Lucene search
K

8162 matches found

Redos
Redos
•added 2025/12/15 12:0 a.m.•6 views

ROS-20251215-7306

A vulnerability in the perl-Crypt-OpenSSL-RSA package of Red Hat Enterprise Linux operating systems is related to information disclosure through a mismatch. Exploitation of the vulnerability could allow an attacker acting remotely to implement the Bleichenbacher attack...

5.9CVSS6.3AI score0.00516EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•4 views

ROS-20251215-7309

Elasticsearch search engine vulnerability related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted SQL queries...

7.5CVSS7.3AI score0.00597EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•4 views

ROS-20251215-7308

Vulnerability in phpldapadmin related to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

2.1CVSS7.8AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•9 views

ROS-20251215-7307

A vulnerability in the GNU Wget download manager is related to insufficient server-side request validation. Exploitation of the vulnerability could allow a remote attacker to perform an SSRF, phishing or man-in-the-middle attack...

6.5CVSS6.9AI score0.0111EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•8 views

ROS-20251215-7314

A vulnerability in the Yelp help system is related to the inclusion of functions from an invalid controlled scope when processing documents using the ghelp schema. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information and execute...

7.4CVSS7.9AI score0.12592EPSS
Exploits1
Redos
Redos
•added 2025/12/15 12:0 a.m.•6 views

ROS-20251215-7312

Vulnerability in varnish related to flaws in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...

5.4CVSS6.9AI score0.00286EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•4 views

ROS-20251215-7310

Vulnerability in elasticsearch related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.00511EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•3 views

ROS-20251215-7313

A vulnerability in the cifs.upcall function of the CIFS cifs-utils network file system mount utility package is related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to disclose protected information...

5.9CVSS8.5AI score0.00149EPSS
Exploits0
Redos
Redos
•added 2025/12/15 12:0 a.m.•4 views

ROS-20251215-7311

Vulnerability in qt6-qtbase related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.8CVSS6.7AI score0.00343EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•8 views

ROS-20251203-04

A vulnerability in the cross-platform software development framework Qt is related to the fact that QStringConverter has an invalid pointer passed as a callback. Exploitation of the vulnerability could allow an attacker to bypass the implemented security restrictions...

6.5AI score
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•6 views

ROS-20251203-01

A vulnerability in the Lens component of Google Chrome browser is related to URL redirection to an untrusted website. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface with a specially crafted QR code. interface using a specially crafted QR code...

6.3CVSS6.5AI score0.00124EPSS
Exploits1
Redos
Redos
•added 2025/12/03 12:0 a.m.•8 views

ROS-20251203-03

A vulnerability in the JMX interface of the Apache Cassandra distributed database management system is related to a flaw in the deserialization mechanism. flaws in the deserialization mechanism. Exploitation of the vulnerability could allow an attacker to implement a man-in-the-middle...

5.4CVSS6.3AI score0.01056EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•14 views

ROS-20251203-02

A vulnerability in the Pulpcore component of the Pulp software package management platform Pulp is related to with a bug in the puppet-pulpcore configuration when using Gunicorn versions prior to 22.0. Exploitation of this vulnerability could allow an attacker acting remotely to bypass the...

9.8CVSS9.4AI score0.00814EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•15 views

ROS-20251203-05

A vulnerability in the Java library for handling Apache Commons Configuration files is related to the fact that, the application does not properly control internal resource consumption when loading a specially crafted configuration file. created configuration file. Exploitation of the vulnerabili...

6.5CVSS6AI score0.01663EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•7 views

ROS-20251203-08

The aiohttp HTTP client vulnerability is related to the fact that the final sections of an HTTP request are not analyzed. Exploitation of the vulnerability could allow an attacker acting remotely to perform spoofing attacks on HTTP requests. HTTP requests...

7.5CVSS7.5AI score0.00297EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•8 views

ROS-20251203-07

Vulnerability of C language module for signing and encryption of JSON objects latchset Jose is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS7.3AI score0.01383EPSS
Exploits1
Redos
Redos
•added 2025/12/03 12:0 a.m.•6 views

ROS-20251203-06

A vulnerability in Varnish web content caching software is related to incorrect HTTP/1 requests HTTP/1 request validation. Exploitation of the vulnerability could allow a remote attacker, Perform HTTP request spoofing attacks...

5.4CVSS5.7AI score0.003EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•10 views

ROS-20251203-09

A vulnerability in the ProxyCommand component of the OpenSSH cryptographic protection tool is related to the injection of a null byte %00 in the username string. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

3.6CVSS9.3AI score0.00113EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•7 views

ROS-20251203-17

Vulnerabilities in GLPI's computer hardware request, incident, and inventory system are related to insufficient cleansing of user-supplied data. Exploitation of the vulnerability could allow A remote attacker to use malicious code to steal recipient credentials mail...

7.5CVSS7AI score0.06576EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•23 views

ROS-20251203-15

Vulnerability in Go library for decoding common map values into structures and vice versa mapstructure is related to incorrect neutralization of output data for logs. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

5.3CVSS6.5AI score0.00357EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•5 views

ROS-20251203-16

A vulnerability in the Consul and Consul Enterprise service configuration tool is related to incorrect validation of the Content Length of the Content Length header. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in the Consul an...

6.5CVSS6.4AI score0.00402EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•10 views

ROS-20251203-18

Vulnerability of the cURL server communication software tool is related to errors in the host verification mechanism when using the wolfSSH-based backend. host verification mechanism when using wolfSSH-based backend. Exploitation of the vulnerability could allow an attacker acting remotely to...

4.3CVSS5.3AI score0.0039EPSS
Exploits1
Redos
Redos
•added 2025/12/03 12:0 a.m.•8 views

ROS-20251203-14

MongoDB database management system vulnerability is related to DDL operation execution during query execution. query execution. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.8AI score0.00246EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•9 views

ROS-20251203-19

Vulnerability in the Ruby programming language library that implements the MQTT protocol Rubygem MQTT is related to the lack of hostname validation. Exploitation of the vulnerability could allow A remote attacker to perform a man-in-the-middle attack...

7.4CVSS6.6AI score0.00343EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•8 views

ROS-20251203-20

A vulnerability in the setupLookaside function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

6.4AI score0.00047EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•65 views

ROS-20251203-13

A vulnerability in the checkout and pull functions of the Git extension for version control of large Git LFS files is related to incorrect definition of symbolic links during file access. Exploitation of the vulnerability could allow an attacker acting remotely to gain write access to arbitrary...

8.6CVSS4.7AI score0.00707EPSS
Exploits0
Redos
Redos
•added 2025/12/03 12:0 a.m.•8 views

ROS-20251203-12

A vulnerability module in the Perl programming language YAML::Syck is related to the boundary conditions in token.c. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. potentially sensitive information...

9.1CVSS8.9AI score0.00368EPSS
Exploits1
Redos
Redos
•added 2025/12/03 12:0 a.m.•18 views

ROS-20251203-10

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

9.1CVSS7.2AI score0.03092EPSS
Exploits4
Redos
Redos
•added 2025/12/03 12:0 a.m.•13 views

ROS-20251203-11

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

9.1CVSS7.2AI score0.03092EPSS
Exploits4
Redos
Redos
•added 2025/12/02 12:0 a.m.•5 views

ROS-20251202-01

Vulnerability of the v3dperfmondestroyioctl function of the v3dperfmon.c component of the Linux operating system kernel is related to insufficient input data verification. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS8.2AI score0.00167EPSS
Exploits0
Redos
Redos
•added 2025/12/02 12:0 a.m.•8 views

ROS-20251202-07

A vulnerability in the Google Chrome browser's DevTools web development toolkit is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the sandbox...

7.5CVSS6.9AI score0.00176EPSS
Exploits1
Redos
Redos
•added 2025/12/02 12:0 a.m.•6 views

ROS-20251202-09

A vulnerability in the Fullscreen component of the Google Chrome browser is related to presentation errors in the user interface in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely, spoof the user interface using a specially crafted HTML page...

4.3CVSS6.6AI score0.0018EPSS
Exploits1
Redos
Redos
•added 2025/12/02 12:0 a.m.•6 views

ROS-20251202-06

A vulnerability in the Autofill component of the Google Chrome browser is related to presentation errors in the user interface user interface. Exploitation of the vulnerability could allow an attacker acting remotely, spoof the user interface using a specially crafted HTML page...

4.3CVSS6.6AI score0.00171EPSS
Exploits0
Redos
Redos
•added 2025/12/02 12:0 a.m.•4 views

ROS-20251202-08

Vulnerability in the Dawn component of Google Chrome browser is related to writing beyond buffer boundaries. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to affect the accessibility of protected information...

7.5CVSS6.8AI score0.00176EPSS
Exploits1
Redos
Redos
•added 2025/12/02 12:0 a.m.•5 views

ROS-20251202-04

A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to reading outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to impact the availability of protected information Vulnerability in the WebApp Instal...

4.3CVSS6.4AI score0.00174EPSS
Exploits1
Redos
Redos
•added 2025/12/02 12:0 a.m.•6 views

ROS-20251202-05

A vulnerability in the DevTools component of the Google Chrome browser is related to an access control flaw in an isolated environment. of an isolated environment. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the sandbox protection mechanism. sandbox...

5.4CVSS6.9AI score0.00144EPSS
Exploits1
Redos
Redos
•added 2025/12/02 12:0 a.m.•10 views

ROS-20251202-03

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the Downloa...

8.8CVSS7.2AI score0.00276EPSS
Exploits5
Redos
Redos
•added 2025/12/02 12:0 a.m.•6 views

ROS-20251202-02

Vulnerability of recvmsg function of Linux kernel is related to buffer copying without input data verification. input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability of tlsrxmsgsize function of tls component of...

9.8CVSS5.9AI score0.08942EPSS
Exploits2
Redos
Redos
•added 2025/12/01 12:0 a.m.•3 views

ROS-20251201-04

Vulnerability of the lpfcelsretrydelay function of the drivers/scsi/lpfc/lpfcels.c module of the operating system kernel of Linux is related to improper resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of bloomfilter.c,...

7.8CVSS6.8AI score0.0047EPSS
Exploits0
Redos
Redos
•added 2025/12/01 12:0 a.m.•11 views

ROS-20251201-03

A vulnerability in the Linux kernel NVMe driver is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the nvmetreqcomplete function in the drivers/nvme/target/tcp.c module of the NVMe...

7.5CVSS6.5AI score0.01549EPSS
Exploits0
Redos
Redos
•added 2025/12/01 12:0 a.m.•9 views

ROS-20251201-02

A vulnerability in the vfsinode.c component of the Linux kernel is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the llcpsock.c component of the Lin...

7.1CVSS6.7AI score0.0025EPSS
Exploits0
Redos
Redos
•added 2025/12/01 12:0 a.m.•6 views

ROS-20251201-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information Vulnerability of Core component of...

6.1CVSS6.8AI score0.005EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•4 views

ROS-20251128-05

Vulnerability of components inode.c, ioctl.c, root-tree.c, root-tree.h of Linux kernel is related to incorrect memory freeing before deleting the last link. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in omapprm.c component of Linux kernel ...

5.5CVSS6.6AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•5 views

ROS-20251128-01

A vulnerability in the firstkexpacketfollows function of the libssh library is related to a lack of memory release memory after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

3.1CVSS6.8AI score0.00375EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•10 views

ROS-20251128-03

A vulnerability in the Vault access control system and Vault enterprise information archiving platform Enterprise is related to authentication bypass using an alternate path or channel in AWS authentication method. AWS authentication method. Exploitation of the vulnerability could allow an attack...

8.1CVSS6.9AI score0.00517EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•5 views

ROS-20251128-06

A vulnerability in the adevrelease function in the drivers/peci/cpu.c module of the Platform Environment Control driver Interface PECI module of the Linux kernel is related to the reuse of previously released memory. memory. Exploitation of the vulnerability could allow an attacker to impact the...

7.8CVSS6.5AI score0.00216EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•12 views

ROS-20251128-07

Vulnerability of the vhostnewmsg function in the drivers/vhost/vhost.c module of the vhost driver of the Linux kernel is related to incorrect initialization of memory for messages transferred between guests. Linux kernel is related to incorrect memory initialization for messages transferred betwe...

5.5CVSS6.6AI score0.00236EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•9 views

ROS-20251128-02

A vulnerability in OpenBao's secret management and encryption system is related to the fact that OpenBao's audit logs incorrectly edited fields when the corresponding subsystems sent byte response parameters rather than strings. strings. Exploitation of the vulnerability could allow an attacker...

5.7CVSS6.8AI score0.00299EPSS
Exploits0
Redos
Redos
•added 2025/11/28 12:0 a.m.•10 views

ROS-20251128-04

Vulnerability of the smb2isvalidoplockbreak function in the fs/smb/client/smb2misc.c module of the SMB client implementation of the Linux kernel is related to the reuse of the previously released SMB protocol client implementation of the Linux kernel is related to the reuse of previously freed...

7.1CVSS6.6AI score0.00239EPSS
Exploits0
Redos
Redos
•added 2025/11/25 12:0 a.m.•8 views

ROS-20251125-01

A vulnerability in the cross-platform software development framework Qt is related to a bug in the data boundary checking when reading data from Bluetooth L2CAP socket in processUnsolicitedReply and processReply in bluetooth/qlowenergycontrollerbluez.cpp. Exploitation of the vulnerability could...

3.1CVSS7.9AI score0.00172EPSS
Exploits0
Total number of security vulnerabilities8162