Lucene search
K

8244 matches found

Redos
Redos
•added 2023/01/27 12:0 a.m.•39 views

ROS-20230127-02

Vim text editor vulnerability is related to NULL pointer dereferencing error in function guix11createblankmouse in guix11.c. Exploiting the vulnerability could allow an attacker, remotely, trick the victim into opening a specially crafted file and performing a denial-of-service attack DoS. "denia...

7.8CVSS8.2AI score0.00555EPSS
Exploits1
Redos
Redos
•added 2023/01/24 12:0 a.m.•41 views

ROS-20230124-05

A vulnerability in the X Pixmap XPM libXpm image file library is related to an infinite loop when processing unclosed comments in XPM images in the ParseComment function. loop when processing unclosed comments in XPM images in the ParseComment function. Exploitation The vulnerability could allow ...

8.8CVSS8.8AI score0.01273EPSS
Exploits2
Redos
Redos
•added 2023/01/24 12:0 a.m.•34 views

ROS-20230124-04

The vulnerability in the Mozilla Firefox browser is due to the fact that a deprecated library libusrsctp contained a vulnerability that could potentially be exploited. vulnerabilities that could potentially be exploited. Exploitation of the vulnerability could allow an attacker acting remotely to...

8.8CVSS7.2AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2023/01/24 12:0 a.m.•26 views

ROS-20230127-01

A vulnerability in the Mozilla Thunderbird email client is related to the fact that the browser's full-screen notification could have been delayed or suppressed, which could lead to data spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to direct a user to a...

8.8CVSS7.2AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2023/01/24 12:0 a.m.•34 views

ROS-20230124-01

Vulnerability of sudoedit function of Sudo system administration program is related to errors in processing of additional arguments in environment variables. additional arguments in environment variables. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate...

7.8CVSS7.9AI score0.55367EPSS
Exploits20
Redos
Redos
•added 2023/01/24 12:0 a.m.•37 views

ROS-20230124-02

Vim text editor vulnerability is related to an incorrect memory access error with collapsing and using "L" in the src/normal.c function. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a buffer overflow and denial of service...

7.8CVSS7.8AI score0.00467EPSS
Exploits1
Redos
Redos
•added 2023/01/24 12:0 a.m.•25 views

ROS-20230124-03

Vulnerability of LibTIFF set of libraries and utilities for viewing, editing and converting TIFF files is related to the processCropSelections function of the tools/tiffcrop.c file of the TIFF Image Handler component. Exploitation of the vulnerability could allow an attacker acting remotely to se...

5.5CVSS6.3AI score0.00461EPSS
Exploits1
Redos
Redos
•added 2023/01/17 12:0 a.m.•35 views

ROS-20230117-02

A vulnerability in the Open vSwitch software tiered switch is related to loss of integer significance when parsing Auto Attach TLVs. integer when parsing Auto Attach TLVs. Exploitation of the vulnerability could allow an attacker acting remotely to send specially crafted LLDP messages. remotely,...

9.8CVSS9.3AI score0.01324EPSS
Exploits0
Redos
Redos
•added 2023/01/17 12:0 a.m.•28 views

ROS-20230117-01

Simple DirectMedia Layer SDL multimedia library vulnerability is related to a memory leak in the function GLESCreateTexture in the render/opengles/SDLrendergles.c file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak and execute a denial of service...

7.5CVSS7.5AI score0.01265EPSS
Exploits0
Redos
Redos
•added 2023/01/12 12:0 a.m.•80 views

ROS-20230112-02

A vulnerability in the Vim text editor is related to a boundary error in the msgputsprintf0 function in message.c. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a heap buffer overflow, and execute arbitra...

7.8CVSS8.2AI score0.00518EPSS
Exploits3
Redos
Redos
•added 2023/01/12 12:0 a.m.•84 views

ROS-20230112-01

A vulnerability in the Squid caching proxy server is related to inconsistent processing of internal URIs. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL manager protections and gain access to cache manager information, which includes records about the...

6.5CVSS7.1AI score0.0169EPSS
Exploits0
Redos
Redos
•added 2022/12/29 12:0 a.m.•24 views

ROS-20221229-02

A vulnerability in the Mozilla Firefox browser is related to the fact that a process can partially exit the sandbox and read arbitrary files using IPC messages associated with the clipboard. Exploitation of the of the vulnerability could allow an attacker acting remotely to open a given source an...

8.6CVSS9.1AI score0.00772EPSS
Exploits0
Redos
Redos
•added 2022/12/29 12:0 a.m.•26 views

ROS-20221229-03

A vulnerability in the Mozilla Thunderbird email client is related to the fact that a process can partially exit the sandbox and read arbitrary files using IPC messages associated with the clipboard. Exploitation of the vulnerability could allow an attacker acting remotely to open a given source...

8.6CVSS9.1AI score0.00772EPSS
Exploits0
Redos
Redos
•added 2022/12/29 12:0 a.m.•22 views

ROS-20221229-01

A vulnerability in the GdkPixbuf image processing library is related to a heap buffer overflow when composing or clearing frames in GIF files in the io-gif-animation.ccompositeframe file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to a...

7.8CVSS8.4AI score0.00748EPSS
Exploits1
Redos
Redos
•added 2022/12/27 12:0 a.m.•33 views

ROS-20221227-02

A vulnerability in the PJSIP multimedia library is related to a boundary error in the decoding of STUN messages. Exploitation of the vulnerability could allow an attacker acting remotely to transmit a specially crafted STUN message to an application, cause a heap buffer overflow, and execute...

9.8CVSS9.5AI score0.01026EPSS
Exploits0
Redos
Redos
•added 2022/12/27 12:0 a.m.•19 views

ROS-20221227-01

Vulnerability of the library providing functions for X.509 LibKSBA certificates is related to the integer overflow in the CRL parser. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow and execute...

9.8CVSS9.8AI score0.0155EPSS
Exploits2
Redos
Redos
•added 2022/12/23 12:0 a.m.•34 views

ROS-20221223-01

The containerd container runtime vulnerability is related to a bug in the CRI containerd thread server when handling terminal resize events. Exploitation of the vulnerability could allow an attacker, acting remotely, to query the TTY and cause it to crash by sending an invalid command and running...

6.5CVSS7AI score0.01022EPSS
Exploits0
Redos
Redos
•added 2022/12/22 12:0 a.m.•5 views

ROS-20221222-22

A vulnerability in the cURL command-line utility is related to a bounds error in parsing the .netrc file. Exploitation vulnerability could allow an attacker acting remotely to transfer a specially crafted file, cause a stack-based buffer overflow, and perform a denial of service DoS attack The cU...

9.8CVSS7.1AI score0.04325EPSS
Exploits2
Redos
Redos
•added 2022/12/22 12:0 a.m.•36 views

ROS-20221222-04

A vulnerability in the PHP programming language interpreter is related to boundary conditions in the function imageloadfont. Exploitation of the vulnerability could allow an attacker acting remotely to pass the specially crafted data to a web application, cause a read error outside of the boundar...

7.1CVSS8.2AI score0.02197EPSS
Exploits3
Redos
Redos
•added 2022/12/22 12:0 a.m.•45 views

ROS-20221222-01

A vulnerability in the audinsendopen function of the xrdp server is related to the possibility of a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a remote machine Vulnerability in devredirprocclientdevlistannouncereq function ...

9.8CVSS9.5AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2022/12/22 12:0 a.m.•13 views

ROS-20221222-05

A vulnerability in the compiling Twig template handler exists due to failure to take measures to neutralize the special elements. Exploitation of the vulnerability could allow an attacker acting remotely, affect the confidentiality, integrity and availability of protected information by running...

9.8CVSS6.9AI score0.08209EPSS
Exploits3
Redos
Redos
•added 2022/12/22 12:0 a.m.•45 views

ROS-20221222-03

A vulnerability in the Moodle course management system is related to insufficient validation of user-entered data in the LTI vendor library. data in the LTI vendor's library. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and tri...

9.1CVSS6.9AI score0.01352EPSS
Exploits0
Redos
Redos
•added 2022/12/22 12:0 a.m.•74 views

ROS-20221222-02

A vulnerability in the cURL command-line utility is related to a bounds error in parsing the .netrc file. Exploitation vulnerability could allow an attacker acting remotely to transfer a specially crafted file, cause a stack-based buffer overflow, and perform a denial of service DoS attack The cU...

6.5CVSS8AI score0.01761EPSS
Exploits1
Redos
Redos
•added 2022/12/20 12:0 a.m.•68 views

ROS-20221220-01

A vulnerability in the ath9khtcwaitfortarget function of the Atheros wireless adapter driver of the kernel of the operating system Linux kernel is associated with a post-release usage error. Exploitation of the vulnerability could allow an attacker to access kernel memory by typing a specially...

8.8CVSS8AI score0.05542EPSS
Exploits18
Redos
Redos
•added 2022/12/16 12:0 a.m.•37 views

ROS-20221216-01

A vulnerability in the libarchive archiving library is related to the lack of error checking after the call to the calloc function, which may return with a NULL pointer in case of a function crash, resulting in a NULL pointer dereference. resultant dereferencing of the NULL pointer. Exploitation ...

9.8CVSS8.8AI score0.01936EPSS
Exploits0
Redos
Redos
•added 2022/12/16 12:0 a.m.•37 views

ROS-20221216-02

A vulnerability in the Rsync file transfer and synchronization utility is related to authorization errors. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files...

7.4CVSS8.7AI score0.0165EPSS
Exploits1
Redos
Redos
•added 2022/12/07 12:0 a.m.•36 views

ROS-20221207-01

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS9.8AI score0.1593EPSS
Exploits1
Redos
Redos
•added 2022/12/07 12:0 a.m.•25 views

ROS-20221207-02

VLC media player vulnerability, related to a boundary error when playing a malicious URL in the vnc module. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into opening a specially crafted stream, causing memory corruption, and executing arbitrary...

7.8CVSS7.8AI score0.00649EPSS
Exploits1
Redos
Redos
•added 2022/11/29 12:0 a.m.•14 views

ROS-20220531-01

A vulnerability in the CUPS print server is related to a flaw in the authorization procedure. Exploiting the vulnerability could allow an attacker to escalate their privileges...

7.2CVSS6.9AI score0.00579EPSS
Exploits0
Redos
Redos
•added 2022/11/23 12:0 a.m.•43 views

ROS-20221123-01

The vulnerability of qfbufaddline function of Vim text editor is related to memory usage after its release. Exploitation of the vulnerability may allow an intruder to affect the confidentiality, integrity and availability of protected information Vulnerability of the inscompladd function of the...

7.8CVSS7.8AI score0.01302EPSS
Exploits4
Redos
Redos
•added 2022/11/22 12:0 a.m.•29 views

ROS-20221122-01

Vulnerability of muttdecodeuuencoded function implementation in Mutt mail client is related to operation overflow out of memory buffer boundaries. Exploitation of the vulnerability could allow a remote intruder gain unauthorized access to protected information or cause a denial of service...

5.3CVSS6.1AI score0.01711EPSS
Exploits2
Redos
Redos
•added 2022/11/21 12:0 a.m.•59 views

ROS-20221121-02

A vulnerability in the FreeRDP remote desktop protocol implementation is related to the fact that there is no range check for the input offset index in the ZGFX decoder. Exploitation of the vulnerability could allow an attacker acting remotely to read the associated data and attempt to decode it...

5.7CVSS5.7AI score0.00967EPSS
Exploits0
Redos
Redos
•added 2022/11/21 12:0 a.m.•49 views

ROS-20221121-03

Vulnerability of ImageMagick graphic editor is related to integer overflow in function ExportIndexQuantum in MagickCore/quantum-export.c. Exploitation of the vulnerability could allow an attacker, acting remotely, to pass specially crafted image data to an application, cause an integer overflow a...

7.8CVSS7.7AI score0.01542EPSS
Exploits1
Redos
Redos
•added 2022/11/21 12:0 a.m.•23 views

ROS-20221121-01

A vulnerability in the plugins/sudoers/auth/passwd.c file of the Sudo system administration program is related to the following the ability to read outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.1CVSS7AI score0.00271EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•33 views

ROS-20221118-05

A vulnerability in Mozilla Thunderbird email client is related to a memory usage error after a release in the InputStream implementation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a victim to visit a specially crafted website, trigger a post-release usage...

6.5CVSS8.8AI score0.00696EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•26 views

ROS-20221118-01

A vulnerability in the LibTIFF set of libraries and utilities for viewing, editing and converting TIFF files is related to the TIFFReadRGBATileExt function of the libtiff/tifgetimage.c file Exploitation of the vulnerability could allow an attacker acting remotely to send a special file and perfor...

8.8CVSS8.4AI score0.01237EPSS
Exploits1
Redos
Redos
•added 2022/11/18 12:0 a.m.•20 views

ROS-20221118-02

A vulnerability in the MPEG-4 GPAC system standard implementation is related to the svgparsepreserveaspectratio in the scenegraph/svgattributes.c file of the SVG Parser component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak. an attacker acting...

6.5CVSS6.6AI score0.00937EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•43 views

ROS-20221118-04

A vulnerability in Mozilla Firefox browser is related to a post-release memory usage error in the InputStream implementation. Exploitation of the vulnerability could allow an attacker acting remotely, to force a victim to visit a specially crafted website, trigger a post-release usage error and...

6.5CVSS8.7AI score0.00696EPSS
Exploits0
Redos
Redos
•added 2022/11/18 12:0 a.m.•29 views

ROS-20221118-03

The vulnerability of Pixman library's rasterizeedges8 function is related to the possibility of writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS8.8AI score0.0144EPSS
Exploits1
Redos
Redos
•added 2022/11/10 12:0 a.m.•62 views

ROS-20221110-01

A vulnerability in the libxml2 XML document parsing library is related to an integer overflow in parse.c during content processing when the XMLPARSEHUGE parameter is set. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to the application,...

7.8CVSS8.7AI score0.22791EPSS
Exploits2
Redos
Redos
•added 2022/11/09 12:0 a.m.•51 views

ROS-20221009-01

A vulnerability in the Exiv2 image metadata management library and command-line utility is related to the QuickTimeVideo::userDataDecoder function of the quicktimevideo.cpp file of the QuickTime Video Handler component. Exploitation of the vulnerability could allow an attacker acting remotely to...

7.5AI score
Exploits0
Redos
Redos
•added 2022/11/08 12:0 a.m.•4 views

ROS-20221108-21

The cURL command line utility vulnerability is related to a boundary error when processing non-200 HTTP responses proxies for the following schemes: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, telnet. Exploitation vulnerability could allow an attacker acting remotely to cause a bug by forcin...

8.1CVSS7AI score0.02927EPSS
Exploits0
Redos
Redos
•added 2022/11/08 12:0 a.m.•72 views

ROS-20221108-01

A vulnerability in the cURL command line utility is related to an error in parsing URLs with IDN characters that are replaced by ASCII analogs during IDN conversion. Exploitation of the vulnerability could allow an attacker acting remotely to bypass curl's HSTS inspection and force it to Use the...

8.1CVSS8.5AI score0.02927EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•42 views

ROS-20221103-03

A vulnerability in the Apache Batik XML SVG graphics rendering, generation, and management library is related to the fact that, the application allows Java classes to be run via JavaScript. Exploitation of the vulnerability could allow an attacker acting remotely to use JavaScript to execute a Ja...

7.5CVSS8.1AI score0.0232EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•26 views

ROS-20221103-01

Vim text editor vulnerability is related to memory release error in qfupdatebuffer function in the quickfix.c file of the autocmd Handler component. Exploitation of the vulnerability could allow an attacker, acting remotely, trick the victim into opening a specially crafted file, causing a progra...

7.5CVSS8.1AI score0.01196EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•31 views

ROS-20221103-04

Libtasn1 library vulnerability is related to ETYPEOK error in asn1encodesimpleder function. Exploitation The vulnerability could allow an attacker acting remotely, passing specially crafted data, cause a one-by-one error, and perform a denial-of-service DoS attack...

9.1CVSS8.8AI score0.02062EPSS
Exploits1
Redos
Redos
•added 2022/11/03 12:0 a.m.•27 views

ROS-20221103-05

Vulnerability of the ntfs-3g utility of the NTFS-3G driver set of the NTFS file system implementation is related to errors in metadata processing. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00347EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•35 views

ROS-20221103-02

PJSIP multimedia library vulnerability is related to a buffer overflow error in the PJSIP parser PJSIP parser, PJMEDIA RTP decoder and PJMEDIA SDP parser. Exploitation of the vulnerability could allow an attacker acting remotely to cause a flow failure and gain access to potentially sensitive...

9.8CVSS9.3AI score0.01084EPSS
Exploits0
Redos
Redos
•added 2022/11/03 12:0 a.m.•56 views

ROS-20221103-06

Apache Tomcat application server vulnerability is related to incorrect implementation of read/write locking. writes. Exploitation of the vulnerability could allow an attacker acting remotely to cause a concurrency error and force client connections to share an instance of Http11Processor...

7.5CVSS7.1AI score0.10997EPSS
Exploits15
Redos
Redos
•added 2022/10/28 12:0 a.m.•43 views

ROS-20221028-01

Exim mail server vulnerability is related to the dmarcdnslookup function of the dmarc.c file of the DMARC handler component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory freeing and gain access to sensitive data Exim mail server vulnerability is...

9.8CVSS7.6AI score0.03661EPSS
Exploits0
Total number of security vulnerabilities8244