Lucene search
K

8181 matches found

Redos
Redos
•added 2025/09/12 12:0 a.m.•3 views

ROS-20250912-13

A vulnerability in OpenBao's secret management and encryption system is related to an unexpected normalization in the in the TOTP base library. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data A vulnerability in the OpenBao secret management and encryptio...

9.1CVSS7.2AI score0.00346EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•2 views

ROS-20250912-14

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

6.5CVSS6.7AI score0.00775EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•5 views

ROS-20250912-16

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

6.5CVSS6.7AI score0.00775EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•3 views

ROS-20250912-15

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

6.5CVSS6.7AI score0.00775EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•2 views

ROS-20250912-17

Vulnerability in the HTTP2 handler of Apache Tomcat application server is related to incorrect release of a resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.7AI score0.03389EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•2 views

ROS-20250912-19

Vulnerability in the HTTP2 handler of Apache Tomcat application server is related to incorrect release of a resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.7AI score0.03389EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•1 views

ROS-20250912-10

Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...

8.8CVSS8.3AI score0.01056EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•6 views

ROS-20250912-08

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•2 views

ROS-20250912-07

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•6 views

ROS-20250912-09

Vulnerability in the implementation of the CORS mechanism of the Python PyPi language software product repository is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information. remotely to disclose protected...

7.5CVSS5.3AI score0.00677EPSS
Exploits5
Redos
Redos
•added 2025/09/12 12:0 a.m.•5 views

ROS-20250912-06

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•3 views

ROS-20250912-03

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•5 views

ROS-20250912-02

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•2 views

ROS-20250912-18

Vulnerability in the HTTP2 handler of Apache Tomcat application server is related to incorrect release of a resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.7AI score0.03389EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•6 views

ROS-20250912-05

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•7 views

ROS-20250912-04

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/12 12:0 a.m.•5 views

ROS-20250912-01

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•7 views

ROS-20250911-06

Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...

7.3CVSS7.9AI score0.02608EPSS
Exploits1
Redos
Redos
•added 2025/09/11 12:0 a.m.•7 views

ROS-20250911-07

A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to affect the integrity, availability, and confidentiality of protected information. confidentiality of...

8.1CVSS6.4AI score0.00441EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•5 views

ROS-20250911-03

A vulnerability in the GIMP graphical editor is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A vulnerability in the GIMP graphical editor is related to an operation exceeding buffer boundaries in memory when...

7.8CVSS8.2AI score0.0715EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•4 views

ROS-20250911-11

A vulnerability in Cloud-init cloud server configuration tool is related to incorrect assignment of permissions for a critical resource. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the Cloud-Init cloud virtual machine provisioning too...

8.8CVSS6.5AI score0.00203EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•2 views

ROS-20250911-10

A vulnerability in the lib/utils/ghash/ghash.cpp component of the Botan cryptographic library is related to the disclosure of information through an inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

5.9CVSS6.5AI score0.00546EPSS
Exploits1
Redos
Redos
•added 2025/09/11 12:0 a.m.•6 views

ROS-20250911-05

Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...

7.3CVSS7.9AI score0.02608EPSS
Exploits1
Redos
Redos
•added 2025/09/11 12:0 a.m.•5 views

ROS-20250911-12

Vulnerabilities in GLPI's asset management and data center management software are related to improper privilege management. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...

7.5CVSS6.9AI score0.00332EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•7 views

ROS-20250911-04

Vulnerability in the pathInfo URI component of Apache Tomcat application server is related to incorrect register handling. register handling. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security restrictions...

7.3CVSS7.9AI score0.02608EPSS
Exploits1
Redos
Redos
•added 2025/09/11 12:0 a.m.•8 views

ROS-20250911-02

Vulnerability of the rterawcksummbuf function of the vhost library of the DPDK suite of libraries and drivers for fast packet processing is related to the operation exceeding the memory buffer boundary while processing the len parameter. DPDK packet processing is related to the operation exceedin...

7.4CVSS7.4AI score0.00551EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•3 views

ROS-20250911-01

A vulnerability in the DNS load balancer and proxy for DNS traffic DNSdist is related to the assertion of availability when support for inbound DNS over HTTPS is enabled using the nghttp2 provider, and requests are are routed to a TCP-only backend or DNS over TLS. Exploitation of the vulnerabilit...

7.5CVSS7.3AI score0.01078EPSS
Exploits0
Redos
Redos
•added 2025/09/11 12:0 a.m.•7 views

ROS-20250911-09

A vulnerability in the Apache Commons FileUpload library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.6AI score0.64718EPSS
Exploits1
Redos
Redos
•added 2025/09/10 12:0 a.m.•3 views

ROS-20250910-01

A vulnerability in the GNU screen terminal multiplexer's logfilereopen function is related to the execution of an operation before privilege reset. Exploitation of the vulnerability could allow an attacker to write data to an arbitrary file with root privileges. data to an arbitrary file with roo...

7.8CVSS7.4AI score0.00213EPSS
Exploits0
Redos
Redos
•added 2025/09/10 12:0 a.m.•4 views

ROS-20250910-02

A vulnerability in the Hints::Hints poppler/Hints.cc function of the Poppler PDF display library is related to a resource release error. with resource release errors. Exploitation of the vulnerability allows an attacker acting remotely, to cause a denial of service using a specially crafted PDF...

6.9CVSS6.8AI score0.01547EPSS
Exploits3
Redos
Redos
•added 2025/09/10 12:0 a.m.•5 views

ROS-20250910-03

Vulnerability of Poppler PDF rendering library is related to lack of object threads cleanup PDF when cairodebugresetstaticdata is called. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...

2.9CVSS6.3AI score0.00213EPSS
Exploits0
Redos
Redos
•added 2025/09/10 12:0 a.m.•4 views

ROS-20250910-05

Vulnerability of the library for working with DICOM DCMTK format is related to dereferencing of the NULL pointer in the /libsrc/dcrleccd.cc component using a created DICOM file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability ...

8.1CVSS7AI score0.01692EPSS
Exploits4
Redos
Redos
•added 2025/09/10 12:0 a.m.•5 views

ROS-20250910-04

AV3DVirtAnnot vulnerability in Adobe Acrobat Document Cloud PDF viewers and editors. Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat 2024, Adobe Acrobat Reader 2020 is related to the ability to use memory after it has been freed. Exploitation of the vulnerability cou...

8.8CVSS8.8AI score0.00667EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•5 views

ROS-20250908-08

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

5.9CVSS7.2AI score0.00551EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•2 views

ROS-20250908-11

The vulnerability in the Ruby interpreter is related to the fact that the application does not control internal resource consumption when processing DNS packets properly. resources when processing DNS packets properly. Exploitation of the vulnerability could allow an attacker, acting locally to...

7.5CVSS6.4AI score0.00539EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•5 views

ROS-20250908-09

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

4.8CVSS7.2AI score0.00381EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•4 views

ROS-20250908-02

A vulnerability in the doContent function of the xmlparse.c file of the XML parser library libexpat is related to a post-release exploit. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS9.5AI score0.01659EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•3 views

ROS-20250908-12

A vulnerability in the code generation library for transferring data between different Mapstruct entities is related to a decoding helper call that outputs the original value of a confidential field. Exploitation of the of the vulnerability could allow an attacker acting remotely to gain access t...

6.5CVSS6AI score0.02428EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•5 views

ROS-20250908-10

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

4.8CVSS7.2AI score0.00381EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•3 views

ROS-20250908-01

A vulnerability in the Expat XML parsing library is related to incorrect restriction of XML references to external objects. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. sensitive data,...

6.8CVSS8.7AI score0.19433EPSS
Exploits1
Redos
Redos
•added 2025/09/08 12:0 a.m.•4 views

ROS-20250908-07

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

5.9CVSS7.2AI score0.00551EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•3 views

ROS-20250908-06

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

5.6CVSS6.1AI score0.00549EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•6 views

ROS-20250908-04

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

5.6CVSS6.1AI score0.00549EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•4 views

ROS-20250908-05

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

5.6CVSS6.1AI score0.00549EPSS
Exploits0
Redos
Redos
•added 2025/09/08 12:0 a.m.•3 views

ROS-20250908-03

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

5.6CVSS6.1AI score0.00549EPSS
Exploits0
Redos
Redos
•added 2025/09/05 12:0 a.m.•4 views

ROS-20250905-12

The Netty networking software vulnerability is related to the fact that the application does not properly control the consumption of internal resources when processing HTTP/2 requests. consumption of internal resources when processing HTTP/2 requests. Exploitation of the vulnerability could allow...

8.2CVSS6.9AI score0.00979EPSS
Exploits1
Redos
Redos
•added 2025/09/05 12:0 a.m.•5 views

ROS-20250905-08

A vulnerability in the package manager for Kubernetes Helm is related to the creation of a JSON schema file in such a way, that Helm could use all available memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A batch manager vulnerabili...

6.5CVSS6.9AI score0.00311EPSS
Exploits0
Redos
Redos
•added 2025/09/05 12:0 a.m.•4 views

ROS-20250905-07

A vulnerability in the user locking mechanism of the Vault Enterprise and Vault Community Edition enterprise data archiving platforms is due to the application not performing the correct normalization of the application. Enterprise and Vault Community Edition is related to the fact that the...

9.1CVSS7.2AI score0.00867EPSS
Exploits0
Redos
Redos
•added 2025/09/05 12:0 a.m.•6 views

ROS-20250905-03

A vulnerability in the socket.c component of the GNU Screen window manager is related to incorrect assignment of permissions for a critical resource. permissions for a critical resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

6.5CVSS6.9AI score0.0054EPSS
Exploits3
Redos
Redos
•added 2025/09/05 12:0 a.m.•4 views

ROS-20250905-01

A vulnerability in the Python library responsible for interacting with various image storage backends python-glance-store is related to the fact that the package registers an accesskey for Glance-store when the DEBUG log level is enabled. DEBUG log level. Exploitation of the vulnerability could...

5.5CVSS7AI score0.00226EPSS
Exploits0
Total number of security vulnerabilities8181