Lucene search
K

8110 matches found

Redos
Redos
•added 2024/07/30 12:0 a.m.•11 views

ROS-20240730-16

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...

7.4CVSS7.4AI score0.01026EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•12 views

ROS-20240730-17

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machines for JDK and Oracle GraalVM Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the...

7.5CVSS7.3AI score0.00911EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•17 views

ROS-20240730-05

Vulnerability of search filter ldbmsearch.c of 389 Directory Server is related to access delimitation flaws. Exploitation of the vulnerability could allow an intruder acting remotely to gain unauthorized access to protected information...

7.5CVSS6.7AI score0.01394EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•38 views

ROS-20240730-13

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/07/30 12:0 a.m.•16 views

ROS-20240730-02

Lasso library vulnerability is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity and availability of protected information...

7.5CVSS6.7AI score0.01325EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•20 views

ROS-20240730-06

A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...

7.8CVSS7.3AI score0.00445EPSS
Exploits0
Redos
Redos
•added 2024/07/30 12:0 a.m.•24 views

ROS-20240730-07

A vulnerability in the PHP interpreter is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to install a standard, unsafe cookie in the victim's browser. insecure cookie...

6.5CVSS7.1AI score0.49336EPSS
Exploits2
Redos
Redos
•added 2024/07/29 12:0 a.m.•28 views

ROS-20240729-20

Squid proxy server vulnerability is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.3CVSS6.8AI score0.06255EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•31 views

ROS-20240729-21

Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is associated wi...

9.9CVSS6.9AI score0.16496EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•25 views

ROS-20240729-09

Vulnerability in Cargo package manager of Rust programming language is related to ignoring umask when extracting archives created on UNIX-like systems. when retrieving archives created on UNIX-like systems. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute...

7.9CVSS7.6AI score0.00763EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•20 views

ROS-20240729-08

A vulnerability in the scanps function of the libppd library of the CUPS print server is related to the operation exceeding the boundaries of the buffer in memory when processing the length of PPD files. Exploitation of the vulnerability could allow an attacker to elevate his privileges and execu...

7CVSS7.6AI score0.00663EPSS
Exploits2
Redos
Redos
•added 2024/07/29 12:0 a.m.•282 views

ROS-20240729-18

Vulnerability of kubelet utility of Kubernetes virtual machine cluster management software for Windows operating systems is related to incorrectly used standard permissions. Windows operating systems is related to incorrectly used standard permissions. Exploitation vulnerability could allow an...

6.1CVSS6.3AI score0.00312EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•18 views

ROS-20240729-05

Vulnerability in the libssh2 library of Libgit2's implementation of Git's C methods is related to validation bugs of cryptographic signatures. Exploitation of the vulnerability could allow an attacker acting remotely, execute a man-in-the-middle attack...

5.9CVSS6.6AI score0.0058EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•26 views

ROS-20240729-03

A vulnerability in the GLPI reports plugin of the GLPI reports system is related to incorrect neutralization of input data during web page generation. neutralization of input data during web page generation. Exploitation of the vulnerability could allow a remote attacker to conduct XSS attacks...

6.1CVSS6.2AI score0.00361EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•16 views

ROS-20240729-04

A vulnerability in the JsonErrorReportValve class of the Apache Tomcat application server is related to a flaw in the mechanism of for encoding or escaping output data. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the integrity of protected information...

7.5CVSS6.5AI score0.02505EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•24 views

ROS-20240729-01

Vulnerability in Forms Authentication in Application Server Web Application Examples Apache Tomcat exists due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...

6.1CVSS5.9AI score0.06156EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•27 views

ROS-20240729-02

An implementation vulnerability in the EncryptInterceptor class of Apache Tomcat application server is related to incomplete program execution documentation. program execution documentation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.71653EPSS
Exploits5
Redos
Redos
•added 2024/07/29 12:0 a.m.•18 views

ROS-20240729-19

The 389 Directory Server vulnerability is related to the ability of an unauthenticated user to cause a systematic server crash when submitting a specific advanced search query. query. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

6.5CVSS6.8AI score0.00923EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•44 views

ROS-20240729-17

Vulnerability in modrewrite module of Apache HTTP Server is related to insufficient checking of incoming requests. of incoming requests. Exploitation of the vulnerability could allow a remote attacker, gain unauthorized access to the device by forging requests on behalf of the server...

9.1CVSS6.8AI score0.01536EPSS
Exploits5
Redos
Redos
•added 2024/07/29 12:0 a.m.•13 views

ROS-20240729-14

A vulnerability in the logentryattr function of the 389-ds-base component is related to a buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.2AI score0.00304EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•26 views

ROS-20240729-15

A vulnerability in the django.utils.text.Truncator.words function of the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

5.3CVSS6.7AI score0.01854EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•22 views

ROS-20240729-16

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

8.3CVSS8AI score0.01279EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•18 views

ROS-20240729-07

Vulnerability in the GLPI request and incident handling system related to improper privilege management. privileges. Exploitation of the vulnerability could allow an attacker acting remotely to steal confidential information Vulnerability in the GLPI reporting plugin is related to improper...

6.8CVSS6.9AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•30 views

ROS-20240729-10

Vulnerability in HttpServletRequest.getParameter andHttpServletRequest.getParts functions of servlet container Eclipse Jetty is related to the allocation of unlimited memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The Eclipse Jetty...

5.3CVSS6.9AI score0.0326EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•28 views

ROS-20240729-11

A vulnerability in the Cargo package manager of the Rust programming language involves the injection of arbitrary HTML after including it in a report generated by Cargo. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

6.1CVSS7.9AI score0.00846EPSS
Exploits0
Redos
Redos
•added 2024/07/29 12:0 a.m.•23 views

ROS-20240729-12

A vulnerability in the Eclipse Jetty servlet container is related to length overflow errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.03754EPSS
Exploits1
Redos
Redos
•added 2024/07/29 12:0 a.m.•20 views

ROS-20240729-13

Vulnerability of cJSONInsertItemInArray function of JSON-C library for JSON-C JSON processing is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

7.5CVSS6.7AI score0.01508EPSS
Exploits1
Redos
Redos
•added 2024/07/29 12:0 a.m.•17 views

ROS-20240729-06

A vulnerability in the TLS and SSL protocol implementation of the Mbed TLS software is related to the ability to of writing outside of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely, overwrite data in the memory buffer and recover a private RSA key...

9.8CVSS6.8AI score0.01147EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•21 views

ROS-20240726-02

A vulnerability in the HAProxy server software is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.6AI score0.01834EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•33 views

ROS-20240726-01

A vulnerability in GLPI's request and incident handling system is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to impact the system integrity A vulnerability in the GLPI request and incident handling system is associated with the...

10CVSS7.7AI score0.50889EPSS
Exploits6
Redos
Redos
•added 2024/07/26 12:0 a.m.•27 views

ROS-20240726-04

Vulnerability in Moodle virtual learning environment due to a risk in CSV import method XSS. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a cross-site scripting XSS attack. cross-site scripting XSS...

6.1CVSS5.7AI score0.00506EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•303 views

ROS-20240726-08

Vulnerability in the httpjson component of Elastick Stack Filebeat is due to a bug in the input data of the httpjson, because of which the contents of the Authorization or Proxy-Authorization http-request header may into the debug logs. Exploitation of the vulnerability could allow an attacker...

5.5CVSS6.4AI score0.00182EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•44 views

ROS-20240726-05

Apache HTTP Server web server vulnerability is related to failure to take measures to handle sequences of CRLF sequences in HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, Perform HTTP response splitting attacks Apache HTTP Server vulnerability is related ...

7.3CVSS6.7AI score0.03914EPSS
Exploits0
Redos
Redos
•added 2024/07/26 12:0 a.m.•26 views

ROS-20240726-03

A vulnerability in the cjson and cmsgpack libraries of the Redis database management system DBMS is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted Lua...

8.8CVSS7.3AI score0.4292EPSS
Exploits1
Redos
Redos
•added 2024/07/26 12:0 a.m.•18 views

ROS-20240726-07

A vulnerability in the Sign-In component of the Google Chrome browser is related to the ability to bypass navigation restrictions using a specially crafted HTML page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute cross-site scripted attacks...

6.5CVSS6.5AI score0.00293EPSS
Exploits1
Redos
Redos
•added 2024/07/26 12:0 a.m.•16 views

ROS-20240726-06

The vulnerability in the WebKitGTK and WPE WebKit web page display modules is related to the existence of a method of limited sandbox traversal, which allows an isolated process to trick host processes into thinking that the isolated process is not sandboxed. them into thinking that the isolated...

5.3CVSS6.5AI score0.00501EPSS
Exploits1
Redos
Redos
•added 2024/07/25 12:0 a.m.•25 views

ROS-20240725-01

Vulnerability of HTTP/3 QUIC module ngxhttpv3module of NGINX Plus and NGINX OSS web servers is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service using specially craft...

5.3CVSS7.1AI score0.00917EPSS
Exploits0
Redos
Redos
•added 2024/07/25 12:0 a.m.•23 views

ROS-20240725-03

A vulnerability in Google Chrome browser's JavaScript script handler V8 is related to reading outside the boundaries of memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform access outside the outside of the allocated memory space using a specially crafted...

6.5CVSS6.3AI score0.00247EPSS
Exploits1
Redos
Redos
•added 2024/07/25 12:0 a.m.•39 views

ROS-20240725-02

Squid proxy vulnerability is related to SSL/TLS certificate validation errors. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...

8.6CVSS6.8AI score0.04012EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•20 views

ROS-20240723-06

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.00857EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•25 views

ROS-20240723-03

Vulnerability of Ruby interpreter's Net::FTP class implementation is related to flaws in service data protection using the PASV command. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. remotely, to gain unauthorized...

7.4CVSS7.2AI score0.0305EPSS
Exploits2
Redos
Redos
•added 2024/07/24 12:0 a.m.•26 views

ROS-20240724-01

A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an intruder to execute arbitrary code through a specially crafted HTML page A vulnerability in th...

8.8CVSS7.6AI score0.00419EPSS
Exploits9
Redos
Redos
•added 2024/07/24 12:0 a.m.•21 views

ROS-20240723-04

A vulnerability in the fetchmail mail receiving and forwarding utility is related to incorrect resource initialization. Exploitation of the vulnerability may allow an attacker to gain access to confidential information...

7.5CVSS6.7AI score0.0256EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•28 views

ROS-20240723-05

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an insecure privilege management vulnerability. insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate their privileges A vulnerability in the...

8.8CVSS7.9AI score0.01094EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•23 views

ROS-20240723-02

Vulnerability in Pygments library's SMLLexer function is related to entering an infinite loop. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.02707EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•22 views

ROS-20240723-01

A vulnerability in the Key Distribution Center KDC component of the Kerberos network authentication protocol is associated with the NULL pointer dereferencing. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service...

7.5CVSS6.9AI score0.10276EPSS
Exploits0
Redos
Redos
•added 2024/07/24 12:0 a.m.•17 views

ROS-20240724-02

A vulnerability in the Dawn component of Microsoft Edge and Google Chrome browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code using a specially crafted HTML page A vulnerability in the SwiftShader...

8.8CVSS6.8AI score0.00546EPSS
Exploits4
Redos
Redos
•added 2024/07/19 12:0 a.m.•46 views

ROS-20240719-02

Vulnerability in the makeHttpRequest function of the htdocs/js/ajaxfunctions.js file of the web administration tool LDAP phpLDAPAPadmin is related to inconsistent interpretation of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to cause smuggling of http...

6.5CVSS6.8AI score0.00426EPSS
Exploits0
Redos
Redos
•added 2024/07/19 12:0 a.m.•17 views

ROS-20240719-01

A vulnerability in the github.com/containers/image library is related to the fact that an attacker can initiate unexpected authenticated registry accesses on behalf of a victim user. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource depletion, local path...

8.3CVSS8AI score0.01279EPSS
Exploits0
Redos
Redos
•added 2024/07/19 12:0 a.m.•18 views

ROS-20240719-03

A vulnerability in the jaraco/zipp library of the pathlib-compatible Zipfile object shell is related to the processing of specially crafted zip files, resulting in an infinite loop. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service...

6.2CVSS6.7AI score0.00236EPSS
Exploits0
Total number of security vulnerabilities8110