Lucene search
K

8110 matches found

Redos
Redos
•added 2024/07/03 12:0 a.m.•18 views

ROS-20240703-08

Vulnerability of the parsetagandwiretype function of the protobuf-c.c component of the data serialization protocol in the C programming language Protobuf-c is related to resource release errors. C programming language Protobuf-c protocol is related to errors in resource release. Exploitation of t...

5.5CVSS6.6AI score0.01058EPSS
Exploits1
Redos
Redos
•added 2024/07/03 12:0 a.m.•27 views

ROS-20240703-09

A vulnerability in the WSGI Werkzeug web application library is related to the fact that the application does not properly control the consumption of internal resources when parsing data from a composite form with a large number of fields. internal resource consumption when parsing data from a...

8CVSS8.1AI score0.03397EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•19 views

ROS-20240703-11

A vulnerability in the cloud-init virtual machine configuration package for Linux family operating systems is related to the fact that sensitive data could be exposed in cloud-init logs. Exploitation the vulnerability could allow an attacker to gain unauthorized access to the protected informatio...

5.5CVSS6.6AI score0.00263EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•19 views

ROS-20240702-06

The vulnerability of the libarchive archiving library of Windows operating systems is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.6AI score0.87784EPSS
Exploits0
Redos
Redos
•added 2024/07/03 12:0 a.m.•26 views

ROS-20240702-01

Vulnerabilities in Microsoft Visual Studio software development tool and Microsoft.NET Framework are related to uncontrolled resource consumption. Microsoft.NET Framework is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotel...

7.5CVSS6.9AI score0.15519EPSS
Exploits0
Redos
Redos
•added 2024/07/01 12:0 a.m.•32 views

ROS-20240701-03

Vulnerability in Moodle virtual learning environment related to improper validation of allowed event types in the calendar web service. events in the calendar web service. Exploitation of the vulnerability could allow an attacker acting remotely, to create events with types/audience for which the...

9.8CVSS6.5AI score0.00541EPSS
Exploits0
Redos
Redos
•added 2024/07/01 12:0 a.m.•20 views

ROS-20240701-01

A vulnerability in the GIMP graphical editor is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code GIMP graphical editor vulnerability is related to a buffer overflow on parsing GIMPP PSD files. Exploitation of the vulnerability could...

7.8CVSS8AI score0.93639EPSS
Exploits0
Redos
Redos
•added 2024/07/01 12:0 a.m.•20 views

ROS-20240701-02

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...

7.5CVSS7.1AI score0.81729EPSS
Exploits1
Redos
Redos
•added 2024/06/28 12:0 a.m.•28 views

ROS-20240628-01

A vulnerability in the Notes file of the distraction-free note-taking app for Nextcloud is related to the The ability to share a Notes folder with a new user before they are logged in. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive informatio...

4.6CVSS7AI score0.00312EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•29 views

ROS-20240627-05

A vulnerability in the updatesctpchecksum function of the QEMU hardware emulator is related to a reachability assertion when attempting to calculate the checksum of a fragmented packet of small size. of reachability when attempting to compute the checksum of a fragmented small packet. Exploitatio...

5.5CVSS6.5AI score0.00445EPSS
Exploits1
Redos
Redos
•added 2024/06/27 12:0 a.m.•13 views

ROS-20240627-02

A vulnerability in the VPN protocol library using the "IPsec" libreswan is related to a statement of reachability when processing IKEv1 packets without specifying the esp string. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.008EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•50 views

ROS-20240627-06

A vulnerability in the Calendar component of cloud storage creation and utilization software Nextcloud Server is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the 2FA component...

9.8CVSS7.5AI score0.01041EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•27 views

ROS-20240627-03

A vulnerability in the QEMU hardware emulator is related to a memory re-release error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by performing a DMA re-entry...

8.2CVSS7.4AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•36 views

ROS-20240627-04

A vulnerability in the ioctl component of the Flatpak application and environment management tool is related to copying text from the virtual console and pasting it into the command buffer, from which the command can be run after exiting the Flatpak application. Exploitation of the vulnerability...

10CVSS6.9AI score0.00887EPSS
Exploits0
Redos
Redos
•added 2024/06/27 12:0 a.m.•40 views

ROS-20240627-01

A vulnerability in the implementation of the CORS mechanism of Microsoft Edge and Google Chrome browsers is related to weaknesses in the access controls. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and disclose protected...

10CVSS8.8AI score0.15111EPSS
Exploits27
Redos
Redos
•added 2024/06/26 12:0 a.m.•28 views

ROS-20240625-06

Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data. Unauthorized access to confidential data...

8.8CVSS7.8AI score0.02084EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•14 views

ROS-20240625-05

A vulnerability in Salt's configuration management and remote execution system is related to the catalog traversal. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Salt configuration management and remote Salt operations...

7.7CVSS7AI score0.0083EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•25 views

ROS-20240625-04

A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the registervfs function hw/pci/pciesriov.c of the QEMU hardware emulator is related to a buffer overflo...

6.5CVSS6.8AI score0.01261EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•24 views

ROS-20240626-10

A vulnerability in the getUnpushedChanges function of the dependency manager for PHP Composer is related to the use of the status and reinstall commands. status, reinstall and remove commands. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary command...

8.8CVSS7.7AI score0.03255EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•24 views

ROS-20240626-12

A vulnerability in the Sphinx search engine is related to a path traversal error. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the protected information using the CALL SNIPPETS statement or the loadfile function...

7.5CVSS7AI score0.02166EPSS
Exploits2
Redos
Redos
•added 2024/06/26 12:0 a.m.•22 views

ROS-20240626-08

A vulnerability in the ISO 9660 Image File Handler component of the libcdio library is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

8.4CVSS7.8AI score0.00363EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•32 views

ROS-20240625-01

Vulnerability in tiff.c file of ImageMagick console graphics editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•18 views

ROS-20240625-07

Vulnerability in tiff.c file of ImageMagick console graphic editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•20 views

ROS-20240626-13

Vulnerability of ExtractImageSection function of LibTIFF library is related to buffer copying without checking the the size of the input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service using a crafted Tiff file...

5.5CVSS6.8AI score0.00317EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•20 views

ROS-20240626-14

Vulnerability of REFRESH MATERIALIZED VIEW CONCURRENTLY function of PostgreSQL database management system is related to privilege management errors in processing and checking command line parameters. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQ...

8CVSS7.5AI score0.01465EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•20 views

ROS-20240626-15

Vulnerability of avahishostnameresolverstart function of Avahi local network service discovery system is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.5AI score0.00374EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•29 views

ROS-20240620-17

Vulnerability of importmultispectralquantum function of ImageMagick console graphical editor is caused by by a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the ReadTIFFImage function of the ImageMagick...

7.5CVSS7.1AI score0.0272EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•15 views

ROS-20240626-16

A vulnerability in the CRI-O container mechanism is related to the creation of a symbolic link pointing to an arbitrary directory or file on the host through directory traversal. an arbitrary directory or file on the host through directory traversal. Exploitation of the vulnerability could allow ...

8.1CVSS6.9AI score0.01237EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•10 views

ROS-20240620-18

Vulnerability in the ReadTIFFImage function of the ImageMagick console graphical editor related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the importmultispectralquantum function of the...

7.5CVSS7.1AI score0.0272EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•20 views

ROS-20240625-03

A vulnerability in the GlutAddSubMenu function of the MuPDF PDF viewer is related to a memory leak via the MenuEntry variable. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the GlutAddMenuEntry function of the MuPDF PDF...

7.5CVSS6.6AI score0.01147EPSS
Exploits2
Redos
Redos
•added 2024/06/26 12:0 a.m.•25 views

ROS-20240625-02

A vulnerability in the lxc-user-nic component of the LXC virtualization system is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to the protected information...

3.3CVSS6.6AI score0.00702EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•18 views

ROS-20240626-07

A vulnerability in the Net::CIDR::Lite module of the Perl programming language interpreter is related to bugs in the handling foreign null characters at the beginning of an IP address string. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access controls...

6.3CVSS6.9AI score0.00493EPSS
Exploits0
Redos
Redos
•added 2024/06/26 12:0 a.m.•26 views

ROS-20240626-09

Vulnerability of opj2decompress program of OpenJPEG image encoding and decoding library is related to incorrect processing of a directory with a large number of files. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability of -ImgDir comman...

5.5CVSS7AI score0.0156EPSS
Exploits1
Redos
Redos
•added 2024/06/26 12:0 a.m.•20 views

ROS-20240619-11

Vulnerability in imgallochelper function of libaom video encoding library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafted data...

10CVSS6.8AI score0.01254EPSS
Exploits1
Redos
Redos
•added 2024/06/19 12:0 a.m.•27 views

ROS-20240619-03

A vulnerability in the userinfo URI subcomponent of the GNU Wget download manager is related to an insecure behavior whereby in which data that should be in the userinfo subcomponent is misinterpreted as being part of the host subcomponent. Exploitation of the vulnerability could allow an attacke...

9.1CVSS6.7AI score0.00672EPSS
Exploits0
Redos
Redos
•added 2024/06/19 12:0 a.m.•18 views

ROS-20240619-02

Vulnerability of JSON object signing and encryption module for Erlang and Elixir programming languages erlang-jose JOSE for Erlang is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

5.3CVSS7AI score0.00887EPSS
Exploits0
Redos
Redos
•added 2024/06/19 12:0 a.m.•33 views

ROS-20240619-01

A vulnerability in the OpenSSH ECDSA Key Handler component of the OpenSSH ECDSA Key Handler technology for signing and encrypting JavaScript objects in Python is related to the definition of a blacklist of prefixes for public keys. Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS6.7AI score0.00783EPSS
Exploits2
Redos
Redos
•added 2024/06/18 12:0 a.m.•32 views

ROS-20240618-01

A vulnerability in the SVG Handler component of the RoundCube email client is related to cross-site scripting attacks. Exploitation of the vulnerability could allow an attacker acting remotely to exploit XSS via the SVG animation attributes. Vulnerability in the User Preferences Handler component...

6.1CVSS5.4AI score0.73296EPSS
Exploits5
Redos
Redos
•added 2024/06/18 12:0 a.m.•21 views

ROS-20240618-02

Vulnerability in util/gif2rgb.c file of GIFLIB library for working with GIF files is related to memory leakage through a gif file. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...

8.8CVSS6.4AI score0.01533EPSS
Exploits1
Redos
Redos
•added 2024/06/17 12:0 a.m.•22 views

ROS-20240617-02

A vulnerability in the bgpd/bgpattr.c file of a software tool for implementing network routing on Unix-like FRRouting systems is related to read outside bgpattraigpvalid bounds, as there are no AIGP checks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denia...

9.8CVSS7.4AI score0.0096EPSS
Exploits0
Redos
Redos
•added 2024/06/17 12:0 a.m.•20 views

ROS-20240617-01

The strongSwan daemon vulnerability is related to certificate validation errors in TLS-based EAP methods. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...

9.8CVSS7.1AI score0.02264EPSS
Exploits0
Redos
Redos
•added 2024/06/14 12:0 a.m.•20 views

ROS-20240614-01

Vulnerability of UnRAR file unzipping tool is related to incorrect restriction of the path name to the directory with restricted access. Exploitation of the vulnerability could allow a remote attacker, Overwrite arbitrary files using a specially crafted archive...

7.5CVSS7.2AI score0.98975EPSS
Exploits12
Redos
Redos
•added 2024/06/14 12:0 a.m.•23 views

ROS-20240614-02

The vulnerability in the Python programming language interpreter is related to errors in the conversion of int and str data types. int and str data types. Exploitation of the vulnerability could allow an attacker to cause a denial of service due to the algorithmic complexity...

7.5CVSS6.9AI score0.03213EPSS
Exploits0
Redos
Redos
•added 2024/06/13 12:0 a.m.•23 views

ROS-20240613-02

The vulnerability of the RelinquishDCMInfo function of the dcm.c component of the ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial ...

7.1CVSS7.3AI score0.01113EPSS
Exploits0
Redos
Redos
•added 2024/06/13 12:0 a.m.•14 views

ROS-20240613-01

A vulnerability in the tlsnewciphertext function of the iPXE network boot standard is related to manipulation of the padlen argument in the src/net/tls.c file of the TLS component. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive information...

4.3CVSS6.7AI score0.00481EPSS
Exploits0
Redos
Redos
•added 2024/06/13 12:0 a.m.•12 views

ROS-20240613-04

Vulnerability of RelinquishDCMInfo function of dcm.c component of ImageMagick console graphic editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data, as well as cause a denial of service via a...

7.1CVSS6.9AI score0.01113EPSS
Exploits0
Redos
Redos
•added 2024/06/13 12:0 a.m.•20 views

ROS-20240613-03

Vulnerability in program/lib/Roundcube/rcubestringreplacer.php component of RoundCube mail client Webmail exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...

6.1CVSS6.2AI score0.58483EPSS
Exploits2
Redos
Redos
•added 2024/06/11 12:0 a.m.•14 views

ROS-20240611-01

Vulnerability in BSON Handler component of PyMongo client library is related to deserialize incorrect BSON. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive information...

8.1CVSS6.8AI score0.00663EPSS
Exploits0
Redos
Redos
•added 2024/06/11 12:0 a.m.•27 views

ROS-20240611-08

A vulnerability in the PushShortPixel function of a program for reading and editing files of multiple graphic formats, ImageMagick, is related to the passing of a specially created TIFF image file to ImageMagick for editing. of the ImageMagick program for reading and editing files of multiple...

5.5CVSS7AI score0.00553EPSS
Exploits1
Redos
Redos
•added 2024/06/11 12:0 a.m.•14 views

ROS-20240611-17

A vulnerability in the PushShortPixel function of a program for reading and editing files of multiple graphic formats, ImageMagick, is related to the passing of a specially created TIFF image file to ImageMagick for editing. of the ImageMagick program for reading and editing files of multiple...

5.5CVSS6.6AI score0.00553EPSS
Exploits1
Total number of security vulnerabilities8110