Lucene search
K

8162 matches found

Redos
Redos
•added 2024/04/18 12:0 a.m.•22 views

ROS-20240418-03

A vulnerability in the underlying authentication system of the Grafana web presentation tool is related to flaws in the authorization mechanism when processing the verifyemailenabled parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass email verification...

5.4CVSS7.5AI score0.01385EPSS
Exploits1
Redos
Redos
•added 2024/04/18 12:0 a.m.•34 views

ROS-20240418-02

Vulnerabilities in Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool are related to security settings errors. Microsoft Visual Studio software development tool is related to errors in security settings. Exploitation vulnerability could allow ...

9.8CVSS7.3AI score0.02778EPSS
Exploits0
Redos
Redos
•added 2024/04/15 12:0 a.m.•30 views

ROS-20240415-02

Vulnerability of udevListInterfacesByStatus function in module src/interface/interfacebackendudev.c of libvirt library is caused by an off-by-one error. module of the libvirt library has an off-by-one error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00398EPSS
Exploits0
Redos
Redos
•added 2024/04/15 12:0 a.m.•20 views

ROS-20240415-01

A vulnerability in the jbig2error function of the jbig2.c file of the Jbig2dec image compression format decoder is related to the SEGV vulnerability. SEGV vulnerability. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.00753EPSS
Exploits1
Redos
Redos
•added 2024/04/15 12:0 a.m.•29 views

ROS-20240415-04

Wireshark computer network traffic analyzer vulnerability related to memory leak in USB dissector HID. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of denial of service...

7.5CVSS6.7AI score0.02747EPSS
Exploits2
Redos
Redos
•added 2024/04/15 12:0 a.m.•33 views

ROS-20240415-03

Vulnerability of aprbase64 function of Apache Portable Runtime APR library is related to the ability to to write outside the buffer, act remotely, execute arbitrary code...

6.5CVSS7.8AI score0.01417EPSS
Exploits0
Redos
Redos
•added 2024/04/12 12:0 a.m.•19 views

ROS-20240412-03

Atril document viewer vulnerability is related to incorrect path restriction to a restricted directory. Exploitation of the vulnerability could allow an attacker to write arbitrary files anywhere in the file system...

8.5CVSS7.2AI score0.01016EPSS
Exploits2
Redos
Redos
•added 2024/04/12 12:0 a.m.•30 views

ROS-20240412-02

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/12 12:0 a.m.•46 views

ROS-20240412-06

A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...

9.8CVSS8.6AI score0.87816EPSS
Exploits2
Redos
Redos
•added 2024/04/12 12:0 a.m.•37 views

ROS-20240412-04

A vulnerability in Salt's configuration management and remote execution system is related to the copying a script along a predictable path. Exploitation of the vulnerability could allow an attacker, acting remotely to run their own script. A vulnerability in the symbolic.py component of the Pytho...

8.1CVSS7.6AI score0.01207EPSS
Exploits1
Redos
Redos
•added 2024/04/12 12:0 a.m.•19 views

ROS-20240412-05

A vulnerability in the gfisomnewgenericsampledescription function of the GPAC multimedia platform is related to the buffer copying without checking the input size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.1AI score0.00534EPSS
Exploits1
Redos
Redos
•added 2024/04/12 12:0 a.m.•24 views

ROS-20240412-07

A vulnerability in the tiffreadrgbatileext function of the LibTIFF library is related to writing beyond buffer boundaries in the memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service...

7.5CVSS6.8AI score0.02187EPSS
Exploits0
Redos
Redos
•added 2024/04/12 12:0 a.m.•25 views

ROS-20240412-01

Vulnerability of authfile.c file of memcached data caching software is related to buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service using a specially crafted authentication file...

9.8CVSS8.3AI score0.00778EPSS
Exploits1
Redos
Redos
•added 2024/04/11 12:0 a.m.•46 views

ROS-20240411-07

A vulnerability in the UEFI shim bootloader is related to errors in the MZ binary format. Exploitation of the vulnerability could allow an attacker to cause a denial of service The shim UEFI bootloader vulnerability is related to out-of-bounds read errors when attempting to check the SBAT...

8.3CVSS8.4AI score0.04852EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•34 views

ROS-20240411-06

A vulnerability in the xmalloc in function of the openvswitch module is related to a lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.1AI score0.00568EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•33 views

ROS-20240411-04

Vulnerability of sessionReadRecord function of ext/session/sqlite3session.c file of database management system SQLite is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availability...

7.3CVSS7.7AI score0.01249EPSS
Exploits1
Redos
Redos
•added 2024/04/11 12:0 a.m.•13 views

ROS-20240411-11

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•15 views

ROS-20240411-12

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•10 views

ROS-20240411-10

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•20 views

ROS-20240411-03

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.1AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•49 views

ROS-20240411-08

The Jenkins Automation Server vulnerability involves the creation of temporary files with insecure permissions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, or delete files A vulnerability in the args4j library of the Jenkins Git server...

9.8CVSS7.6AI score0.99999EPSS
Exploits47
Redos
Redos
•added 2024/04/11 12:0 a.m.•14 views

ROS-20240411-09

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•29 views

ROS-20240411-01

A vulnerability in the modauthzsvn module of the Subversion centralized version control system is related to incorrectly handling requests for non-existent URLs. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.37516EPSS
Exploits1
Redos
Redos
•added 2024/04/11 12:0 a.m.•36 views

ROS-20240411-05

The vulnerability of the eval function of the ImageMath module of the Pillow image manipulation library is related to incorrect control of code generation when processing the environment parameter. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS8.2AI score0.01703EPSS
Exploits0
Redos
Redos
•added 2024/04/11 12:0 a.m.•31 views

ROS-20240411-02

The Etcd configuration parameter store vulnerability is related to sending an authentication request to the etcdserver with a username and password. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

9.8CVSS7.6AI score0.01605EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•30 views

ROS-20240410-21

A vulnerability in the RPM Package Manager of Red Hat Enterprise Linux operating systems is related to the lack of RPM signature verification of subsection binding before importing them. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges A...

6.7CVSS7.3AI score0.00491EPSS
Exploits3
Redos
Redos
•added 2024/04/10 12:0 a.m.•13 views

ROS-20240410-25

A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...

9.8CVSS7AI score0.00468EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•37 views

ROS-20240410-20

A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...

9.8CVSS7.3AI score0.00468EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-23

A vulnerability in the opencryptoki package is related to the processing of RSA PKCS1 augmented ciphertexts. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

5.9CVSS7.1AI score0.00878EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•28 views

ROS-20240410-24

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...

7.5CVSS7.3AI score0.99995EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-02

Vulnerability in the HTTP/3 QUIC module of NGINX Plus, NGINX OSS web servers that allows an attacker to cause a denial of service. denial of service Vulnerability of ngxhttpv3module module of NGINX and NGINX Plus servers is related to memory usage after its release. memory after it has been freed...

7.5CVSS7AI score0.01061EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-03

A vulnerability in the Libvirt virtualization management library is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.5CVSS7AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•32 views

ROS-20240410-18

The vulnerability of Runc's isolated container launch tool is related to a flaw in the delimitations of the controlled area of the system. Exploitation of the vulnerability could allow an attacker to execute arbitrary code outside the isolated program environment by overwriting executable files...

8.6CVSS7.2AI score0.18087EPSS
Exploits18
Redos
Redos
•added 2024/04/10 12:0 a.m.•33 views

ROS-20240410-17

The vulnerability of the ImageBuild function of the Moby containerization software tool is related to a flaw in the data source validation mechanism for endpoint processing. is related to a flaw in the data source validation mechanism for endpoint processing. Exploitation of the vulnerability cou...

7.8CVSS7AI score0.00258EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•34 views

ROS-20240410-16

A vulnerability in the xmlValidatePopElement function of the XML Reader Interface component of the Libxml2 library is related to the memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a specially...

7.5CVSS7.1AI score0.01364EPSS
Exploits3
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-14

A vulnerability in the Django web application software platform is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•28 views

ROS-20240410-13

A vulnerability in the src/libgit2/revparse.c component of the C Libgit2 implementation of Git methods is related to an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

9.8CVSS8.6AI score0.01546EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•26 views

ROS-20240410-01

Apache Tomcat application server vulnerability is related to lack of service data protection. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...

7.5CVSS7.4AI score0.01116EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-04

The vulnerability of the aresreadline function of the C-ares asynchronous DNS query library is related to the operation exceeding the buffer boundaries in memory. beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of servi...

5.5CVSS7.2AI score0.00349EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•50 views

ROS-20240410-09

A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted resource allocation in the creation of a DNS zone. complexity and unrestricted resource allocation when creating a DNS zone. Exploitation of...

7.5CVSS7.1AI score0.99995EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•19 views

ROS-20240410-07

A vulnerability in the Podman OCI container management and startup software tool is related to errors in the in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate their privileges...

8.6CVSS7.2AI score0.0049EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-19

The MinIO object storage server vulnerability is related to flaws in access differentiation based on the UpdateServiceAccountAdminAction policy. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges...

8.8CVSS7.5AI score0.34086EPSS
Exploits4
Redos
Redos
•added 2024/04/10 12:0 a.m.•29 views

ROS-20240410-10

Vulnerability of vmm-sys-util module set is related to the lack of checking if the length, stored in the header matches the length of the flexible array. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

9.8CVSS7.1AI score0.00652EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•34 views

ROS-20240410-05

The vulnerability of the Moby containerization software tool is related to the lack of validation of received requests. no validation of received requests. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain unauthorized access to protected information...

7.5CVSS7.2AI score0.0075EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•31 views

ROS-20240410-11

The vulnerability of the Grub2 operating system boot loader is related to incomplete clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

3.3CVSS7.1AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•23 views

ROS-20240410-22

Vulnerability of chroot build environment manager for creating RPM packages Mock is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.3AI score0.01552EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•28 views

ROS-20240410-15

A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS7.1AI score0.00563EPSS
Exploits1
Redos
Redos
•added 2024/04/10 12:0 a.m.•24 views

ROS-20240410-12

The vulnerability in the SAML PySAML2 standard is related to the XML signature packaging variant, as it does not validate the SAML document against the XML schema. Exploitation of the vulnerability could allow an attacker, remotely bypass signature validation and gain access to protected informat...

6.5CVSS7.2AI score0.01078EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•22 views

ROS-20240410-06

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...

5.3CVSS6.9AI score0.00922EPSS
Exploits0
Redos
Redos
•added 2024/04/10 12:0 a.m.•25 views

ROS-20240410-08

A vulnerability in the function bfdmachogetsyntheticsymtab match-o.c of the GNU software development tool Binutils is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service or other impact...

7.8CVSS7.1AI score0.00461EPSS
Exploits1
Total number of security vulnerabilities8162