Lucene search
K

8244 matches found

Redos
Redos
•added 2022/10/25 12:0 a.m.•29 views

ROS-20221025-02

A vulnerability in the Redis database management system DBMS is associated with the sigsegvHandler function of the debug.c file of the Crash Report component. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

3.3CVSS5.1AI score0.00573EPSS
Exploits1
Redos
Redos
•added 2022/10/25 12:0 a.m.•43 views

ROS-20221025-04

Mozilla Thunderbird email client vulnerability is related to a boundary error in the engine's garbage collector JS. Exploitation of the vulnerability could allow an attacker acting remotely to create a customized website, trick the victim into opening it, cause memory corruption, and execute...

8.8CVSS8AI score0.0083EPSS
Exploits0
Redos
Redos
•added 2022/10/25 12:0 a.m.•45 views

ROS-20221025-03

A vulnerability in Mozilla Firefox browser is related to improper management of internal resources in the application when processing window.print events. application when handling window.print events. Exploitation of the vulnerability could allow an attacker, acting remotely, trick a victim into...

8.8CVSS8.3AI score0.0083EPSS
Exploits0
Redos
Redos
•added 2022/10/25 12:0 a.m.•14 views

ROS-20221025-01

A vulnerability in the specialized shapelib library is related to a double memory release in the contrib/shpsort.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other unspecified impact by controlling malloc...

9.8CVSS8.9AI score0.01239EPSS
Exploits1
Redos
Redos
•added 2022/10/20 12:0 a.m.•29 views

ROS-20221020-01

Vulnerability of the library providing functions for X.509 LibKSBA certificates is related to the integer overflow in the CRL parser. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow and execute...

9.8CVSS9.7AI score0.01635EPSS
Exploits1
Redos
Redos
•added 2022/10/20 12:0 a.m.•34 views

ROS-20221020-02

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to a problem analyzing binary data. Exploitation of the vulnerability could allow an attacker acting remotely to send data containing multiple instances of non-repeating embedded messages to the application's...

7.5CVSS7.6AI score0.01048EPSS
Exploits0
Redos
Redos
•added 2022/10/17 12:0 a.m.•44 views

ROS-20221017-01

A vulnerability in the FreeRDP remote desktop protocol implementation is related to the disclosure of uninitialized data on unix systems when using the /parallel command line switch. uninitialized data on unix systems when using the /parallel command line switch. Exploitation of the vulnerability...

7.5CVSS7.5AI score0.00985EPSS
Exploits0
Redos
Redos
•added 2022/10/17 12:0 a.m.•16 views

ROS-20221017-02

The Open Asset Import Library Assimp 3D model import library vulnerability is related to a segmentation violation via the Assimp::XFileImporter::CreateMeshes component. segmentation via Assimp::XFileImporter::CreateMeshes component. Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS6.2AI score0.00624EPSS
Exploits1
Redos
Redos
•added 2022/10/13 12:0 a.m.•27 views

ROS-20221013-03

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

8CVSS7.9AI score0.0152EPSS
Exploits0
Redos
Redos
•added 2022/10/13 12:0 a.m.•10 views

ROS-20221013-04

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

8CVSS7.5AI score0.0152EPSS
Exploits0
Redos
Redos
•added 2022/10/13 12:0 a.m.•7 views

ROS-20221013-06

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

8CVSS7.5AI score0.0152EPSS
Exploits0
Redos
Redos
•added 2022/10/13 12:0 a.m.•7 views

ROS-20221013-05

A vulnerability in the PostgreSQL database management system is related to errors when using OR commands extensions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges and replace arbitrary objects in the database...

8CVSS7.5AI score0.0152EPSS
Exploits0
Redos
Redos
•added 2022/10/13 12:0 a.m.•56 views

ROS-20221013-02

The vulnerability in the Moodle course management system is related to the fact that the H5P attempted action report does not group permissions are not taken into account when displaying to non-editing teachers information about attempts/users in groups to which they should not have access. about...

9.8CVSS7.1AI score0.49102EPSS
Exploits2
Redos
Redos
•added 2022/10/13 12:0 a.m.•57 views

ROS-20221013-01

A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug builds caused by a syntactically invalid type signature with improperly nested brackets and curly braces. Exploitation of the vulnerability could allow an attacker to execute a...

6.5CVSS7.8AI score0.0131EPSS
Exploits3
Redos
Redos
•added 2022/10/07 12:0 a.m.•33 views

ROS-20221007-03

Vim text editor vulnerability is related to a memory release error in the function didsetstringoption of the optionstr.c file. Exploitation of the vulnerability could allow an attacker, acting remotely, trick the victim into opening a specially crafted file, crashing the program, and executing...

7.8CVSS8.1AI score0.00489EPSS
Exploits1
Redos
Redos
•added 2022/10/07 12:0 a.m.•28 views

ROS-20221007-02

Vulnerability of lighttpd web server is related to memory leak in modfastcgi and modscgi modules while processing a large number of incorrect HTTP requests. a large number of malformed HTTP requests. Exploiting the vulnerability could allow an attacker, acting remotely, send multiple invalid HTTP...

7.5CVSS7.4AI score0.02714EPSS
Exploits4
Redos
Redos
•added 2022/10/07 12:0 a.m.•42 views

ROS-20221007-01

The cURL command line utility vulnerability is related to how cookies with control codes byte values less than 32 are processed. codes byte values less than 32. Exploitation of the vulnerability could allow an attacker acting remotely to send a cookie containing such control codes to a remote use...

3.7CVSS6.3AI score0.01839EPSS
Exploits1
Redos
Redos
•added 2022/10/07 12:0 a.m.•44 views

ROS-20221007-05

Firefox browser vulnerability is related to a bounds error in HTML content processing. Exploitation The vulnerability could allow a remote attacker to create a customized website, trick the victim into opening it, cause memory corruption, and execute arbitrary code on the target system. the victi...

8.8CVSS9AI score0.01342EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•45 views

ROS-20221007-04

Vulnerabilities in Firefox, Firefox ESR web browsers and Thunderbird email client are related to errors in the in the presentation of information by the user interface. Exploitation of the vulnerability could allow An attacker acting remotely could disclose protected information Vulnerability in...

8.8CVSS8.7AI score0.01342EPSS
Exploits0
Redos
Redos
•added 2022/10/07 12:0 a.m.•4 views

ROS-20221007-21

The cURL command line utility vulnerability is related to how cookies with control codes byte values less than 32 are handled. codes byte values less than 32. Exploitation of the vulnerability could allow an attacker acting remotely to send a cookie containing such control codes to a remote user...

3.7CVSS7.2AI score0.01839EPSS
Exploits1
Redos
Redos
•added 2022/10/04 12:0 a.m.•46 views

ROS-20221004-01

Vim text editor vulnerability is related to a boundary error during file processing in the function exfinally in exeval.c. Exploitation of the vulnerability could allow an attacker acting remotely, create a special file, force the victim to open it, cause memory corruption, and execute arbitrary...

7.8CVSS7.4AI score0.0082EPSS
Exploits4
Redos
Redos
•added 2022/10/04 12:0 a.m.•14 views

ROS-20221004-02

Vulnerability of lighttpd web server is related to a null pointer dereferencing error in modwstunnel module module when processing invalid HTTP requests. Exploitation of the vulnerability could allow an attacker, remotely, send specially crafted HTTP requests to a vulnerable web server and execut...

7.5CVSS7.3AI score0.0198EPSS
Exploits1
Redos
Redos
•added 2022/09/29 12:0 a.m.•28 views

ROS-20220929-02

A vulnerability in the Redis database management system DBMS XAUTOCLAIM command implementation is related to an integer overflow during COUNT argument processing. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

9.8CVSS9.7AI score0.02904EPSS
Exploits0
Redos
Redos
•added 2022/09/29 12:0 a.m.•70 views

ROS-20220929-01

BIND DNS server vulnerability is related to boundary conditions when reusing HTTP connection when requesting statistics from a statistics channel. Exploitation of the vulnerability could allow an attacker, acting remotely, using a managed DNS server to cause a read error outside the boundary...

8.2CVSS7.2AI score0.02299EPSS
Exploits0
Redos
Redos
•added 2022/09/26 12:0 a.m.•53 views

ROS-20220926-01

A vulnerability in the Vim text editor is related to a boundary error in the utfcptr2len function in mbyte. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a heap buffer overflow, and execute arbitrary code...

7.8CVSS8.2AI score0.00501EPSS
Exploits2
Redos
Redos
•added 2022/09/26 12:0 a.m.•22 views

ROS-20220926-02

Poppler PDF rendering library vulnerability is related to integer overflow in decoder JBIG2 in the JBIG2Stream::readTextRegionSeg function in JBIGStream.c. Exploitation of the vulnerability could allow an an attacker acting remotely to pass a specially crafted PDF file or image to an application...

7.8CVSS8AI score0.00574EPSS
Exploits1
Redos
Redos
•added 2022/09/20 12:0 a.m.•74 views

ROS-20220920-01

The grubscriptfunctioncreate function of the Grub configuration file has a vulnerability due to a function override error. function override error while this function is already executed. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its...

8.2CVSS7.9AI score0.01738EPSS
Exploits1
Redos
Redos
•added 2022/09/19 12:0 a.m.•82 views

ROS-20220919-01

A vulnerability in the Linux kernel's implementation of the CAN BCM protocol is caused by synchronization errors when utilizing a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges Vulnerability of the legacyparseparam function of the Linux...

9CVSS8.3AI score0.78684EPSS
Exploits68
Redos
Redos
•added 2022/09/14 12:0 a.m.•20 views

ROS-20220914-01

A vulnerability in the libConfuse configuration file parser library is related to a buffer overflow in the function cfgtildeexpand in confuse.c. Exploitation of the vulnerability could allow an attacker acting remotely, transmit a specially crafted file to the system, causing a buffer overflow an...

8.8CVSS8.6AI score0.01079EPSS
Exploits1
Redos
Redos
•added 2022/09/09 12:0 a.m.•33 views

ROS-20220909-01

A vulnerability in the vimvsnprintftypval function of the Vim text editor is related to the use of memory after it has been freed. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information Vim text editor vulnerability i...

7.8CVSS6.7AI score0.00787EPSS
Exploits5
Redos
Redos
•added 2022/09/08 12:0 a.m.•43 views

ROS-20220908-01

A vulnerability in the netfilter subsystem of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to escalate privileges and execute arbitrary code A vulnerability in the Linux kernel is related to the fact that when...

7.8CVSS8.2AI score0.12746EPSS
Exploits22
Redos
Redos
•added 2022/08/26 12:0 a.m.•49 views

ROS-20220826-01

A vulnerability in the phpurlparseex function of the PHP programming language interpreter is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow a remote attacker to launch an SSRF attack Vulnerability in the SOAP extension of the PHP interpreter...

9.8CVSS8.5AI score0.5838EPSS
Exploits8
Redos
Redos
•added 2022/08/24 12:0 a.m.•47 views

ROS-20220808-01

A vulnerability in the ActiveDirectory/DC database audit logging module of the Samba networking software suite is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Samba...

8.8CVSS7.4AI score0.01064EPSS
Exploits0
Redos
Redos
•added 2022/08/09 12:0 a.m.•30 views

ROS-20220721-02

A vulnerability in the Harfbuzz text conversion library involves an integer overflow in the hb-ot-shape-fallback.cc file. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to an application, cause an integer overflow, and cause the applicatio...

5.5CVSS5.8AI score0.01134EPSS
Exploits1
Redos
Redos
•added 2022/08/09 12:0 a.m.•34 views

ROS-20220721-01

Vulnerability in the ProcXkbSetGeometry call handler of X.Org Server is related to improper protection of the of signal strength warnings during request length processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code or escalate privileges A...

7.8CVSS8.4AI score0.00573EPSS
Exploits0
Redos
Redos
•added 2022/08/09 12:0 a.m.•24 views

ROS-20220804-01

A vulnerability in the Rust language standard library is related to the race condition in the std::fs::removedirall function. Exploitation of the vulnerability could allow an attacker acting remotely to achieve deletion of arbitrary system files and directories that an attacker would not normally...

7.3CVSS6.8AI score0.01376EPSS
Exploits1
Redos
Redos
•added 2022/07/19 12:0 a.m.•30 views

ROS-20220619-01

A vulnerability in the nftexprinit function net/netfilter/nftablesapi.c of the Netfilter packet filtering software of the Linux kernel is related to the possibility of memory usage after the packet filtering software has been installed. Netfilter packet filtering software of the Linux kernel is...

7.8CVSS7.7AI score0.02881EPSS
Exploits6
Redos
Redos
•added 2022/07/14 12:0 a.m.•27 views

ROS-20220714-01

A vulnerability in the BusyBox command line utility suite is related to incorrect input validation of PTR entries DNS records output in the netstat utility when run on a VT-compatible terminal. Exploitation vulnerability could allow an attacker acting remotely to trick the victim into launching t...

8.8CVSS8.9AI score0.03505EPSS
Exploits1
Redos
Redos
•added 2022/07/14 12:0 a.m.•26 views

ROS-20220714-02

A vulnerability in the passdb account database of the Dovecot mail server is related to errors in the configuration. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

8.8CVSS8.5AI score0.01748EPSS
Exploits1
Redos
Redos
•added 2022/07/06 12:0 a.m.•13 views

ROS-20220706-01

A vulnerability in the OpenSSH session encryption suite of programs is related to the fact that the application does not properly enforce security restrictions when the keyword parameter LogVerbose keyword parameter is enabled with a set of parameters that activate logging for an isolated process...

6.9AI score
Exploits0
Redos
Redos
•added 2022/07/06 12:0 a.m.•59 views

ROS-20220706-02

The Rubygem Rack web application development interface vulnerability is related to incorrect input validation when processing data transmitted through the Rack Lint middleware and CommonLogger middleware. Exploitation of the vulnerability could allow an attacker acting remotely to send specially...

10CVSS8.9AI score0.02056EPSS
Exploits0
Redos
Redos
•added 2022/07/05 12:0 a.m.•28 views

ROS-20220705-01

Caribou on-screen keyboard vulnerability, related to buffer overflow in XkbSetDeviceInfo and SetDeviceIndicators. Exploitation of the vulnerability could allow an attacker, when invoking the functionality of the the on-screen keyboard functionality from the screen keeper, crash libcaribou, crash...

7.8CVSS7.9AI score0.00336EPSS
Exploits0
Redos
Redos
•added 2022/07/01 12:0 a.m.•40 views

ROS-20220701-01

Vim text editor vulnerability is related to boundary conditions in textobject.c. Exploitation The vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a read error outside the boundaries, and read the memory contents. victim to open it, cau...

7.8CVSS8AI score0.02098EPSS
Exploits16
Redos
Redos
•added 2022/07/01 12:0 a.m.•41 views

ROS-20220701-03

Vulnerability in Mozilla Thunderbird email client is related to improper handling of sandbox header CSP without the "allow scripts" parameter. Exploitation of the vulnerability could allow an attacker acting remotely to use an iframe to bypass an implemented restriction. remotely, use an iframe t...

9.8CVSS8.5AI score0.23941EPSS
Exploits1
Redos
Redos
•added 2022/07/01 12:0 a.m.•35 views

ROS-20220701-02

A vulnerability in the Mozilla Firefox browser is related to improper handling of the CSP sandbox header without the the "allow scripts" parameter. Exploitation of the vulnerability could allow an attacker acting remotely to use an iframe to bypass an implemented CSP restriction and exploit it...

9.8CVSS8.5AI score0.23941EPSS
Exploits1
Redos
Redos
•added 2022/06/28 12:0 a.m.•29 views

ROS-20220628-03

A vulnerability in the Squid caching proxy server is related to assertion reachability when processing responses to the from the Gopher server. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted response to the proxy server and perform a denial o...

6.5CVSS6.6AI score0.0362EPSS
Exploits0
Redos
Redos
•added 2022/06/28 12:0 a.m.•15 views

ROS-20220628-02

A vulnerability in the Bluetooth protocol stack for Linux BlueZ is related to insufficient validation of user input during A2DP profile processing. user input during A2DP profile processing. Exploitation of the vulnerability could allow an attacker, remotely, transmit specially crafted data to th...

7.8AI score
Exploits0
Redos
Redos
•added 2022/06/28 12:0 a.m.•73 views

ROS-20220628-01

A vulnerability in the Apache HTTP web server is related to insufficient validation of user-entered data during the HTTP requests to the lua script that calls r:parsebody0. Exploitation of the vulnerability could allow an attacker acting remotely to send a very large HTTP request to a vulnerable...

9.8CVSS8.3AI score0.90407EPSS
Exploits2
Redos
Redos
•added 2022/06/22 12:0 a.m.•29 views

ROS-20220622-01

Vulnerability of the E2fsprogs service utility set is related to a boundary error when processing unreliable input data. Exploitation of the vulnerability could allow an attacker to exploit a specially crafted file system, run an out-of-bounds entry, and execute arbitrary code on the target syste...

7.8CVSS9AI score0.01382EPSS
Exploits0
Redos
Redos
•added 2022/06/22 12:0 a.m.•35 views

ROS-20220622-02

Vulnerability of the library implementing Perl PCRE2 style regular expressions is related to boundary conditions in the compilexclassmatchingpath function of the pcre2jitcompile.c file. conditions in the compilexclassmatchingpath function of the pcre2jitcompile.c file. Exploitation of the...

9.1CVSS8.9AI score0.02993EPSS
Exploits0
Total number of security vulnerabilities8244