Lucene search
K

8181 matches found

Redos
Redos
•added 2025/10/22 12:0 a.m.•5 views

ROS-20251022-02

Jenkins Automation Server vulnerability is related to a log message injection issue. Exploitation The vulnerability could allow an attacker acting remotely to compromise the target system A vulnerability in the Jenkins Automation Server is related to a vulnerable plugin not checking permissions f...

5.3CVSS7.5AI score0.00448EPSS
Exploits0
Redos
Redos
•added 2025/10/22 12:0 a.m.•7 views

ROS-20251022-03

ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...

9CVSS6.7AI score0.10985EPSS
Exploits1
Redos
Redos
•added 2025/10/21 12:0 a.m.•9 views

ROS-20251021-01

The vulnerability of the parisc component of the Linux kernel is related to incorrect error handling in the fixupexception function in arch/parisc/mm/fault.c, as well as in emulateldh, emulateldw, emulateldd, emulatesth, emulatestw, and emulatestd in arch/parisc/kernel/unaligned.c. Exploitation o...

7.8CVSS8.3AI score0.00276EPSS
Exploits0
Redos
Redos
•added 2025/10/21 12:0 a.m.•5 views

ROS-20251021-02

A vulnerability in the btrfs component of the Linux operating system kernel is related to an incorrect lock in the function clearextentuptodate in fs/btrfs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the KVM component of the...

6.7CVSS6.8AI score0.00407EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•3 views

ROS-20251020-02

Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...

8.8CVSS7.6AI score0.01056EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•4 views

ROS-20251020-04

Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...

8.8CVSS7.6AI score0.01056EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•4 views

ROS-20251020-10

A vulnerability in the ksmbd component of the Linux operating system kernel is related to reading outside the allowed boundaries of the of the data buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of smb2getdataarealen function in module...

8.1CVSS6.5AI score0.00814EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•4 views

ROS-20251020-09

Vulnerability of the tcptwskpurge function in the net/ipv4/tcpminisocks.c module of the IPv4 protocol implementation of the kernel of the of the Linux operating system is related to the reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to...

7.8CVSS6.6AI score0.00276EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•7 views

ROS-20251020-08

A vulnerability in the JavaScript JSS web application styling tool is related to a memory leak in a non-standard configuration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.9CVSS6.7AI score0.00695EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•3 views

ROS-20251020-03

Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...

8.8CVSS7.6AI score0.01056EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•3 views

ROS-20251020-06

MongoDB database management system upsert operation vulnerability is related to operations on a resource after its expiration date. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS6.8AI score0.00305EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•5 views

ROS-20251020-07

The vulnerability of the DNS server responsible for resolving coredns names is related to an error in the TTL function in the plugin/etcd/etcd.go, which converts the 64-bit etcd lease identifier into uint32 type and uses it as TTL. it as TTL, which causes the cache to be fixed for very long perio...

7.1CVSS7.3AI score0.00407EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•7 views

ROS-20251020-05

Vulnerability in the audit subroutine of the enterprise information archiving platforms Vault Enterprise and Vault Community Edition is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending...

7.5CVSS6.6AI score0.00697EPSS
Exploits0
Redos
Redos
•added 2025/10/20 12:0 a.m.•5 views

ROS-20251020-01

Vulnerability in open source external resource management software Terraform is associated with an incorrect restriction on the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to download arbitrary files...

7.8CVSS6.9AI score0.00255EPSS
Exploits0
Redos
Redos
•added 2025/10/17 12:0 a.m.•7 views

ROS-20251017-02

A vulnerability in the LoongArch component of the Linux operating system kernel is related to incorrect locking in the arch/loongarch/include/asm/io.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service Vulnerability of...

7.8CVSS6.7AI score0.00296EPSS
Exploits0
Redos
Redos
•added 2025/10/17 12:0 a.m.•3 views

ROS-20251017-01

Vulnerability of mienumattr function of fs/ntfs3 component of Linux kernel is related to buffer copying without input data verification. Exploitation of the vulnerability allows an intruder to gain access to confidential data, violate its integrity, and cause a denial of service. Vulnerability of...

8.4CVSS6.5AI score0.00295EPSS
Exploits0
Redos
Redos
•added 2025/10/16 12:0 a.m.•9 views

ROS-20251016-04

Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...

9.8CVSS9.4AI score0.87816EPSS
Exploits4
Redos
Redos
•added 2025/10/16 12:0 a.m.•5 views

ROS-20251016-01

Vulnerability of the library for working with DICOM format DCMTK is related to manipulation of function dcmimage/include/dcmtk/dcmimage/diybrpxt.h component dcm2img. Exploitation of the vulnerability allows an attacker to cause a denial of service...

7.8CVSS6.7AI score0.00158EPSS
Exploits0
Redos
Redos
•added 2025/10/16 12:0 a.m.•7 views

ROS-20251016-03

A vulnerability in the FirmwarePerformancePei.c component of the UEFI EDK2 open source development environment is related to the lack of division by zero check. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6CVSS6.7AI score0.00217EPSS
Exploits0
Redos
Redos
•added 2025/10/16 12:0 a.m.•5 views

ROS-20251016-02

Vulnerability of the library for working with DICOM format DCMTK is related to manipulation of function dcmimage/include/dcmtk/dcmimage/diybrpxt.h component dcm2img. Exploitation of the vulnerability allows an attacker to cause a denial of service...

7.8CVSS6.7AI score0.00158EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•3 views

ROS-20251014-03

Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.5CVSS7.9AI score0.0045EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•7 views

ROS-20251014-02

A vulnerability in the pamsmauthenticate function of the Yubico pam-u2f PAM module is related to the return of an invalid status code state. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.3CVSS7.1AI score0.00397EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•7 views

ROS-20251014-01

The vulnerability of the Rack module interface of the Ruby programming language interpreter is related to the fact that application does not properly control consumption of internal resources in the function "Rack::QueryParser" function. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.8AI score0.00535EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•4 views

ROS-20251014-08

A vulnerability in the Podman OCI container management and launching software tool is related to an insecure link following a problem in the Podman Kube Play command. Exploitation of the vulnerability could allow An attacker to cause a denial of service...

8.1CVSS6.7AI score0.01008EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•5 views

ROS-20251014-09

A vulnerability in the SVG component of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an integer overflow. with integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

8.8CVSS7.8AI score0.00687EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•4 views

ROS-20251014-10

The vulnerability in the Jenkins Automation Server is due to a vulnerable plugin not performing validation of of permissions in the sidebar. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to features that would otherwise be restricted...

5.3CVSS6.8AI score0.04735EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•5 views

ROS-20251014-06

A vulnerability in the jq JSON processor is related to manipulation of the runjqtests function of the jqtest.c component file JSON Parser Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00194EPSS
Exploits1
Redos
Redos
•added 2025/10/14 12:0 a.m.•5 views

ROS-20251014-07

Vulnerability in Perl JSON::XS data structure transformation module is related to integer overflow when parsing JSON data. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code on the target system...

7.5CVSS7.4AI score0.00603EPSS
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•8 views

ROS-20251014-05

A vulnerability in the interface of the Grafana monitoring and surveillance platform is related to the failure to take measures to protect the web page structure when processing the /swagger endpoint. web page structure when processing the /swagger endpoint. Exploitation of the vulnerability coul...

6AI score
Exploits0
Redos
Redos
•added 2025/10/14 12:0 a.m.•6 views

ROS-20251014-04

A vulnerability in the libvips horizontal topology image processing library is related to the creation of a three-channel HEIF image without an alpha channel and then writing its data into 4 channels. 3-channel HEIF image without alpha channel and then writing its data to 4 channels. Exploitation...

8.5CVSS6.8AI score0.00246EPSS
Exploits1
Redos
Redos
•added 2025/10/14 12:0 a.m.•4 views

ROS-20251014-11

Go programming language vulnerability is related to improper input validation. Exploitation The vulnerability could allow a remote attacker to bypass existing security restrictions. security...

5.4CVSS7AI score0.00308EPSS
Exploits0
Redos
Redos
•added 2025/10/13 12:0 a.m.•4 views

ROS-20251013-02

Vulnerability of the fpsimdreleasetask function in the arch/arm64/kernel/fpsimd.c module of the Linux kernel is related to a memory leak. Linux kernel is related to a memory leak. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of...

5.5CVSS7.1AI score0.00244EPSS
Exploits0
Redos
Redos
•added 2025/10/13 12:0 a.m.•4 views

ROS-20251013-01

A vulnerability in the LoongArch component of the Linux operating system kernel is related to the inability to process a kernel swap request. kernel swap requests. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the sii902xinit function in t...

8.8CVSS6.8AI score0.00602EPSS
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•4 views

ROS-20251008-09

The Open Asset Import Library Assimp 3D model import library vulnerability is related to the manipulation of the mWidth/mHeight the mWidth/mHeight argument. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service The Open Asset Import Library Assimp 3D...

8.8CVSS6.8AI score0.00581EPSS
Exploits3
Redos
Redos
•added 2025/10/08 12:0 a.m.•5 views

ROS-20251008-07

Vulnerabilities The Go programming language vulnerability is related to synchronization errors when using a of a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7CVSS6.8AI score0.00331EPSS
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•5 views

ROS-20251008-08

The vulnerability of the libexpat XML file parsing library is related to the fact that the application does not control the internal resource consumption properly. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS6.8AI score0.01279EPSS
Exploits1
Redos
Redos
•added 2025/10/08 12:0 a.m.•6 views

ROS-20251008-10

A vulnerability in the fdindex function of the Udisks storage device query and management program is related to a reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to escalate their privileges and cause a denial of service...

8.5CVSS7AI score0.0065EPSS
Exploits1
Redos
Redos
•added 2025/10/08 12:0 a.m.•4 views

ROS-20251008-02

Thunderbird email client vulnerability is related to insufficient protection of service data. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to download arbitrary files...

7AI score
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•3 views

ROS-20251008-01

The Thunderbird email client vulnerability, Thunderbird ESR is related to insufficient authentication of the data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the data integrity Vulnerability of Address Book URI fields of Thunderbird, Thunderbird ESR mail...

6.5CVSS7.6AI score0.01331EPSS
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•5 views

ROS-20251008-03

A vulnerability in the Loader component of Google Chrome browsers is related to bypassing the authentication procedure by using an alternate path or channel. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

5.4CVSS7AI score0.00157EPSS
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•3 views

ROS-20251008-05

A vulnerability in the Kubernetes virtual machine cluster management software tool is related to insufficient validation of user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

3CVSS6.7AI score0.00778EPSS
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•3 views

ROS-20251008-06

The Eclipse Jetty servlet container vulnerability is related to the fact that the application does not properly control internal resource consumption when processing HTTP/2 requests. consumption of internal resources when processing HTTP/2 requests. Exploitation of the vulnerability could allow a...

7.7CVSS6.8AI score0.01567EPSS
Exploits0
Redos
Redos
•added 2025/10/08 12:0 a.m.•2 views

ROS-20251008-04

The dumpisomsaps function file applications/mp4box/filedump.c, line 1743 does not check the pointers to NULL before accessing track structure fields, which allows an attacker to generate an MP4 file with a corrupted track there is no mandatory Sample Description Box - stsd. MP4 file with corrupte...

7.4AI score
Exploits0
Redos
Redos
•added 2025/10/07 12:0 a.m.•2 views

ROS-20251007-02

Vulnerability of the software tool for MediaWiki hypertext environment implementation is related to insufficient filtering of system messages. filtering of system messages. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary JavaScript code. remotely to...

6.9CVSS7.6AI score0.00454EPSS
Exploits0
Redos
Redos
•added 2025/10/07 12:0 a.m.•5 views

ROS-20251007-01

A vulnerability in the command-line utility for extracting text content from Microsoft Word files catdoc is related to an integer overflow in the OLE Document DIFAT parser function. Exploitation vulnerability could allow an attacker to execute arbitrary code on the target system Vulnerability in ...

8.4CVSS7.9AI score0.00273EPSS
Exploits3
Redos
Redos
•added 2025/10/07 12:0 a.m.•3 views

ROS-20251007-04

A vulnerability in GLPI's computer hardware request, incident, and inventory system is related to a key-based authorization bypass. key authorization. Exploitation of the vulnerability could allow a remote intruder, compromise the system Vulnerability in the GLPI computer equipment request,...

6.5CVSS4.9AI score0.00256EPSS
Exploits0
Redos
Redos
•added 2025/10/07 12:0 a.m.•6 views

ROS-20251007-03

The vulnerability of the high-performance open source DNS server PowerDNS Recursor is related to a a bug in the ECS implementation. Exploitation of the vulnerability could allow an attacker acting remotely, perform cache poisoning attacks...

7.5CVSS6.5AI score0.00229EPSS
Exploits0
Redos
Redos
•added 2025/10/07 12:0 a.m.•6 views

ROS-20251007-05

A vulnerability in the vim text editor is related to manipulation of the main function of the src/xxd/xxd.c file component xxd. Exploitation of the vulnerability could allow an attacker to cause a denial of service The vim text editor vulnerability is related to manipulation of the...

8.8CVSS5.8AI score0.0033EPSS
Exploits2
Redos
Redos
•added 2025/10/06 12:0 a.m.•4 views

ROS-20251006-10

A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...

7.5CVSS6.8AI score0.00763EPSS
Exploits1
Redos
Redos
•added 2025/10/06 12:0 a.m.•3 views

ROS-20251006-09

A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...

7.5CVSS6.8AI score0.00763EPSS
Exploits1
Total number of security vulnerabilities8181