Lucene search
K

8181 matches found

Redos
Redos
•added 2025/10/06 12:0 a.m.•7 views

ROS-20251006-11

A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...

7.5CVSS6.8AI score0.00763EPSS
Exploits1
Redos
Redos
•added 2025/10/06 12:0 a.m.•3 views

ROS-20251006-12

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

8.7CVSS6.8AI score0.00634EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•6 views

ROS-20251006-17

The vulnerability of the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

7.5CVSS6.9AI score0.02342EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•6 views

ROS-20251006-16

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

8.7CVSS6.8AI score0.00634EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•5 views

ROS-20251006-02

A vulnerability in the curl program is related to boundary conditions when reading the cookie path. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...

7.5CVSS6.9AI score0.01301EPSS
Exploits1
Redos
Redos
•added 2025/10/06 12:0 a.m.•6 views

ROS-20251006-01

A vulnerability in the certtool utility of the GnuTLS transport layer security library is related to an operation exceeding the buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.2CVSS7AI score0.01185EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•5 views

ROS-20251006-06

A vulnerability in the AbuseFilter extension for MediaWiki is related to the fact that an API caller can map a filter condition with AbuseFilter logs. Exploiting the vulnerability could allow an attacker, acting remotely, to gain access to sensitive information...

5.3CVSS6.8AI score0.00441EPSS
Exploits1
Redos
Redos
•added 2025/10/06 12:0 a.m.•6 views

ROS-20251006-07

The vulnerability of the pamaccess component of the access.conf file of the Linux-PAM authentication module is related to the flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain access t...

7.8CVSS7.2AI score0.00798EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•2 views

ROS-20251006-08

Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to URL redirection to an untrusted site when the redirect parameter is processed. Exploitation of the vulnerability could Allow a remote attacker to impact the confidentiality and integrity of...

6.1CVSS6.7AI score0.00473EPSS
Exploits1
Redos
Redos
•added 2025/10/06 12:0 a.m.•4 views

ROS-20251006-15

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

8.7CVSS6.8AI score0.00634EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•4 views

ROS-20251006-14

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

8.7CVSS6.8AI score0.00634EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•5 views

ROS-20251006-13

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

8.7CVSS6.8AI score0.00634EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•4 views

ROS-20251006-04

A vulnerability in the GPAC multimedia platform is related to manipulation of the isoffinprocess function of the file src/filters/isoffinread.c of the MP4Box component. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.8AI score0.00351EPSS
Exploits1
Redos
Redos
•added 2025/10/06 12:0 a.m.•5 views

ROS-20251006-03

A vulnerability in a set of tools that allow companies to manage software subscriptions Candlepin is related to the ability to create data related to another client/tenant. Exploitation vulnerability could allow an attacker acting remotely to gain access to sensitive information...

8.1CVSS7AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2025/10/06 12:0 a.m.•3 views

ROS-20251006-05

The vulnerability of the Cockpit server management system is related to the fact that the application does not control the internal resource consumption properly. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

3.2CVSS6.8AI score0.00266EPSS
Exploits0
Redos
Redos
•added 2025/10/02 12:0 a.m.•3 views

ROS-20251002-03

A vulnerability in Microsoft's .NET software platform is related to the closing of the HTTP/3 stream while writing code for an application, resulting in a race condition in response. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive informatio...

8.8CVSS7.3AI score0.00719EPSS
Exploits0
Redos
Redos
•added 2025/10/02 12:0 a.m.•3 views

ROS-20251002-01

A vulnerability in the Privoxy proxy server with advanced web content filtering functions is related to insufficient validation of user data in the "processencryptedrequestheaders" function. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

7.5CVSS6.2AI score0.01393EPSS
Exploits0
Redos
Redos
•added 2025/10/02 12:0 a.m.•4 views

ROS-20251002-02

A vulnerability in the Netty networking software is associated with incorrect validation of HTTP/1.1 requests. Exploitation of the vulnerability could allow an attacker acting remotely to perform spoofing attacks against HTTP requests. HTTP requests A vulnerability in the Netty networking softwar...

7.5CVSS6.7AI score0.00631EPSS
Exploits2
Redos
Redos
•added 2025/10/01 12:0 a.m.•4 views

ROS-20251001-01

VMSVGA virtual graphics adapter vulnerability in Oracle VM virtualization software VirtualBox is related to access control flaws resulting from buffer overruns. VirtualBox is related to access delimitation flaws as a result of an operation exceeding the buffer boundaries in memory. Exploitation o...

8.2CVSS8AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2025/10/01 12:0 a.m.•5 views

ROS-20251001-07

A vulnerability in the Iperf3 network bandwidth measurement tool is related to a fill error on the one. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

10CVSS6.8AI score0.00381EPSS
Exploits0
Redos
Redos
•added 2025/10/01 12:0 a.m.•4 views

ROS-20251001-04

A vulnerability in the gnutlsrnd function of the Samba networking software package is related to the use of insufficiently random values. insufficiently randomized values. Exploitation of the vulnerability could allow an attacker to gain access to confidential data...

5.5CVSS7AI score0.00409EPSS
Exploits1
Redos
Redos
•added 2025/10/01 12:0 a.m.•7 views

ROS-20250930-15

Kea open source DHCP server vulnerability is related to availability checking when processing DHCP packets. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.5CVSS6.8AI score0.00495EPSS
Exploits0
Redos
Redos
•added 2025/10/01 12:0 a.m.•4 views

ROS-20251001-03

A vulnerability in the jQuery library exists due to insufficient cleansing of user-supplied data when passing elements to jQuery DOM methods. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform cross-site scripting attacks...

6.9CVSS7.3AI score0.8383EPSS
Exploits6
Redos
Redos
•added 2025/10/01 12:0 a.m.•6 views

ROS-20251001-06

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service...

9.1CVSS6.7AI score0.00693EPSS
Exploits1
Redos
Redos
•added 2025/10/01 12:0 a.m.•3 views

ROS-20251001-02

VMSVGA virtual graphics adapter vulnerability in Oracle VM virtualization software VirtualBox is related to access control flaws resulting from buffer overruns. VirtualBox is related to access delimitation flaws as a result of an operation exceeding the buffer boundaries in memory. Exploitation o...

8.2CVSS8AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2025/10/01 12:0 a.m.•4 views

ROS-20251001-08

Vulnerability of cJSON parser is related to boundary conditions in decodearrayindexfrompointer function in cJSONUtils.c. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information...

9.8CVSS6.7AI score0.00693EPSS
Exploits1
Redos
Redos
•added 2025/09/30 12:0 a.m.•3 views

ROS-20250930-08

Vulnerability of ImageMagick console graphic editor related to format string error in function "InterpretImageFilename" function. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code on the target system, execute arbitrary code on the target system Vulnerabili...

8.8CVSS7.8AI score0.04065EPSS
Exploits2
Redos
Redos
•added 2025/09/30 12:0 a.m.•6 views

ROS-20250930-03

The polkit service vulnerability is related to a boundary validation error when processing XML policies with a nesting depth of 32 or more elements. of 32 or more elements. Exploitation of the vulnerability could allow an attacker to compromise a compromised vulnerable system...

6.7CVSS6.9AI score0.00184EPSS
Exploits0
Redos
Redos
•added 2025/09/30 12:0 a.m.•3 views

ROS-20250930-02

A code vulnerability in the Audio Profile AVRCP component of the Bluetooth protocol stack for Linux BlueZ is related to a buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...

8CVSS7.3AI score0.01563EPSS
Exploits0
Redos
Redos
•added 2025/09/30 12:0 a.m.•4 views

ROS-20250930-01

A vulnerability in the library used to read EPUB files libgepub is related to incorrect processing of file size calculations when opening specially crafted EPUB files. file size calculations when opening specially crafted EPUB files. Exploitation of the vulnerability could Allow an attacker to...

5.5CVSS6.8AI score0.00191EPSS
Exploits1
Redos
Redos
•added 2025/09/30 12:0 a.m.•4 views

ROS-20250930-04

The Open Asset Import Library Assimp 3D model import library implementation vulnerability is related to manipulation of the skinwidth/skinheight argument. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in Open Asset Import Library Assimp 3D...

8.8CVSS6.9AI score0.00684EPSS
Exploits3
Redos
Redos
•added 2025/09/30 12:0 a.m.•3 views

ROS-20250930-06

Tianocore EDK2 library vulnerability is related to insecure IDT register handling during SMM login. Exploitation of the vulnerability allows an attacker to escalate privileges in the system...

7CVSS7.2AI score0.0014EPSS
Exploits0
Redos
Redos
•added 2025/09/30 12:0 a.m.•5 views

ROS-20250930-05

The Unbound DNS server vulnerability is related to a logical error in the EDNS client subnet ECS implementation. Exploitation of the vulnerability allows a remote attacker to perform cache poisoning attacks...

8.7CVSS7AI score0.00188EPSS
Exploits0
Redos
Redos
•added 2025/09/30 12:0 a.m.•3 views

ROS-20250930-07

Vulnerability of ImageMagick console graphic editor related to format string error in function "InterpretImageFilename" function. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code on the target system, execute arbitrary code on the target system Vulnerabili...

8.8CVSS7.8AI score0.04065EPSS
Exploits2
Redos
Redos
•added 2025/09/29 12:0 a.m.•12 views

ROS-20250929-15

Vulnerability of modssl function of Apache HTTP Server web server is related to flaws in the procedure of authentication procedure when processing the SSLEngine optional parameter. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using the TLS...

7.5CVSS6.7AI score0.04409EPSS
Exploits1
Redos
Redos
•added 2025/09/29 12:0 a.m.•2 views

ROS-20250929-14

Vulnerability of the unixstreamreadgeneric function of the net/unix/afunix.c module of the Linux operating system kernel is related to memory usage after memory freeing. Exploitation of the vulnerability could allow an attacker to escalate privileges, bypass existing security mechanisms, and...

7.8CVSS8.4AI score0.00247EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•6 views

ROS-20250929-13

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to with an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability in JavaScript Engine...

9.8CVSS7.3AI score0.0053EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•4 views

ROS-20250929-01

Vulnerability of the library for working with DICOM DCMTK format is related to the operation exceeding the buffer boundaries. memory buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service using a specially crafted DICOM file A vulnerability in the library f...

8.4CVSS6.9AI score0.0061EPSS
Exploits2
Redos
Redos
•added 2025/09/29 12:0 a.m.•5 views

ROS-20250929-04

Vulnerability of MultipartStream class of the Commons FileUpload library exists due to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service consumption of computational resources using a long string...

7.8CVSS6.7AI score0.35927EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•4 views

ROS-20250929-02

Vulnerability of SRBRoot::addTag function of the library for working with Unicode ICU is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and cause a crash. an attacker to execute arbitrary...

7CVSS7.9AI score0.00296EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•5 views

ROS-20250929-05

A vulnerability in the Libarchive library is related to a data bounds checking error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Windows operating system Libarchive library vulnerability is related to integer overflow. Exploitation of the vulnerability cou...

7.8CVSS7.9AI score0.00341EPSS
Exploits2
Redos
Redos
•added 2025/09/29 12:0 a.m.•3 views

ROS-20250929-03

A vulnerability in a perl module that provides a convenient way to describe rules for searching files and directories File-Find-Rule is related to incorrect input validation when grep is detected. directories File-Find-Rule is related to incorrect input validation when grep detects a specially...

8.8CVSS7AI score0.00736EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•5 views

ROS-20250929-09

AMD processor firmware vulnerability is related to insufficient protection of service data. data. Exploitation of the vulnerability could allow an intruder to disclose protected information AMD processor firmware vulnerability is related to insufficient protection of service data. data...

5.6CVSS8.3AI score0.00425EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•3 views

ROS-20250929-11

Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...

5.7CVSS8.8AI score0.00371EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•8 views

ROS-20250929-08

Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information A vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is...

9.8CVSS8.2AI score0.00554EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•3 views

ROS-20250929-06

A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...

7.5CVSS7.3AI score0.00453EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•3 views

ROS-20250929-07

A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...

7.5CVSS7.3AI score0.00453EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•7 views

ROS-20250929-10

Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...

5.7CVSS8.8AI score0.00371EPSS
Exploits0
Redos
Redos
•added 2025/09/29 12:0 a.m.•2 views

ROS-20250929-12

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to with an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability in JavaScript Engine...

9.8CVSS7.3AI score0.0053EPSS
Exploits0
Redos
Redos
•added 2025/09/25 12:0 a.m.•6 views

ROS-20250925-01

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS7AI score0.01184EPSS
Exploits14
Total number of security vulnerabilities8181