Lucene search
K

8244 matches found

Redos
Redos
•added 2022/06/20 12:0 a.m.•33 views

ROS-20220620-01

A vulnerability in the program monitoring the communication between the container manager and the conmon runtime environment is related to the fact that the application does not properly monitor the consumption of internal resources within the request ExecSync. Exploitation of the vulnerability...

7.8CVSS7.5AI score0.02827EPSS
Exploits1
Redos
Redos
•added 2022/06/08 12:0 a.m.•45 views

ROS-20220608-01

The vulnerability of the ClamAV antivirus software package is related to a boundary error in the module of database loading signatures. Exploitation of the vulnerability could allow an attacker acting remotely to transfer specially crafted data to an application, cause a buffer overflow in dynami...

8.6CVSS7.6AI score0.0663EPSS
Exploits0
Redos
Redos
•added 2022/06/01 12:0 a.m.•38 views

ROS-20220131-01

Vulnerability in the ptp4l service of the LinuxPTP precision time protocol PTP implementation software is caused by an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, cause the application to crash as a result of creatin...

8.8CVSS8.2AI score0.02955EPSS
Exploits0
Redos
Redos
•added 2022/05/30 12:0 a.m.•21 views

ROS-20220530-01

A vulnerability in the Vim text editor is related to boundary conditions in the getonesourceline function. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file, cause a read error outside the boundary conditions, and...

7.8CVSS7.4AI score0.00373EPSS
Exploits0
Redos
Redos
•added 2022/05/30 12:0 a.m.•62 views

ROS-20220530-03

Vulnerability of Array method of Mozilla Firefox and Mozilla Firefox ESR browsers and Thunderbird mail client is related to code generation errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary JavaScript code. remotely to execute arbitrary...

8.8CVSS8.8AI score0.26709EPSS
Exploits0
Redos
Redos
•added 2022/05/30 12:0 a.m.•30 views

ROS-20220530-02

Vulnerabilities in the Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck components of the PostgreSQL database management system are related to a maintenance error in one component. pgamcheck components of PostgreSQL database management system are related to...

8.8CVSS9AI score0.12403EPSS
Exploits0
Redos
Redos
•added 2022/05/30 12:0 a.m.•43 views

ROS-20220530-04

Vulnerability of Array method of Mozilla Firefox and Mozilla Firefox ESR browsers and Thunderbird mail client is related to code generation errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary JavaScript code. remotely to execute arbitrary...

8.8CVSS8.8AI score0.26709EPSS
Exploits0
Redos
Redos
•added 2022/05/25 12:0 a.m.•46 views

ROS-20220525-01

A vulnerability in the Vim text editor is related to a boundary error when processing unreliable input data. Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into to open a specially crafted file and initiate unauthorized writing and execution of...

7.8CVSS8.3AI score0.03104EPSS
Exploits11
Redos
Redos
•added 2022/05/24 12:0 a.m.•68 views

ROS-20220524-01

OpenSSL cryptographic library vulnerability is related to incorrect input validation in the script crehash. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary OS commands with script privileges A vulnerability in the OpenSSL cryptographic library is...

10CVSS7.9AI score0.83223EPSS
Exploits5
Redos
Redos
•added 2022/05/24 12:0 a.m.•62 views

ROS-20220524-03

The cURL command-line utility vulnerability is related to the -no-clobber toolkit, which is used in conjunction with --remove-on-error. Exploitation of the vulnerability could allow an attacker acting remotely, trick the victim into connecting to a malicious server and forcing the command-line to...

8.1CVSS7AI score0.03453EPSS
Exploits5
Redos
Redos
•added 2022/05/24 12:0 a.m.•33 views

ROS-20220524-02

A vulnerability in the lightweight DNS, DHCP, and TFTP server Dnsmasq is related to a memory usage error after a release when processing DHCPv6 requests. Exploitation of the vulnerability could allow an attacker, acting remotely, send specially crafted DHCPv6 packets to a vulnerable application,...

7.5CVSS7.3AI score0.01487EPSS
Exploits0
Redos
Redos
•added 2022/05/24 12:0 a.m.•60 views

ROS-20220524-04

The vulnerability in the Moodle course management system is due to a problem in the logic used to count of failed login attempts. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the account lockout threshold. remotely to bypass the account lockout threshold A...

9.8CVSS7.3AI score0.04881EPSS
Exploits1
Redos
Redos
•added 2022/05/24 12:0 a.m.•5 views

ROS-20220524-21

The cURL command-line utility vulnerability is related to a bug in the HSTS implementation that could allow curl to continue using the HTTP protocol instead of HTTPS if the hostname in the specified URL used an endpoint but did not use it when building the HSTS cache. Exploitation of the...

7.5CVSS7.1AI score0.02596EPSS
Exploits5
Redos
Redos
•added 2022/05/18 12:0 a.m.•63 views

ROS-20220518-03

A vulnerability in the pjproject multimedia communication library is related to an infinite loop when parsing a of a WAV file. Exploitation of the vulnerability could allow an attacker acting remotely to consume all available system resources and cause denial of service conditions A vulnerability...

9.8CVSS8.5AI score0.02303EPSS
Exploits1
Redos
Redos
•added 2022/05/18 12:0 a.m.•52 views

ROS-20220518-02

A vulnerability in Mozilla Thunderbird email client is related to incorrect processing of user input data when processing signed and encrypted attached messages. user input when processing signed and encrypted attached messages. Exploitation exploitation of the vulnerability could allow a remote...

9.8CVSS8.4AI score0.01005EPSS
Exploits3
Redos
Redos
•added 2022/05/18 12:0 a.m.•58 views

ROS-20220518-01

A vulnerability in the Mozilla Firefox browser is related to improper permission management in the application. Exploitation of the vulnerability could allow an attacker acting remotely to create a web page that Bypasses the existing browser hint and inherits top-level permissions improperly The...

9.8CVSS8.8AI score0.01005EPSS
Exploits3
Redos
Redos
•added 2022/05/16 12:0 a.m.•18 views

ROS-20220516-10

A vulnerability in the evdevlogmsg function of the libinput library's implementation of the X.Org and Wayland display server protocols is related to the use of uncontrolled format strings. Wayland is related to the use of uncontrolled format strings. Exploitation of the vulnerability could allow ...

7.8CVSS8.3AI score0.00364EPSS
Exploits0
Redos
Redos
•added 2022/05/16 12:0 a.m.•69 views

ROS-20220516-09

Vulnerability in the cURL command line utility is related to OAUTH2 connection reuse errors for SASL-enabled protocols such as SMPTPS, IMAPS, POP3S, and LDAPS openldap only. Exploitation of the vulnerability could allow an attacker acting remotely to reuse the OAUTH2 authenticated connections...

8.1CVSS7.4AI score0.03425EPSS
Exploits4
Redos
Redos
•added 2022/05/16 12:0 a.m.•60 views

ROS-20220516-06

A vulnerability in the high-level Ruby programming language is related to a type conversion bug in the some conversion methods, such as KernelFloat and Stringtof. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted data to a vulnerable application,...

9.8CVSS9.1AI score0.04127EPSS
Exploits0
Redos
Redos
•added 2022/05/16 12:0 a.m.•28 views

ROS-20220516-08

A vulnerability in the libxml2 XML document parsing library is related to an integer overflow in several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted multi-gigabyte XML file to...

6.5CVSS8.4AI score0.0363EPSS
Exploits5
Redos
Redos
•added 2022/05/16 12:0 a.m.•27 views

ROS-20220516-07

A vulnerability in the implementation of the xsxprtfree function of the Sun RPC Open Network Computing Remote Procedure Call kernel of Linux operating systems is related to state management errors. state management errors. Exploitation of the vulnerability could allow an attacker to cause a denia...

7.8CVSS7.3AI score0.004EPSS
Exploits0
Redos
Redos
•added 2022/05/16 12:0 a.m.•14 views

ROS-20220516-01

A vulnerability in shelljs, an implementation of Unix shell commands on top of the Node.js API, is related to the fact that the application does not properly enforce security restrictions. Exploitation of the vulnerability could allow an attacker to bypass security restrictions and escalate...

7.1CVSS7.3AI score0.00427EPSS
Exploits1
Redos
Redos
•added 2022/05/16 12:0 a.m.•64 views

ROS-20220516-04

Vulnerability of QuerySet.explain function of Django web application software platform is related to failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity and availability o...

9.8CVSS9.2AI score0.18516EPSS
Exploits3
Redos
Redos
•added 2022/05/16 12:0 a.m.•28 views

ROS-20220516-03

A vulnerability in the zipxlzmaaloneinit function of the libarchive archiving library is related to reading beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, disclose protected information or cause a denial of service...

6.5CVSS6.7AI score0.01877EPSS
Exploits1
Redos
Redos
•added 2022/05/16 12:0 a.m.•59 views

ROS-20220516-11

Vim text editor vulnerability is related to NULL pointer dereferencing error in function vimregexecstring in regexp.c. Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into accessing the Vim text editor. remotely, trick the victim into opening a speciall...

7.8CVSS8.2AI score0.02481EPSS
Exploits2
Redos
Redos
•added 2022/05/16 12:0 a.m.•25 views

ROS-20220516-02

A vulnerability in the gzip library is related to errors in file name processing. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files to the system using the command-line utilities zgrep and xzgrep command line utilities...

8.8CVSS8.9AI score0.04271EPSS
Exploits0
Redos
Redos
•added 2022/05/16 12:0 a.m.•68 views

ROS-20220516-05

A vulnerability in the Git distributed version control system is related to the fact that the uninstaller binary downloads DLLs in an unsafe manner from the current working directory. uninstaller binary loads DLLs in an insecure manner from the current working directory. Exploitation of the...

7.8CVSS8.3AI score0.01403EPSS
Exploits0
Redos
Redos
•added 2022/05/16 12:0 a.m.•5 views

ROS-20220516-30

Vulnerability in the cURL command line utility is related to OAUTH2 connection reuse errors for SASL-enabled protocols such as SMPTPS, IMAPS, POP3S, and LDAPS openldap only. Exploitation of the vulnerability could allow an attacker acting remotely to reuse the OAUTH2 authenticated connections...

8.1CVSS7.3AI score0.03425EPSS
Exploits4
Redos
Redos
•added 2022/04/13 12:0 a.m.•73 views

ROS-20220413-01

Vulnerability in drivers/usb/gadget/composite.c driver of Linux kernel is related to an operation exceeding the memory buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in the implementatio...

9.1CVSS7.9AI score0.06197EPSS
Exploits31
Redos
Redos
•added 2022/04/12 12:0 a.m.•50 views

ROS-20220412-01

Vim text editor vulnerability, related to a boundary error in file processing. Exploitation vulnerability could allow a remote attacker to trick a victim into opening a specially crafted file, causing memory corruption and executing arbitrary code on the target system. a specially crafted file,...

8.8CVSS8.7AI score0.01622EPSS
Exploits2
Redos
Redos
•added 2022/04/12 12:0 a.m.•57 views

ROS-20220412-03

Vulnerability in Mozilla Thunderbird email client, related to a memory freeing error when processing HTML content after the VR process is destroyed. Exploitation of the vulnerability could allow an attacker, acting remotely, create a specially crafted web page, trick the victim into opening it,...

8.8CVSS8.3AI score0.1446EPSS
Exploits7
Redos
Redos
•added 2022/04/12 12:0 a.m.•58 views

ROS-20220412-02

Vulnerability in Mozilla Firefox browser, due to the fact that regex for Rust does not control properly internal resource consumption when parsing unreliable input data. Exploitation of the vulnerability could allow a remote attacker to pass specially crafted data to an application and perform a...

8.8CVSS8.3AI score0.1446EPSS
Exploits7
Redos
Redos
•added 2022/04/07 12:0 a.m.•31 views

ROS-20220407-02

Vim text editor vulnerability, related to memory usage error after release in function utfptr2char in regexpbt.c. Exploitation of the vulnerability could allow an attacker acting remotely, trick a victim into opening a specially crafted file, raise a post-release usage error, and execute arbitrar...

7.8CVSS8.5AI score0.01462EPSS
Exploits1
Redos
Redos
•added 2022/04/07 12:0 a.m.•31 views

ROS-20220407-01

Vulnerability of libsndfile audio file reading and writing library is related to memory leak in function cafreadheader. Exploitation of the vulnerability could allow an attacker acting remotely to force an application to incorrectly free memory before deleting the last link and executing an attac...

8.2AI score
Exploits0
Redos
Redos
•added 2022/04/07 12:0 a.m.•85 views

ROS-20220407-03

A vulnerability in the Python client library is related to insufficient validation of user input data in the FTP File Transfer Protocol library when used in PASV passive mode in the FTP File Transfer Protocol library when it is used in PASV passive mode. Exploitation the vulnerability could allow...

7.5CVSS6.7AI score0.08325EPSS
Exploits1
Redos
Redos
•added 2022/04/05 12:0 a.m.•34 views

ROS-20220405-01

A vulnerability in the Python Paramiko implementation of the SSHv2 protocol, is related to the race condition in the function writeprivatekeyfile between create and chmod operations. Exploitation of the vulnerability could allow an an attacker to exploit the race condition and gain unauthorized...

5.9CVSS6.1AI score0.0208EPSS
Exploits1
Redos
Redos
•added 2022/03/30 12:0 a.m.•36 views

ROS-20220330-01

Vulnerability in the network block device implementation client library libnbd, related to the mechanism of error handling mechanism in the nbdcopy tool when executing multithreaded copies using asynchronous nbd nbd calls. Exploitation of the vulnerability could allow an attacker acting remotely ...

4.8CVSS5.7AI score0.00788EPSS
Exploits1
Redos
Redos
•added 2022/03/30 12:0 a.m.•68 views

ROS-20220330-02

Vulnerability in the XML streaming parser library libexpat, related to an integer integer overflow in doProlog function, allowing a remote attacker to pass specially crafted data to an application, cause an integer overflow, and execute arbitrary code in the target application. specially crafted...

9.8CVSS9.5AI score0.04525EPSS
Exploits0
Redos
Redos
•added 2022/03/29 12:0 a.m.•57 views

ROS-20220329-01

A vulnerability in the zlib data compression library is related to incorrect limitation of operations within the memory buffer due to insufficient validation of user input during data compression. memory due to insufficient validation of user-entered data during data compression. Exploitation...

7.5CVSS7.2AI score0.51733EPSS
Exploits1
Redos
Redos
•added 2022/03/29 12:0 a.m.•44 views

ROS-20220329-04

Vulnerability in nbd network block device implementation, related to stack-based buffer overflow during NBDOPTINFO or NBDOPTGO messages. Exploitation of the vulnerability could allow an attacker, acting remotely and not authenticated, to pass specially crafted data to an application, causing a...

9.8CVSS9.7AI score0.0347EPSS
Exploits3
Redos
Redos
•added 2022/03/29 12:0 a.m.•64 views

ROS-20220329-02

Vulnerability in the Moodle course management system, related to insufficient cleansing of user data in the Badges criteria code. Exploitation of the vulnerability could allow an attacker acting remotely, send a specially crafted query to the affected application and execute arbitrary SQL command...

8.8CVSS6.9AI score0.00898EPSS
Exploits0
Redos
Redos
•added 2022/03/29 12:0 a.m.•22 views

ROS-20220329-03

Vulnerability in the implementation of OpenVPN virtual private network technology due to a bug in the processing of authentication requests in external authentication plugins, when more than one of them uses delayed authentication responses. deferred authentication responses. Exploitation of the...

9.8CVSS9.2AI score0.03519EPSS
Exploits0
Redos
Redos
•added 2022/03/24 12:0 a.m.•37 views

ROS-20220324-01

Vulnerability of cgroupreleaseagentwrite function kernel/cgroup/cgroup-v1.c of Linux kernel is related to lack of privilege control when setting releaseagent. Linux kernel is related to lack of privilege control when setting releaseagent. Exploiting the vulnerability could allow an attacker to...

7.8CVSS7.7AI score0.05528EPSS
Exploits12
Redos
Redos
•added 2022/03/24 12:0 a.m.•35 views

ROS-20220324-02

A vulnerability in the QEMU emulator is related to an incorrect implementation of the QEMU shared file system daemon virtio-fs virtiofsd. Exploitation of the vulnerability could allow an attacker, in a guest OS, to create files in directories shared by virtio-fs, with unintended group ownership i...

7.8CVSS7.4AI score0.00332EPSS
Exploits0
Redos
Redos
•added 2022/03/23 12:0 a.m.•14 views

ROS-20220323-01

A vulnerability in the phpMyAdmin web interface for DBMS administration is related to the application's excessive output of data in the "lang" and "pmaparameter" parameters and in the cookie section. data in the "lang", "pmaparameter" parameters and cookie section. Exploitation of the vulnerabili...

7.5CVSS7.4AI score0.01245EPSS
Exploits0
Redos
Redos
•added 2022/03/23 12:0 a.m.•67 views

ROS-20220323-02

A vulnerability in the glibc system library is related to a boundary error in the clntcreate function in module sunrpc module. Exploitation of the vulnerability could allow an attacker acting remotely to pass specially crafted input data to an application using a vulnerable version of the library...

9.8CVSS9.3AI score0.04729EPSS
Exploits3
Redos
Redos
•added 2022/03/22 12:0 a.m.•58 views

ROS-20220322-01

Vulnerability in Mozilla Thunderbird email client, related to a memory usage error upon release when processing HTML content. Exploitation of the vulnerability could allow an attacker, acting remotely, to activate the post-release usage by forcing text to be recomposed in a SVG object and executi...

9.6CVSS8AI score0.00931EPSS
Exploits4
Redos
Redos
•added 2022/03/22 12:0 a.m.•51 views

ROS-20220322-02

A vulnerability in the libarchive archiving library is related to a symbolic link when extracting files from an archive. Exploitation of the vulnerability could allow an attacker to create a specially crafted symbolic link to a critical file on the system, place it in an archive, and change the...

7.8CVSS7.9AI score0.00367EPSS
Exploits0
Redos
Redos
•added 2022/03/18 12:0 a.m.•26 views

ROS-20220318-02

The vulnerability of OpenSSL function BNmodsqrt is related to execution of a loop without sufficiently limiting the number of its executions. limit the number of times it can be executed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.8AI score0.70561EPSS
Exploits2
Redos
Redos
•added 2022/03/18 12:0 a.m.•26 views

ROS-20220318-03

A vulnerability in the Polkit library is related to process file descriptor exhaustion in polkit. Exploitation exploitation of the vulnerability could allow an attacker to perform a denial of service DoS attack...

5.5CVSS5.9AI score0.0053EPSS
Exploits1
Total number of security vulnerabilities8244