Lucene search
K

8160 matches found

Redos
Redos
•added 2024/05/22 12:0 a.m.•36 views

ROS-20240522-05

A vulnerability in the Hotspot component of Java SE software platforms, Oracle GraalVM Enterprise Virtual Machine Edition is related to insufficient input data validation. Exploitation of the vulnerability could allow A remote attacker to create, delete, or modify access to data Vulnerability in...

7.5CVSS6.8AI score0.17673EPSS
Exploits2
Redos
Redos
•added 2024/05/22 12:0 a.m.•20 views

ROS-20240522-07

A vulnerability in the Firebird database management system is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a long CHAR instruction...

7.5CVSS6.8AI score0.00658EPSS
Exploits0
Redos
Redos
•added 2024/05/22 12:0 a.m.•26 views

ROS-20240522-01

A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host system...

7.2CVSS7.1AI score0.01418EPSS
Exploits0
Redos
Redos
•added 2024/05/22 12:0 a.m.•30 views

ROS-20240522-03

A vulnerability in the KUBE-APISERVER component of the virtual machine cluster management software tool Kubernetes is related to the use of containers with a populated envFrom field.Exploitation of the vulnerability could allow an attacker acting remotely to launch containers bypassing the securi...

2.7CVSS6.8AI score0.02224EPSS
Exploits1
Redos
Redos
•added 2024/05/21 12:0 a.m.•21 views

ROS-20240521-02

Vulnerability in HTTP Digest Authentication handler of Squid proxy server is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other impact. remotely to cause a denial of service or other impact...

8.6CVSS7.2AI score0.85944EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•17 views

ROS-20240521-01

Mutt mail client vulnerability is related to pointer dereferencing errors when processing message headers. message headers. Exploitation of the vulnerability could allow an attacker to cause a denial of service Mutt mail client vulnerability is related to null pointer dereferencing. Exploitation ...

6.5CVSS7.1AI score0.00719EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•21 views

ROS-20240521-06

A vulnerability in the RSA Key Exchange Handler component of the encryption and SSL toolkit for Python m2crypto is related to decryption of captured messages on TLS servers using RSA key exchange. Exploitation of the vulnerability could allow an attacker acting remotely, allowing an intruder to t...

7.5CVSS7AI score0.01124EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•33 views

ROS-20240521-05

A vulnerability in the Hotspot component of the Oracle Java SE software platform and Oracle GraalVM Virtual Machine Enterprise Edition exists due to insufficient input validation. Exploitation of the vulnerability could Allow a remote attacker to disclose protected information A vulnerability in...

7.5CVSS7.1AI score0.17673EPSS
Exploits3
Redos
Redos
•added 2024/05/21 12:0 a.m.•11 views

ROS-20240521-09

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
•added 2024/05/21 12:0 a.m.•8 views

ROS-20240521-10

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
•added 2024/05/21 12:0 a.m.•29 views

ROS-20240521-07

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

7.5CVSS7AI score0.01118EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•12 views

ROS-20240521-11

A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to the lack of message integrity checking. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or...

7.4CVSS7.4AI score0.02474EPSS
Exploits1
Redos
Redos
•added 2024/05/21 12:0 a.m.•24 views

ROS-20240521-03

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

9.8CVSS7AI score0.01869EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•20 views

ROS-20240521-04

Vulnerability of the lysparsemem function parser and data modeling language toolkit for YANG libyang is related to the lack of a check if the value mod-revision is NULL. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.1AI score0.00986EPSS
Exploits0
Redos
Redos
•added 2024/05/21 12:0 a.m.•29 views

ROS-20240521-08

A vulnerability in the API interface of the Grafana web-based data representation tool is related to insecure privilege management. privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to restricted functions A vulnerability in...

8.8CVSS7.4AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/05/16 12:0 a.m.•33 views

ROS-20240516-01

Vulnerability of Less, a utility for UNIX-like text terminals, is related to incorrect processing of quotation marks in filename.c file. quotes in the filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

8.6CVSS6.9AI score0.00628EPSS
Exploits0
Redos
Redos
•added 2024/05/14 12:0 a.m.•14 views

ROS-20240514-08

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•47 views

ROS-20240514-04

A vulnerability in the Netty networking software is associated with the occurrence of an interpretation conflict. Exploitation of the vulnerability could allow an attacker acting remotely to disclose and modify protected information A vulnerability in the Netty networking software is related to...

7.5CVSS6.8AI score0.02459EPSS
Exploits4
Redos
Redos
•added 2024/05/14 12:0 a.m.•25 views

ROS-20240514-03

The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS8.1AI score0.99615EPSS
Exploits7
Redos
Redos
•added 2024/05/14 12:0 a.m.•15 views

ROS-20240514-16

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•13 views

ROS-20240514-14

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•9 views

ROS-20240514-15

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•34 views

ROS-20240514-01

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.4AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•20 views

ROS-20240514-09

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•14 views

ROS-20240514-07

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•9 views

ROS-20240514-06

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•11 views

ROS-20240514-13

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect cleanup or release of resources. MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•15 views

ROS-20240514-12

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•44 views

ROS-20240514-05

Vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to a buffer overflow on the stack. buffer overflow on the stack. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial...

6.5CVSS7.2AI score0.01476EPSS
Exploits1
Redos
Redos
•added 2024/05/14 12:0 a.m.•44 views

ROS-20240514-02

A vulnerability in the Apache Maven framework is related to a flaw in the data source validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

9.1CVSS6.6AI score0.08691EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•18 views

ROS-20240514-10

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/14 12:0 a.m.•12 views

ROS-20240514-11

The vulnerability of the file includes/specials/SpecialMovePage.php of the software tool for implementing the MediaWiki hypertext environment is related to incorrect resource clearing or freeing. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00898EPSS
Exploits2
Redos
Redos
•added 2024/05/08 12:0 a.m.•26 views

ROS-20240508-01

Vulnerability in the Rack module of the Ruby interpreter is related to incorrect implementation of the Ruby programming language of handling invalid URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS7AI score0.35376EPSS
Exploits2
Redos
Redos
•added 2024/05/07 12:0 a.m.•42 views

ROS-20240507-09

Vulnerability in the Extensions component of Microsoft Edge and Google Chrome browsers is related to incorrect security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information V8 JavaScript script handler...

9.8CVSS8.2AI score0.19883EPSS
Exploits34
Redos
Redos
•added 2024/05/07 12:0 a.m.•23 views

ROS-20240507-01

Vulnerability of ANSI Escape Sequence Handler component of WinRAR file archiver is related to errors in input data processing. input data processing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or tamper with screen output...

7.1CVSS6.9AI score0.00817EPSS
Exploits1
Redos
Redos
•added 2024/05/07 12:0 a.m.•13 views

ROS-20240503-19

A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks...

9.8CVSS9.4AI score0.04031EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•36 views

ROS-20240507-03

A vulnerability in the FileBackedOutputStream feature of the Google Guava Java library suite is related to the use of files and directories accessible to external parties. Exploitation of the vulnerability could allow an attacker to Gain unauthorized access to protected information...

7.1CVSS6.6AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•34 views

ROS-20240507-07

A vulnerability in the ProcRenderAddGlyphs function of the X Window System Xorg-server is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted file Vulnerability of ProcXIPassiveGrabDevi...

7.8CVSS7.4AI score0.01843EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•34 views

ROS-20240507-08

Vulnerability of nghttp2 library in part of HTTP/2 protocol implementation is related to uncontrolled resource consumption as a result of incorrect header termination detection during CONTINUATION frames processing. resources as a result of incorrect header termination detection during CONTINUATI...

5.3CVSS7.9AI score0.8496EPSS
Exploits1
Redos
Redos
•added 2024/05/07 12:0 a.m.•18 views

ROS-20240503-18

A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks A vulnerability in the Apache Maven framework is...

9.8CVSS9.6AI score0.08691EPSS
Exploits2
Redos
Redos
•added 2024/05/07 12:0 a.m.•19 views

ROS-20240507-06

A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management tool is related to the injection or modification of arguments. Exploitation of the vulnerability could allow an attacker to to exit an isolated program environment and access files on the...

8.4CVSS7AI score0.00512EPSS
Exploits1
Redos
Redos
•added 2024/05/07 12:0 a.m.•24 views

ROS-20240507-04

A vulnerability in the Temp File Handler component of rc is related to the creation of temporary files. Exploitation The exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

7.5CVSS6.9AI score0.01317EPSS
Exploits0
Redos
Redos
•added 2024/05/07 12:0 a.m.•29 views

ROS-20240507-05

Vulnerability of setKey function of minimist command line argument parsing library is related to uncontrolled change of object prototype attributes. Exploitation of the vulnerability could allow an attacker to implement a "prototype pollution" attack...

9.8CVSS6.9AI score0.04581EPSS
Exploits1
Redos
Redos
•added 2024/05/06 12:0 a.m.•30 views

ROS-20240506-01

A vulnerability in the libexpat XML parser library is related to incorrect restriction of XML references to external objects. XML references to external objects. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting specially crafte...

7.5CVSS7.2AI score0.02006EPSS
Exploits1
Redos
Redos
•added 2024/05/06 12:0 a.m.•42 views

ROS-20240506-02

A vulnerability in the Glib library is related to GVariant deserialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of Glib library function gbytearraynewtake is related to buffer copying without checking the the size of the input data...

7.8CVSS7.3AI score0.0408EPSS
Exploits1
Redos
Redos
•added 2024/05/03 12:0 a.m.•46 views

ROS-20240503-02

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.1AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/05/03 12:0 a.m.•25 views

ROS-20240503-06

Vulnerability in the GLPI request and incident handling system related to incorrect input neutralization during web page creation. during the creation of a web page. Exploitation of the vulnerability could allow an attacker acting remotely, perform an XSS attack...

4.8CVSS6.1AI score0.00665EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•26 views

ROS-20240503-12

Vulnerability in administration console of cross-platform real-time collaboration server Openfire is related to a path traversal capability. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

8.6CVSS7.2AI score0.99999EPSS
Exploits15
Redos
Redos
•added 2024/05/03 12:0 a.m.•18 views

ROS-20240503-09

Vulnerability in the IPv6 implementation of the container isolation software tool Moby is related to disclosure of information in an erroneous data area. Exploitation of the vulnerability could allow an attacker to obtain sensitive information...

6.5CVSS6.2AI score0.00353EPSS
Exploits0
Redos
Redos
•added 2024/05/03 12:0 a.m.•47 views

ROS-20240503-10

Vulnerability of iconv function of glibc system library is related to possibility of writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to potentially execute arbitrary code by injecting a specially crafted PHP file...

7.3CVSS7.1AI score0.8833EPSS
Exploits16
Total number of security vulnerabilities8160