Lucene search
K

8162 matches found

Redos
Redos
•added 2024/04/09 12:0 a.m.•25 views

ROS-20240409-05

Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...

7.5CVSS7.1AI score0.00976EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•25 views

ROS-20240409-08

A vulnerability in the cpStripToTile function tools/tiffcp.c of the LibTIFF library is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00399EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•43 views

ROS-20240409-06

A vulnerability in SaltStack Salt's configuration management and remote operations execution system is related to receiving multiple bad packets to the server equal to the number of worker threads, Salt will stop responding back requests before restarting. Exploitation of the vulnerability could...

7.8CVSS7.8AI score0.03332EPSS
Exploits1
Redos
Redos
•added 2024/04/09 12:0 a.m.•24 views

ROS-20240409-14

A vulnerability in the protectdir pamnamespace.so function of the Linux-PAM authentication module is related to incorrect cleanup or release of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.5CVSS7.3AI score0.00455EPSS
Exploits1
Redos
Redos
•added 2024/04/09 12:0 a.m.•22 views

ROS-20240409-09

Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...

5.5CVSS7AI score0.00432EPSS
Exploits5
Redos
Redos
•added 2024/04/09 12:0 a.m.•46 views

ROS-20240409-11

Vulnerability in the WatchAnalytics extension of the hypertext environment implementation software tool MediaWiki is related to XSS exploitation using the Special:PageStatistics page parameter. Exploitation The exploitation of the vulnerability could allow a remote attacker to perform cross-site...

6.1CVSS5.9AI score0.00474EPSS
Exploits7
Redos
Redos
•added 2024/04/09 12:0 a.m.•35 views

ROS-20240409-12

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Eclipse Jetty servlet container vulnerability is related to errors in processi...

9.8CVSS8AI score0.1593EPSS
Exploits2
Redos
Redos
•added 2024/04/09 12:0 a.m.•11 views

ROS-20240409-19

Vulnerability of nfconntrackdccppacket function of net/netfilter/nfconntrackprotodccp.c module of Linux kernel is related to memory overrun. of Linux operating system is related to memory overrun. Exploitation of the vulnerability could allow an intruder to gain access to protected information...

7.5CVSS6.7AI score0.00976EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•20 views

ROS-20240409-03

Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

6.2CVSS7AI score0.00437EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•8 views

ROS-20240409-18

Vulnerability of ImageMagick console graphical editor is related to memory usage after memory freeing when processing BMP files. when processing BMP files. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

6.2CVSS6.5AI score0.00437EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•49 views

ROS-20240409-02

Vulnerability of the hmac.comparedigest function of the Lib/hmac.py library of the programming language interpreter Python is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker acting remotely to escalate thei...

9.8CVSS7.3AI score0.04268EPSS
Exploits4
Redos
Redos
•added 2024/04/09 12:0 a.m.•24 views

ROS-20240409-16

MariaDB spiderdbmbase::printwarnings function vulnerability is related to pointer dereferencing errors. pointer dereferencing errors. Exploitation of the vulnerability allows a remote intruder to cause a denial of service. service...

6.5CVSS7.2AI score0.01486EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•29 views

ROS-20240409-17

Vulnerability of linebytessplit function src/split.c of GNU Core Utilities GNU Coreutils is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.5AI score0.0049EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•27 views

ROS-20240409-15

Vulnerability of the GnuTLS transport layer cryptographic library is related to errors in verification of the of cryptographic signatures. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01408EPSS
Exploits1
Redos
Redos
•added 2024/04/09 12:0 a.m.•23 views

ROS-20240409-13

A vulnerability in the python-eventlet library of the OpenStack Platform cloud building platform is related to incorrect resource sweeping or freeing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•23 views

ROS-20240409-07

A vulnerability in the shadow-utils package is related to requesting the password twice and not clearing the memory buffer. Exploitation of the vulnerability could allow an attacker to gain access to the device...

5.5CVSS7.5AI score0.00257EPSS
Exploits0
Redos
Redos
•added 2024/04/09 12:0 a.m.•20 views

ROS-20240409-10

A vulnerability in IEEE 1609.2 plug-in dissector of Wireshark computer network traffic analyzer is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in GVCP dissector of Wireshark computer...

7.8CVSS7AI score0.01823EPSS
Exploits2
Redos
Redos
•added 2024/04/09 12:0 a.m.•34 views

ROS-20240409-04

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/09 12:0 a.m.•33 views

ROS-20240409-01

A vulnerability in the urllib.parse component of the Python programming language interpreter is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass URL blocking starting with empty characters A vulnerability in the Python...

7.5CVSS7AI score0.20459EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•14 views

ROS-20240408-22

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS7.5AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•39 views

ROS-20240408-14

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

6.2CVSS7.1AI score0.00514EPSS
Exploits2
Redos
Redos
•added 2024/04/08 12:0 a.m.•25 views

ROS-20240408-05

RFC3164 analyzer vulnerability of Syslog-ng log processing utility is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service denial of service...

7.5CVSS7AI score0.02383EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•28 views

ROS-20240408-12

Vulnerability in src/gif.imageio/gifinput.cpp file of OpenImageIO image processing library is related to the ability to write beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

7.5CVSS6.9AI score0.0119EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•33 views

ROS-20240408-08

Vulnerability of xorg-x11-server package is related to memory usage after it is freed when processing Button Action objects. Button Action objects. Exploitation of the vulnerability could allow an attacker to elevate his privileges and execute arbitrary code in root context The xorg-server packag...

7.8CVSS7.4AI score0.01631EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•28 views

ROS-20240408-10

GNU FriBidi library vulnerability is caused by a buffer overflow on the stack. Exploiting the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in the fribidicaprtltounicode function of the GNU FriBidi library is caused by a buffer overflow in dynamic...

7.8CVSS8.5AI score0.00508EPSS
Exploits3
Redos
Redos
•added 2024/04/08 12:0 a.m.•24 views

ROS-20240408-09

GdkPixbuf image loading library vulnerability is related to writing beyond buffer boundaries. Exploitation exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service via a specially crafted GIF file. A...

8.8CVSS7.8AI score0.02346EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-16

A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...

5.3CVSS6.9AI score0.01073EPSS
Exploits2
Redos
Redos
•added 2024/04/08 12:0 a.m.•48 views

ROS-20240408-15

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-01

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the...

8.8CVSS6.6AI score0.00804EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-21

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS7.3AI score0.02598EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-17

Vulnerability in Flask-Security-Too security management tool is related to URL redirection to an untrusted site when processing the "next" request parameter. to an untrusted site when processing the "next" request parameter. Exploitation of the vulnerability could allow an attacker acting remotel...

6.1CVSS6.8AI score0.01079EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•12 views

ROS-20240408-25

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-20

A vulnerability in the smtp service of the Exim mail server is related to the injection of email messages with a spoofed MAIL FROM address, which allows bypassing the SPF protection mechanism. spoofed MAIL FROM address, which allows to bypass SPF protection mechanism. Exploitation of the...

5.3CVSS5.6AI score0.01072EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•32 views

ROS-20240408-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...

6.1CVSS6.8AI score0.02782EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•29 views

ROS-20240408-03

Vulnerability of derivatespatiallumavectorprediction function of h.265 Libde265 video codec implementation is related to with the ability to write beyond buffer boundaries in memory. Exploiting the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity an...

8.8CVSS7.6AI score0.00874EPSS
Exploits3
Redos
Redos
•added 2024/04/08 12:0 a.m.•20 views

ROS-20240408-07

A vulnerability in the Gstreamer module of the LibreOffice office suite exists due to failure to take measures to neutralize special elements. to neutralize special elements. Exploitation of the vulnerability could allow an attacker, acting remotely. remotely to run arbitrary Gstreamer plug-ins...

8.8CVSS8AI score0.01017EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•25 views

ROS-20240408-06

A vulnerability in the HID Profile Human Interface Device interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to an access control flaw. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and execute arbitrar...

6.3CVSS8.2AI score0.07879EPSS
Exploits8
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-13

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•10 views

ROS-20240408-24

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•25 views

ROS-20240408-04

Vulnerability of cttsboxread function of Golang programming language is related to resource release errors. resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the file src/mediatools/avilib.c of the GPAC multimedia platform, is relat...

9.8CVSS7.8AI score0.01121EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•22 views

ROS-20240408-18

A vulnerability in the makeftpcmd component of the ProFTPD FTP server is related to a single-byte read outside the of the allowed range. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.7AI score0.04249EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•28 views

ROS-20240408-19

A vulnerability in the file include/logging/RightsLogFormatter.php of a software tool for implementing the MediaWiki hypertext environment is related to incorrect input neutralization during the creation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting...

6.1CVSS6.1AI score0.00681EPSS
Exploits1
Redos
Redos
•added 2024/04/08 12:0 a.m.•11 views

ROS-20240408-23

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

5.9CVSS6.2AI score0.9378EPSS
Exploits4
Redos
Redos
•added 2024/04/08 12:0 a.m.•26 views

ROS-20240408-02

A vulnerability in the net/html library of the Go programming language exists due to a failure to take measures to protect the structure of a web page. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct cross-site scripting attacks...

6.1CVSS6.4AI score0.00843EPSS
Exploits0
Redos
Redos
•added 2024/04/08 12:0 a.m.•6 views

ROS-20250117-02

Vulnerability of xorg-server package is related to created requests to RRChangeProviderProperty or RRChangeOutputProperty causing integer overflow. RRChangeOutputProperty causing an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to disclose sensitive...

7.8CVSS7.4AI score0.01631EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•210 views

ROS-20240505-13

A vulnerability in the Wikibase extension of the MediaWiki hypertext environment implementation software tool is related to the lack of restrictions on the speed of merging elements no. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and...

7.5CVSS6.6AI score0.22699EPSS
Exploits4
Redos
Redos
•added 2024/04/05 12:0 a.m.•36 views

ROS-20240405-11

Vulnerability of the flushrefsamples function of the GPAC multimedia platform is related to incorrect use of dynamic memory during program operation. use of dynamic memory during program operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.8CVSS6.6AI score0.00684EPSS
Exploits5
Redos
Redos
•added 2024/04/05 12:0 a.m.•25 views

ROS-20240405-04

A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS9.1AI score0.02107EPSS
Exploits0
Redos
Redos
•added 2024/04/05 12:0 a.m.•27 views

ROS-20240405-01

A vulnerability in the fs/ntfs.c component of the Grub2 operating system boot loader is related to a buffer overflow in the dynamic memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the Trace View panel of the Grafana web data...

7.8CVSS7.7AI score0.00536EPSS
Exploits2
Redos
Redos
•added 2024/04/05 12:0 a.m.•28 views

ROS-20240405-05

A vulnerability in the D-Bus interprocessor communication system is related to the ability of unprivileged users to crash the dbus-daemon. users to crash the dbus-daemon. Exploitation of the vulnerability could allow an intruder, acting remotely, to cause a denial of service...

6.5CVSS8.3AI score0.01417EPSS
Exploits1
Total number of security vulnerabilities8162