Lucene search
K

8181 matches found

Redos
Redos
•added 2024/04/03 12:0 a.m.•7 views

ROS-20240402-19

A vulnerability in the VMware Tools suite for Windows operating systems is related to a flaw in the authorization procedure. of authorization. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges VMware Tools s utility suite vulnerability is relate...

7.5CVSS6.9AI score0.00667EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•14 views

ROS-20240402-23

A vulnerability in the --fragment option of OpenVPN software is related to the initiation of division by zero. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in OpenVPN software is related to memory handling errors. Exploitatio...

9.8CVSS6.8AI score0.01982EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•22 views

ROS-20240402-22

Moodle virtual learning environment vulnerability is related to lack of additional comment cleanup Wiki. Exploitation of the vulnerability could allow an attacker acting remotely to perform a cross-site scripting attacks XSS A vulnerability in the Moodle virtual learning environment is related to...

9.8CVSS6.5AI score0.0137EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•21 views

ROS-20230403-14

The ZeroMQ asynchronous messaging library vulnerability is related to causing a stack buffer overflow on the server by sending specially crafted topic subscription requests and then unsubscribing. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial o...

9.8CVSS6.8AI score0.01602EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•6 views

ROS-20240328-18

A vulnerability in Apache Tomcat application server is related to URL redirection to an untrusted site. Exploitation of the vulnerability could allow a remote attacker to redirect a user to an arbitrary URL. arbitrary URL...

6.1CVSS7AI score0.05972EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•8 views

ROS-20240402-20

A vulnerability in the Cargo package manager of the Rust programming language is associated with incorrect verification of the of the cryptographic signature. Exploitation of the vulnerability could allow an attacker acting remotely, affect the integrity of protected information via SSH protocol...

5.9CVSS6.6AI score0.00649EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•10 views

ROS-20240402-21

Vulnerability of the OpenSC smart card software toolkit and libraries is related to a memory vulnerability during card registration using pkcs15-init. memory vulnerabilities during card registration using pkcs15-init. Exploitation of the vulnerability could allow an attacker to affect the...

6.6CVSS7.4AI score0.01174EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•25 views

ROS-20240403-16

A vulnerability in the TCP modules of the Rsyslog log processing software utility is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS7AI score0.03821EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•25 views

ROS-20240403-12

A vulnerability in the Range header analysis component of the modular interface between web servers and the Rack web applications is related to the creation of input data that could cause the analysis of the Content-Disposition header in Rack to take an unexpected amount of time...

7.5CVSS6.7AI score0.01626EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•33 views

ROS-20240403-13

Vulnerability of OpenIdAuthenticator class of Eclipse Jetty servlet container is related to flaws in the of the authentication procedure when processing the LoginService parameter. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

4.3CVSS7.1AI score0.00753EPSS
Exploits1
Redos
Redos
•added 2024/04/03 12:0 a.m.•29 views

ROS-20240403-09

Vulnerability of the peekforas4capability function of the software tool for implementing network routing on Unix-like systems FRRouting is related to flaws in the use of the assert function. Unix-like systems FRRouting is related to flaws in using assert function. Exploitation The vulnerability...

7.5CVSS7.3AI score0.02152EPSS
Exploits3
Redos
Redos
•added 2024/04/03 12:0 a.m.•60 views

ROS-20240403-11

Vulnerability in the urllib3 module of the Python programming language interpreter is related to the lack of protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information...

4.2CVSS6.5AI score0.00544EPSS
Exploits0
Redos
Redos
•added 2024/04/03 12:0 a.m.•25 views

ROS-20240403-15

Vulnerability of alloca and strdup functions of Systemd service initialization and management subsystem is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in systemd-tmpfiles of the Systemd...

6.1CVSS7.1AI score0.0865EPSS
Exploits4
Redos
Redos
•added 2024/04/03 12:0 a.m.•56 views

ROS-20240403-01

A vulnerability in the column.title and cellLinkTooltip components of the Grafana web-based data presentation tool is related to insufficient protection of the web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges A vulnerability in t...

9.8CVSS8.2AI score0.68603EPSS
Exploits9
Redos
Redos
•added 2024/04/02 12:0 a.m.•37 views

ROS-20240402-02

A vulnerability in the CRI-O container mechanism is related to experimental annotation, causing the the container becomes unrestricted. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS6.6AI score0.00859EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•38 views

ROS-20240402-17

A vulnerability in the net/http package of the Go programming language is related to information disclosure. vulnerability could allow a remote attacker to disclose protected information. A vulnerability in the cmd-go component of the Go programming language is related to public data transmission...

7.5CVSS7.1AI score0.02758EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-13

Vulnerability in picparameterset::dump function of h.265 Libde265 video codec implementation is related to multiple buffer overflows via numtilecolumns and numtilerow parameters. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.1CVSS6.8AI score0.00979EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•52 views

ROS-20240402-12

A vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to update any personal or global external storage, making it inaccessible to everyone else. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass existing...

9.8CVSS6.6AI score0.0095EPSS
Exploits4
Redos
Redos
•added 2024/04/02 12:0 a.m.•26 views

ROS-20240402-11

A vulnerability in the Extractattributes component of mediatools/m3u8.c:329 of the GPAC multimedia platform is related to a with a lack of memory release after an effective lifetime. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A...

7.1CVSS6.7AI score0.00309EPSS
Exploits2
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-05

Vulnerability of TiXmlDeclaration::Parse function in tinyxmlparser.cpp component of TinyXML XML-parser is related to the use of assert operator when processing 0 character after space. using assert operator when processing 0 character after a space. Exploitation vulnerability could allow an...

7.5CVSS6.7AI score0.01372EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-01

A vulnerability in the PMIx process control interface is related to the execution of library code with UID 0. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.1CVSS7.2AI score0.01121EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-03

A vulnerability in the Redis database management system DBMS involves integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS7.6AI score0.02582EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•48 views

ROS-20240402-07

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/04/02 12:0 a.m.•50 views

ROS-20240402-08

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/04/02 12:0 a.m.•36 views

ROS-20240402-10

A vulnerability in the NetScreen file parser of Wireshark, a computer network traffic analyzer, is related to an operation exceeding buffer boundaries. operation out of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerabilit...

7.8CVSS6.8AI score0.03456EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•31 views

ROS-20240402-04

A vulnerability in the MemIOCallback.cpp file of the C++ libebml library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.01087EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•24 views

ROS-20240402-06

Vulnerability in the password protection mechanism of the Grub2 boot loader is related to the bypass of authentication by spoofing. Exploitation of the vulnerability could allow an attacker to bypass established access control...

6.8CVSS6.9AI score0.00542EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•21 views

ROS-20240402-15

A vulnerability in the virtuoso-opensource web application development platform is related to the invocation of a denial of Denial of Service DoS using specially crafted SQL statements. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

8.8CVSS7.2AI score0.00894EPSS
Exploits5
Redos
Redos
•added 2024/04/02 12:0 a.m.•37 views

ROS-20240402-14

Vulnerability of a VPN packet based on IPSec strongSwan protocol is caused by a bug in the charon-tkm process with the key exchange IKE protocol implementation based on TKMv2 Trusted Key Manager. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.7AI score0.0229EPSS
Exploits0
Redos
Redos
•added 2024/04/02 12:0 a.m.•29 views

ROS-20240402-16

Vulnerability of loadpempkcs7certificates and loadderpkcs7certificates package cryptography functions is related to NULL pointer dereferencing and segment failure. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.00985EPSS
Exploits1
Redos
Redos
•added 2024/04/02 12:0 a.m.•34 views

ROS-20240402-09

A vulnerability in the loginpassword component of the FreeIpa server is related to sending user requests, that can perform actions on behalf of the user. Exploitation of the vulnerability could allow An attacker acting remotely to cause a loss of system confidentiality and integrity...

6.5CVSS6.6AI score0.0057EPSS
Exploits0
Redos
Redos
•added 2024/04/01 12:0 a.m.•28 views

ROS-20240401-04

HAProxy server software vulnerability is related to forwarding empty headers Content-Length. Exploitation of the vulnerability could allow an attacker acting remotely to perform an HTTP request smuggling attack. an HTTP request smuggling attack...

7.2CVSS7AI score0.01815EPSS
Exploits1
Redos
Redos
•added 2024/04/01 12:0 a.m.•27 views

ROS-20240401-03

A vulnerability in the CRI-O container mechanism is related to adding arbitrary lines to /etc/passwd using a a specially crafted environment variable. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of the CRI-O...

7.8CVSS6.7AI score0.00266EPSS
Exploits0
Redos
Redos
•added 2024/04/01 12:0 a.m.•46 views

ROS-20240401-01

Vulnerability of idedmacb function of QEMU hardware emulator is related to synchronization errors when processing the DRQSTAT parameter. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, or delete data or cause a denial of service Vulnerability in the...

10CVSS7.8AI score0.01401EPSS
Exploits0
Redos
Redos
•added 2024/04/01 12:0 a.m.•39 views

ROS-20240401-02

A vulnerability in the DHgeneratekey function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow a remote attacker, cause a denial of service...

5.3CVSS7AI score0.04459EPSS
Exploits0
Redos
Redos
•added 2024/04/01 12:0 a.m.•32 views

ROS-20240401-05

A vulnerability in the NVIDIA Tegra XUSB Pad driver of the Linux kernel is related to pointer dereferencing errors. in pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS6.5AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•48 views

ROS-20240329-01

A vulnerability in the vim text editor is related to improper handling of exceptional conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service The vim text editor vulnerability is related to an attempt by vim to access an already freed structure window...

4.3CVSS7.2AI score0.00749EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•19 views

ROS-20240329-17

A vulnerability in the sdhci.c component of the QEMU hardware emulator is related to a single offset. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.6CVSS6.9AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•27 views

ROS-20240329-04

ASP.NET Core software platform vulnerability is due to security configuration errors. Exploitation The exploitation of the vulnerability may allow an intruder to disclose protected information...

6.2CVSS7AI score0.01085EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•37 views

ROS-20240329-05

Vulnerability in the vim text editor is related to the use of an insecure search path. Exploitation exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the vimregsubboth function of the vim text editor is caused by a buffer overflow in dynamic...

7.8CVSS8.5AI score0.00624EPSS
Exploits4
Redos
Redos
•added 2024/03/29 12:0 a.m.•34 views

ROS-20240329-10

Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...

9.8CVSS9.5AI score0.03796EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•40 views

ROS-20240329-06

The vulnerability in the WebAudio component of Google Chrome and Microsoft Edge browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using a specially crafted HTML page A vulnerability in the...

8.8CVSS7.7AI score0.30339EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•32 views

ROS-20240329-15

A vulnerability in the lsi53c895a.c component of the QEMU hardware emulator is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsidiskreset function hw/scsi/scsi-disk.c of the...

6.5CVSS7.3AI score0.0114EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•37 views

ROS-20240329-13

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.1AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•38 views

ROS-20240329-11

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

8.8CVSS9.5AI score0.04322EPSS
Exploits0
Redos
Redos
•added 2024/03/29 12:0 a.m.•43 views

ROS-20240329-02

A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.6005EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•67 views

ROS-20240329-07

A vulnerability in the Picture-in-Picture PiP technology of the Google Chrome browser is related to errors in the presentation of errors in the presentation of information by the user interface. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct spoofing attack...

8.8CVSS8.4AI score0.07094EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•18 views

ROS-20240329-08

The Engrampa archive manager vulnerability is related to the lack of symbolic link location checking, which leads to arbitrary writing of files to unintended locations. Exploitation of the vulnerability could allow an attacker acting remotely to upload files to arbitrary locations on the system...

9.6CVSS7AI score0.01652EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•74 views

ROS-20240329-20

Vulnerability in the virNWFilterObjListNumOfNWFilters method of the Libvirt virtualization management library is due to with insufficient blocking. Exploitation of the vulnerability allows an attacker acting remotely, cause a denial of service Vulnerability in virStoragePoolLookupByTargetPath API...

6.5CVSS5.3AI score0.01366EPSS
Exploits1
Redos
Redos
•added 2024/03/29 12:0 a.m.•30 views

ROS-20240329-19

A vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to the unrestricted resource allocation, Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.01812EPSS
Exploits0
Total number of security vulnerabilities8181