Lucene search
K

8162 matches found

Redos
Redos
•added 2025/11/12 12:0 a.m.•5 views

ROS-20251112-08

A vulnerability in the Python Eventlet network concurrency library is related to an incorrect HTTP request validation in the WSGI parser. Exploitation of the vulnerability could allow an attacker acting remotely to perform HTTP spoofing attacks. remotely to perform HTTP request spoofing attacks...

9.1CVSS6.5AI score0.00363EPSS
Exploits0
Redos
Redos
•added 2025/11/12 12:0 a.m.•5 views

ROS-20251112-05

Vulnerability in the t2.c component of the OpenJPEG image encoding and decoding library is related to an uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely cause a denial of service...

4.3CVSS4.9AI score0.00528EPSS
Exploits0
Redos
Redos
•added 2025/11/12 12:0 a.m.•6 views

ROS-20251112-06

A vulnerability in the NVIDIA CUDA GPU parallel computing software toolkit is related to boundary conditions in cuobjdump and nvdisasm. Toolkit is related to boundary conditions in cuobjdump and nvdisasm. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

3.3CVSS4.4AI score0.00226EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•4 views

ROS-20251111-03

Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...

6.5CVSS6AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•7 views

ROS-20251111-08

A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...

8.2CVSS6.5AI score0.00389EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•8 views

ROS-20251111-01

A vulnerability in the libxml2 library for manipulating XML and HTML files is related to uncontrolled recursion during the XPath computation in the xmlXPathRunEval function in xpath.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...

6.2CVSS4.5AI score0.00144EPSS
Exploits1
Redos
Redos
•added 2025/11/11 12:0 a.m.•6 views

ROS-20251111-02

A vulnerability in the NVIDIA CUDA parallel computing software toolkit for NVIDIA CUDA GPUs Toolkit is related to null pointer dereferencing error in cuobjdump and nvdisasm. Exploitation The vulnerability could allow an attacker to cause a denial of service...

3.3CVSS4.4AI score0.00226EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•5 views

ROS-20251111-05

The vulnerability in the Ruby REXML XML toolkit is related to the fact that the application does not properly control the internal resource consumption when analyzing malformed XML code containing multiple XML declarations. Exploitation of the vulnerability could allow an attacker to cause a deni...

5.3CVSS6AI score0.00231EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•3 views

ROS-20251111-07

A vulnerability in the Downloads component of the Google Chrome and Microsoft Edge browsers is related to a false representation of critical information by the user interface. presentation of critical information by the user interface. Exploitation of the vulnerability could Allow an attacker...

8.8CVSS8.5AI score0.03583EPSS
Exploits1
Redos
Redos
•added 2025/11/11 12:0 a.m.•3 views

ROS-20251111-06

A vulnerability in the Glib library is related to boundary conditions in the gettmpfile function in glib/gfileutils.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

3.7CVSS6.4AI score0.0037EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•4 views

ROS-20251111-04

Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...

6.5CVSS6AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2025/11/11 12:0 a.m.•8 views

ROS-20251111-10

Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...

7.8CVSS6.1AI score0.00327EPSS
Exploits3
Redos
Redos
•added 2025/11/11 12:0 a.m.•3 views

ROS-20251111-11

Vulnerability of function ffaacsearchfortns in component libavcodec/aacenctns.c of multimedia library FFmpeg is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an intruder acting remotely to gain unauthorized access to protected...

8.8CVSS6.5AI score0.00534EPSS
Exploits1
Redos
Redos
•added 2025/11/11 12:0 a.m.•3 views

ROS-20251111-09

A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...

8.2CVSS6.5AI score0.00389EPSS
Exploits0
Redos
Redos
•added 2025/11/10 12:0 a.m.•8 views

ROS-20251110-01

FFmpeg multimedia library vulnerability is related to null pointer dereferencing error in HLS playlists parsing. when parsing HLS playlists. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the audioelementobu function of the...

8.7CVSS6.8AI score0.00544EPSS
Exploits1
Redos
Redos
•added 2025/11/10 12:0 a.m.•6 views

ROS-20251110-05

A vulnerability in the Linux-PAM authentication module is related to insecure storage of sensitive information. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information...

4.7CVSS7.1AI score0.00265EPSS
Exploits0
Redos
Redos
•added 2025/11/10 12:0 a.m.•6 views

ROS-20251110-02

A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before file access. before accessing a file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code if a user opens a specially crafted ZIP archive. provided the user opens a...

7.8CVSS7.6AI score0.27017EPSS
Exploits11
Redos
Redos
•added 2025/11/10 12:0 a.m.•15 views

ROS-20251110-04

A vulnerability in the qtdemuxparsetrak function of the Gstreamer multimedia framework is related to a boundary condition in the MOV/MP4 demultiplexer. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to potentially sensitive information A vulnerability in th...

8.1CVSS6.2AI score0.00578EPSS
Exploits2
Redos
Redos
•added 2025/11/10 12:0 a.m.•4 views

ROS-20251110-03

Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...

8.8CVSS5.6AI score0.00315EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•5 views

ROS-20251106-03

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to incorrect header processing in "Rack::Sendfile". header processing in "Rack::Sendfile". Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially...

7.5CVSS6.9AI score0.00868EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•7 views

ROS-20251106-01

The vulnerability in the Portainer container management platform is related to a vulnerability in the server side, API, registry list output logic, and/or a component that returned fields with secrets. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

8.8CVSS7AI score0.00244EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•3 views

ROS-20251106-02

A vulnerability in the Netty networking software tool is related to insufficient input validation in the SMTP codec. SMTP codec. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SMTP commands. arbitrary SMTP commands...

6.9CVSS7.5AI score0.01617EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•10 views

ROS-20251106-05

The bfdselfparseehframe function of the GNU Binutils development tool has a vulnerability related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in GNU Binutils software development to...

7.8CVSS7.2AI score0.00235EPSS
Exploits2
Redos
Redos
•added 2025/11/06 12:0 a.m.•3 views

ROS-20251106-04

Vulnerability of django.utils.archive.extract function of Django web application software platform is related to errors in the relative directory path handling mechanism. Exploitation of the vulnerability could allow a remote attacker to bypass security restrictions. Vulnerability in...

9.8CVSS6.7AI score0.0085EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•4 views

ROS-20251106-06

Vulnerabilities in Asterisk management systems are related to improper management of internal resources of the of the application. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.8AI score0.00449EPSS
Exploits1
Redos
Redos
•added 2025/11/06 12:0 a.m.•6 views

ROS-20251106-07

A vulnerability in the phpMyAdmin database administration web application is related to an XSS vulnerability in the table validation function. XSS vulnerability for the table validation feature. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code ...

6.4CVSS7.2AI score0.00403EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•4 views

ROS-20251106-09

A vulnerability in the QEMU hardware emulator is related to the incorrect release and use of the irqfd for vector 0 during boot time in QEMU Virtio PCI Bindings hw/virtio/virtio/pci.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00324EPSS
Exploits0
Redos
Redos
•added 2025/11/06 12:0 a.m.•7 views

ROS-20251106-08

A vulnerability in the Gstreamer multimedia framework is related to a null pointer dereferencing bug in the SubRip subtitle parser. SubRip subtitle parser. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Gstreamer multimedia framework vulnerability...

5.6CVSS7AI score0.00428EPSS
Exploits3
Redos
Redos
•added 2025/11/05 12:0 a.m.•3 views

ROS-20251105-12

A vulnerability in the usbepget function hw/net/core.c of the QEMU hardware emulator is related to a a flaw in the use of the assert function. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.2AI score0.00286EPSS
Exploits0
Redos
Redos
•added 2025/11/05 12:0 a.m.•10 views

ROS-20251105-06

The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...

9.9CVSS6.7AI score0.66258EPSS
Exploits5
Redos
Redos
•added 2025/11/05 12:0 a.m.•4 views

ROS-20251105-03

A vulnerability in the Apache Log4cxx C++ logging framework is related to insufficient cleanup of the user-supplied data when using an ODBC appender to send log messages to a database. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in th...

8.8CVSS7.2AI score0.01597EPSS
Exploits1
Redos
Redos
•added 2025/11/05 12:0 a.m.•4 views

ROS-20251105-05

Vulnerability of passwordchange.cgi script of Webmin hosting control panel and web-interface for unix-like systems Usermin is related to flaws in error reporting mechanism. unix-like systems Usermin is related to a flaw in the error reporting mechanism. Exploitation of the vulnerability could all...

5.3CVSS6.9AI score0.02621EPSS
Exploits5
Redos
Redos
•added 2025/11/05 12:0 a.m.•3 views

ROS-20251105-08

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

6.5CVSS6.6AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2025/11/05 12:0 a.m.•6 views

ROS-20251105-04

A vulnerability in the debugtypesamep function of the objdump component of the GNU Binutils development tool is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the elfgcsweep...

7.8CVSS6.8AI score0.00235EPSS
Exploits2
Redos
Redos
•added 2025/11/05 12:0 a.m.•4 views

ROS-20251105-09

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

6.5CVSS6.6AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2025/11/05 12:0 a.m.•8 views

ROS-20251105-07

The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...

9.9CVSS6.7AI score0.66258EPSS
Exploits5
Redos
Redos
•added 2025/11/05 12:0 a.m.•4 views

ROS-20251105-11

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

6.5CVSS6.6AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2025/11/05 12:0 a.m.•5 views

ROS-20251105-10

Zabbix universal monitoring system vulnerability is related to authorization errors. Exploitation vulnerability can allow a remote attacker to gain unauthorized access to protected information. protected information Vulnerability of Zabbix universal monitoring system is related to a logical error...

6.5CVSS6.6AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2025/11/05 12:0 a.m.•11 views

ROS-20251105-01

A vulnerability in the Apache Log4cxx C++ logging framework is related to the fact that when using the HTMLLayout, logger names are not properly escaped when written to an HTML file. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data A vulnerability...

7.8CVSS7.2AI score0.0788EPSS
Exploits3
Redos
Redos
•added 2025/11/05 12:0 a.m.•6 views

ROS-20251105-02

A vulnerability in the LibTIFF library is related to a bounds checking bug in the setrow function in tools/thumbnail.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the LibTIFF library is related to a bounds checking b...

8.8CVSS7.8AI score0.00739EPSS
Exploits6
Redos
Redos
•added 2025/10/31 12:0 a.m.•4 views

ROS-20251031-01

Vulnerability of MongoDB database management system is related to incorrect processing of certain accumulator functions when additional parameters are specified in the $group operation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.00289EPSS
Exploits0
Redos
Redos
•added 2025/10/31 12:0 a.m.•10 views

ROS-20251031-03

A vulnerability in the Apache ActiveMQ software platform is related to the recovery of invalid data in memory data. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by creating an OpenWire class. arbitrary code by creating a class over the OpenWire protoco...

10CVSS7.9AI score0.99654EPSS
Exploits31
Redos
Redos
•added 2025/10/31 12:0 a.m.•5 views

ROS-20251031-02

A vulnerability in the nvJPEG library of the NVIDIA CUDA Toolkit, a software tool for parallel computing on graphics processors, is related to buffer overruns. The NVIDIA CUDA Toolkit GPU parallel computing software nvJPEG library vulnerability is related to writing outside buffer boundaries...

7.1CVSS6.8AI score0.00127EPSS
Exploits0
Redos
Redos
•added 2025/10/31 12:0 a.m.•6 views

ROS-20251031-04

Vulnerability of cuobjdump file of parallel computing software tool for GPUs NVIDIA CUDA Toolkit is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the cuobjdump file of the NVIDIA CUDA Toolkit GPU parallel...

7.8CVSS7.9AI score0.00306EPSS
Exploits1
Redos
Redos
•added 2025/10/31 12:0 a.m.•3 views

ROS-20251031-05

A vulnerability in the nvdisasm command line utility of the NVIDIA CUDA Toolkit parallel computing software toolkit is related to reading outside the allowed range. NVIDIA CUDA Toolkit GPUs is related to reading outside the allowed range in memory. memory. Exploitation of the vulnerability could...

7.8CVSS7.8AI score0.00207EPSS
Exploits0
Redos
Redos
•added 2025/10/30 12:0 a.m.•8 views

ROS-20251030-10

A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...

8.4CVSS6.8AI score0.00309EPSS
Exploits0
Redos
Redos
•added 2025/10/30 12:0 a.m.•5 views

ROS-20251030-09

A vulnerability in the qDecodeDataUrl function of the QtCore module of the Qt cross-platform development framework Qt software development framework is related to insufficient input data validation when processing the parameter charset. Exploitation of the vulnerability could allow an attacker...

8.4CVSS6.8AI score0.00309EPSS
Exploits0
Redos
Redos
•added 2025/10/30 12:0 a.m.•5 views

ROS-20251030-01

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

5.5CVSS7AI score0.00235EPSS
Exploits0
Redos
Redos
•added 2025/10/30 12:0 a.m.•5 views

ROS-20251030-03

A vulnerability in the MongoDB database management system is related to misconfiguration of the lsid field. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.7AI score0.00254EPSS
Exploits0
Redos
Redos
•added 2025/10/30 12:0 a.m.•5 views

ROS-20251030-02

A vulnerability in the NVIDIA Virtual GPU Manager component of the NVIDIA Virtual GPU driver Virtual GPU is associated with incorrectly assigning permissions to a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the NVIDIA...

5.5CVSS7AI score0.00235EPSS
Exploits0
Total number of security vulnerabilities8162