Lucene search
K

8181 matches found

Redos
Redos
•added 2025/09/25 12:0 a.m.•7 views

ROS-20250925-03

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS6.4AI score0.01184EPSS
Exploits14
Redos
Redos
•added 2025/09/25 12:0 a.m.•9 views

ROS-20250925-04

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS6.5AI score0.01184EPSS
Exploits14
Redos
Redos
•added 2025/09/25 12:0 a.m.•6 views

ROS-20250925-01

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS7AI score0.01184EPSS
Exploits14
Redos
Redos
•added 2025/09/25 12:0 a.m.•7 views

ROS-20250925-02

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...

9.4CVSS7AI score0.01184EPSS
Exploits14
Redos
Redos
•added 2025/09/25 12:0 a.m.•8 views

ROS-20250925-05

A vulnerability in the NVIDIA GPU Display Driver is related to incorrect authorization authorization. Exploitation of the vulnerability could allow an attacker to gain elevated privileges on the system A vulnerability in the NVIDIA GPU Display Driver software driver is related to an operation tha...

8.2CVSS8.2AI score0.00338EPSS
Exploits0
Redos
Redos
•added 2025/09/25 12:0 a.m.•5 views

ROS-20250925-07

A vulnerability in the NVIDIA GPU Driver virtual graphics processor driver is related to the use of memory after release. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the NVIDIA Virtual GPU Driver is related to incomplete...

8.2CVSS8.2AI score0.00338EPSS
Exploits0
Redos
Redos
•added 2025/09/24 12:0 a.m.•6 views

ROS-20250924-03

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to the following. insufficient validation of input data. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, add, or delete data or cause a denial of...

8.1CVSS6.9AI score0.00541EPSS
Exploits1
Redos
Redos
•added 2025/09/24 12:0 a.m.•3 views

ROS-20250924-04

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to the following. insufficient validation of input data. Exploitation of the vulnerability could allow an attacker to gain access to read, modify, add, or delete data or cause a denial of...

8.1CVSS6.9AI score0.00541EPSS
Exploits1
Redos
Redos
•added 2025/09/24 12:0 a.m.•6 views

ROS-20250924-07

A vulnerability in the GIMP graphics editor is related to an integer overflow when analyzing ICO files. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

8.8CVSS8.1AI score0.10561EPSS
Exploits0
Redos
Redos
•added 2025/09/24 12:0 a.m.•3 views

ROS-20250924-05

The Kea open source DHCP server vulnerability is related to input validation errors in the file path processing. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system Kea open source DHCP server vulnerability is related to incorrect default permissions for...

6.1CVSS6.8AI score0.0021EPSS
Exploits0
Redos
Redos
•added 2025/09/24 12:0 a.m.•8 views

ROS-20250924-06

A vulnerability in the Django web application software platform is related to insufficient cleanup of the user data in FilteredRelation column aliases. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in the database A vulnerability in the...

8.1CVSS8.1AI score0.15602EPSS
Exploits4
Redos
Redos
•added 2025/09/24 12:0 a.m.•3 views

ROS-20250924-02

A vulnerability in Performance Co-Pilot's performance monitoring and visualization software PCP is related to a symbolic link issue in the pmpost tool, which under certain under certain circumstances. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...

5.5CVSS7AI score0.00288EPSS
Exploits0
Redos
Redos
•added 2025/09/24 12:0 a.m.•5 views

ROS-20250924-01

The vulnerability of the pip module of the Python programming language is related to the failure to clean data at the control layer. Exploitation of the vulnerability could allow an attacker to change the repository configuration...

5.5CVSS6.9AI score0.00476EPSS
Exploits0
Redos
Redos
•added 2025/09/24 12:0 a.m.•5 views

ROS-20250924-08

A vulnerability in the LZW decoder of the GdkPixbufc image loading library is related to information disclosure. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information. information GdkPixbufs image loading library vulnerability is related to...

7.5CVSS7.8AI score0.01051EPSS
Exploits0
Redos
Redos
•added 2025/09/24 12:0 a.m.•7 views

ROS-20250924-09

The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...

8.8CVSS8.1AI score0.0144EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•5 views

ROS-20250923-06

A vulnerability in the Apache Cassandra distributed database management system is related to improper privilege handling. Exploitation of the vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and availability of protected information. impact the...

8.8CVSS6.4AI score0.00469EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•4 views

ROS-20250923-02

Vulnerability in the setuid module of the Node.js software platform is related to context switching bugs privileges. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.3CVSS7.2AI score0.00893EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•4 views

ROS-20250923-01

The vulnerability in the Python programming language interpreter CPython is due to the fact that Cpython does not prohibits setting an empty list "" for SSLContext.setnpnprotocols, which is an invalid value for the OpenSSL base API when using NPN. Exploitation of the vulnerability could allow an...

6.5CVSS6.5AI score0.00744EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•6 views

ROS-20250923-13

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•2 views

ROS-20250923-21

A vulnerability in the Golang programming language is related to insufficient validation of the PATH environment variable in the LookPath. Exploitation of the vulnerability could allow a remote attacker to escalate privileges on the system...

6.5CVSS6.5AI score0.00489EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•5 views

ROS-20250923-23

Vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow a...

7.5CVSS8AI score0.01188EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•3 views

ROS-20250923-18

Vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow a...

7.5CVSS7.7AI score0.01188EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•4 views

ROS-20250923-16

Vulnerability in Zabbix universal monitoring system is related to incorrect authorization check in the hostprototype.get method in Zabbix API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information. remotely to gain access to...

3.5CVSS6.5AI score0.00169EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•4 views

ROS-20250923-04

A vulnerability in the Python programming language interpreter CPython is related to insufficient validation of user data in Lib/email/headervalueparser.py. user data in Lib/email/headervalueparser.py. Exploitation of the vulnerability could allow an attacker acting remotely to execute a spoofing...

2.3CVSS5.6AI score0.00575EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•6 views

ROS-20250923-05

A vulnerability in the sqlite3dbconfig function of the sqlite3.c file of the SQLite database management system is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service via the sznBig parameter...

5.6CVSS5.8AI score0.00179EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•4 views

ROS-20250923-03

A vulnerability in the Python programming language interpreter CPython is related to insufficient validation of user data in Lib/email/headervalueparser.py. user data in Lib/email/headervalueparser.py. Exploitation of the vulnerability could allow an attacker acting remotely to execute a spoofing...

2.3CVSS5.6AI score0.00575EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•5 views

ROS-20250923-11

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•3 views

ROS-20250923-10

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•2 views

ROS-20250923-09

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•3 views

ROS-20250923-17

Vulnerability in Zabbix universal monitoring system is related to incorrect authorization check in the hostprototype.get method in Zabbix API. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information. remotely to gain access to...

3.5CVSS6.5AI score0.00169EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•5 views

ROS-20250923-14

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•2 views

ROS-20250923-15

Vulnerability of LDAP protocol implementation of Samba networking software package is related to flaws in access control list ACL based access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...

7.5CVSS6.9AI score0.00484EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•6 views

ROS-20250923-12

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•2 views

ROS-20250923-08

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•3 views

ROS-20250923-19

A vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible Name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow ...

7.5CVSS7.7AI score0.01188EPSS
Exploits0
Redos
Redos
•added 2025/09/23 12:0 a.m.•2 views

ROS-20250923-42

Vulnerability of the cURL command line utility's implementation of HTTP "chaining" compression mechanisms is related to the following the possibility to perform an infinite number of steps of HTTP server responses decompression, which will lead to uncontrolled memory consumption. uncontrolled...

6.5CVSS7.1AI score0.01703EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•3 views

ROS-20250923-22

A vulnerability in the curl program is related to a state issue with parallel processing of multiple transactions, resulting in ignoring HSTS support. Exploitation of the vulnerability could allow an attacker acting remotely to execute a MitM attack Vulnerability in the implementation of HTTP...

6.5CVSS6.6AI score0.01703EPSS
Exploits1
Redos
Redos
•added 2025/09/23 12:0 a.m.•4 views

ROS-20250923-07

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-04

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the null pointer dereferencing. null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information. remotely to...

8.8CVSS6.8AI score0.00375EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-05

The MinIO object storage server vulnerability is related to a client key trust error if the public key matches the sshPublicKey attribute. Exploitation of the vulnerability could allow an attacker acting remotely to bypass authentication and gain unauthorized access to the server. remotely to...

8.7CVSS7.1AI score0.02421EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-03

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the null pointer dereferencing. null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information. remotely to...

8.8CVSS6.8AI score0.00375EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•1 views

ROS-20250922-02

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect code generation control. code generation control. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability in Mozilla Firefox, Firefox ESR...

8.8CVSS7.3AI score0.00326EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-01

Vulnerability in Mozilla Firefox and Firefox ESR browsers, Thunderbird mail client is related to an operation exceeding the buffer boundaries when processing XPath expressions. operation exceeds buffer boundaries in memory when processing XPath expressions. Exploitation of the vulnerability could...

8.1CVSS8AI score0.00419EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•3 views

ROS-20250922-10

A vulnerability in the getpeername function of the WSGI server for python Waitress is related to the non-release of a resource after a valid exploitation period has expired. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.8AI score0.01386EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•3 views

ROS-20250922-07

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding the memory buffer boundaries as a result of an integer overflow. operation out of buffer boundaries in memory as a result of integer overflow. Exploitation of the vulnerability coul...

5.9CVSS7.1AI score0.00663EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-06

A vulnerability in the RabbitMQ messaging and streaming broker is related to insufficient cleansing of user-supplied data in an error message in the management interface. Exploitation of the vulnerability could allow an attacker acting remotely to perform cross-site scripting...

6.1CVSS6.9AI score0.00203EPSS
Exploits0
Redos
Redos
•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-08

Twisted Web HTTP 1.1 server vulnerability in the twisted.web.http module of the Twisted networking framework is related to the HTTP request processing flaws. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data. remotely to gain access to...

8.3CVSS6.8AI score0.03608EPSS
Exploits1
Redos
Redos
•added 2025/09/22 12:0 a.m.•3 views

ROS-20250922-09

The Unbound DNS server vulnerability is related to the fact that the application does not properly control the consumption of internal resources when processing responses with very large resource sets RRsets. internal resources when processing responses with very large resource sets RRsets...

5.3CVSS6.8AI score0.00806EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•3 views

ROS-20250912-12

A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the lack of blocking access to the local file specified in the link URL. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to confidential data...

5.3CVSS6.7AI score0.00398EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•3 views

ROS-20250912-11

Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...

8.8CVSS8.3AI score0.01056EPSS
Exploits0
Total number of security vulnerabilities8181