs, allowing messages that were not sent by other users. Exploitation of the vulnerability could allow an attacker acting remotely to have an Impac...

5.3CVSS7.2AI score0.00455EPSS
Exploits0
Redos
Redos
•added 2024/08/02 12:0 a.m.•12 views

ROS-20240801-03

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS5.3AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/08/02 12:0 a.m.•12 views

ROS-20240801-04

A vulnerability in the JSSE component of the Java SE software platform and Oracle GraalVM for JDK virtual machine is related to errors in certificate authentication procedure. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service A vulnerability in the CORBA...

5.3CVSS5.3AI score0.014EPSS
Exploits0
Redos
Redos
•added 2024/07/31 12:0 a.m.•12 views

ROS-20240731-02

A vulnerability in the application programming interface of the libcue library is related to an operation exceeding the boundaries of the of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by downloading a control table from ...

8.8CVSS7.1AI score0.1657EPSS
Exploits1
Redos
Redos
•added 2024/06/13 12:0 a.m.•12 views

ROS-20240613-04

Vulnerability of RelinquishDCMInfo function of dcm.c component of ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial of service via a...

7.1CVSS6.9AI score0.01113EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•12 views

ROS-20240611-03

A vulnerability in the MIME-tools component of the open-source content filter for Amavis email is related to an interpretation conflict when a MIME email message has multiple boundary parameters. Exploitation of the vulnerability could allow an attacker acting remotely to elevate the privileges...

7.4CVSS7.1AI score0.00826EPSS
Exploits0
Redos
Redos
•added 2024/05/29 12:0 a.m.•12 views

ROS-20240529-04

A vulnerability in the ImageIO component of the Oracle Java SE software platform and the Oracle GraalVM Virtual Machine Enterprise Edition is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a partial denial of service Vulnerability i...

7.5CVSS7.6AI score0.46677EPSS
Exploits6
Redos
Redos
•added 2024/05/21 12:0 a.m.•12 views

ROS-20240521-11

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
•added 2024/05/14 12:0 a.m.•12 views

ROS-20240514-11

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/03 12:0 a.m.•12 views

ROS-20240503-14

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

8.2CVSS8AI score0.0112EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•12 views

ROS-20240503-17

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

8.2CVSS8AI score0.0112EPSS
Exploits0
Total number of security vulnerabilities5000