Lucene search
K

8181 matches found

Redos
Redos
•added 2025/09/05 12:0 a.m.•6 views

ROS-20250905-02

A vulnerability in the twisted.web component of the Twisted networking framework is related to inconsistent interpretation of HTTP requests. interpretation of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely affect the integrity of protected information as ...

5.3CVSS6.8AI score0.00766EPSS
Exploits1
Redos
Redos
•added 2025/09/05 12:0 a.m.•2 views

ROS-20250905-06

A vulnerability in the Redis database management system DBMS server is related to unrestricted allocation of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service through repeated unauthenticated connections...

7.5CVSS7AI score0.00733EPSS
Exploits0
Redos
Redos
•added 2025/09/05 12:0 a.m.•8 views

ROS-20250905-04

A vulnerability in the radosgw daemon of the Ceph data storage system is related to insufficient authentication of the when processing JWT tokens. Exploitation of the vulnerability could allow an intruder acting remotely to bypass the authentication procedure...

8.1CVSS7.2AI score0.00192EPSS
Exploits0
Redos
Redos
•added 2025/09/05 12:0 a.m.•3 views

ROS-20250905-05

A vulnerability in the Redis database management system DBMS server is related to unrestricted allocation of resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service through repeated unauthenticated connections...

7.5CVSS7AI score0.00733EPSS
Exploits0
Redos
Redos
•added 2025/09/05 12:0 a.m.•2 views

ROS-20250905-11

A vulnerability in the MuPDF PDF viewer is related to infinite recursion in the mutool utility clean. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

6.5CVSS6.8AI score0.00384EPSS
Exploits1
Redos
Redos
•added 2025/09/05 12:0 a.m.•3 views

ROS-20250905-09

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

8.8CVSS7.9AI score0.00794EPSS
Exploits1
Redos
Redos
•added 2025/09/05 12:0 a.m.•3 views

ROS-20250905-10

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

8.8CVSS7.9AI score0.00794EPSS
Exploits1
Redos
Redos
•added 2025/09/04 12:0 a.m.•3 views

ROS-20250904-07

A vulnerability in a RAM computing platform consisting of a database and application server Tarantool is associated with an achievable assertion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

4.8CVSS4.2AI score0.00144EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•4 views

ROS-20250904-06

A vulnerability in the Protobuf Pure-Python structured data serialization library is related to uncontrolled recursion when analyzing unreliable data containing an arbitrary number of recursive groups, recursive messages, or series of SGROUP tags. Exploitation of the vulnerability could allow an...

8.2CVSS7.3AI score0.00281EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•2 views

ROS-20250904-02

The vulnerability of the corosync/pacemaker PCS program configuration utility is related to flaws in the procedure of of authentication. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges...

7.8CVSS7.6AI score0.00299EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•5 views

ROS-20250904-01

A vulnerability in the converter program that converts man pages to HTML man2html format is related to overwriting the the size parameter in the top fragment of the heap. Exploitation of the vulnerability could allow an attacker to perform an arbitrary writing to any memory location in the progra...

5.5CVSS5.3AI score0.00314EPSS
Exploits2
Redos
Redos
•added 2025/09/04 12:0 a.m.•5 views

ROS-20250904-05

Vulnerability of DNS load balancer and proxy for DNS traffic DNSdist is related to insufficient checking of incoming TCP connections from the client. of incoming TCP connections from the client. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS8.2AI score0.00592EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•2 views

ROS-20250904-03

Vulnerability of OpenH264 library decoding functions is related to buffer overflow in dynamic memory. memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code by sending a specially generated video file. arbitrary code by sending a specially...

8.6CVSS8.2AI score0.00639EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•4 views

ROS-20250904-04

The vulnerability of Module::Signature::verify function of Perl programming language is related to incorrect confirmation of cryptographic data signature. validation of cryptographic data signature. Exploitation of the vulnerability could allow an attacker, acting remotely, gain access to sensiti...

7.8CVSS7.7AI score0.00791EPSS
Exploits1
Redos
Redos
•added 2025/09/04 12:0 a.m.•3 views

ROS-20250904-09

Vulnerability in the IW44Image.cpp component of the library for viewing, creating, editing DjVu files DjVuLibre is related to errors of bounds checking when processing unreliable input data in method MMRDecoder::scanruns method. Exploitation of the vulnerability could allow an attacker acting...

8.4CVSS7AI score0.00741EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•5 views

ROS-20250904-11

A vulnerability in the Redis database management system DBMS server is related to an integer overflow in the buffer when executing commands that use the HyperLogLog algorithm. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted HLL...

7.8CVSS7.2AI score0.03877EPSS
Exploits4
Redos
Redos
•added 2025/09/04 12:0 a.m.•6 views

ROS-20250904-10

The vulnerability of the dpkg-deb command line utility included in the dpkg package is related to the peculiarities of processing of temporary files by the package manager when extracting them to a temporary directory. Exploitation vulnerability could allow an attacker acting remotely to cause a...

8.2CVSS6.5AI score0.00347EPSS
Exploits0
Redos
Redos
•added 2025/09/04 12:0 a.m.•4 views

ROS-20250904-12

Redis database management system DBMS vulnerability is related to uncontrolled memory allocation memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the Redis database management system DBMS server is related ...

7.8CVSS7.3AI score0.03877EPSS
Exploits4
Redos
Redos
•added 2025/09/04 12:0 a.m.•4 views

ROS-20250904-08

A vulnerability in a RAM computing platform consisting of a database and application server Tarantool is associated with an achievable assertion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

4.8CVSS4.2AI score0.00144EPSS
Exploits0
Redos
Redos
•added 2025/09/03 12:0 a.m.•3 views

ROS-20250903-01

A vulnerability in the bsonstrfreev function of the libbson library of the MongoDB database management system driver C Driver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to affect the integrity of protected information Vulnerability in bsonutf8validat...

8.4CVSS8.2AI score0.02137EPSS
Exploits0
Redos
Redos
•added 2025/09/03 12:0 a.m.•5 views

ROS-20250903-02

The vulnerability in the go-git library is related to input validation errors when processing directory traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to perform directory traversal attacks...

9.8CVSS7.1AI score0.01523EPSS
Exploits0
Redos
Redos
•added 2025/09/02 12:0 a.m.•3 views

ROS-20250902-01

A vulnerability in the Input component of the Linux kernel is related to a memory corruption in the function imspcuflashfirmware in drivers/input/misc/ims-pcu.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A vulnerability in the i2c component of...

7.8CVSS7AI score0.01345EPSS
Exploits8
Redos
Redos
•added 2025/08/29 12:0 a.m.•4 views

ROS-20250829-07

Vulnerability of OpenJPEG image encoding and decoding library is related to dereferencing of of a null pointer in openjp2/dwt.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

6.5CVSS6.8AI score0.00242EPSS
Exploits0
Redos
Redos
•added 2025/08/29 12:0 a.m.•5 views

ROS-20250829-05

The vulnerability of the GNU Bison universal parser generator is related to manipulation of the function obstackvprintfinternal of the obprintf.c. file. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.8AI score0.00019EPSS
Exploits0
Redos
Redos
•added 2025/08/29 12:0 a.m.•3 views

ROS-20250829-03

A vulnerability in the Golang programming language is related to a race condition when canceling a database query. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7CVSS6.8AI score0.00331EPSS
Exploits0
Redos
Redos
•added 2025/08/29 12:0 a.m.•5 views

ROS-20250829-02

Vulnerability of the ImageMagick console graphical editor related to size increase in the ReadOneMNGIMage. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in ImageMagick console graphical editor related to conversion from Log...

8.8CVSS6.7AI score0.00933EPSS
Exploits4
Redos
Redos
•added 2025/08/29 12:0 a.m.•3 views

ROS-20250829-04

A vulnerability in a network stack designed to manage Netavark container networks is related to the removal of the of the dns.podman search domain. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive information...

3.7CVSS6.7AI score0.0029EPSS
Exploits0
Redos
Redos
•added 2025/08/29 12:0 a.m.•3 views

ROS-20250829-06

Vault Enterprise and Vault Community Edition enterprise data archiving platforms have a vulnerability due to incorrect privilege assignment. Edition is related to incorrect privilege assignment. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges to ro...

7.2CVSS7.3AI score0.00487EPSS
Exploits0
Redos
Redos
•added 2025/08/29 12:0 a.m.•4 views

ROS-20250829-01

A vulnerability in the mount.cifs.c component of the CIFS network file system mount utility package cifs-utils of the Linux operating system is related to writing beyond buffer boundaries in memory. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.8CVSS7.1AI score0.00557EPSS
Exploits0
Redos
Redos
•added 2025/08/28 12:0 a.m.•2 views

ROS-20250828-07

A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to Vault and Vault Enterprise incorrectly validating the role-bound assertion of a role-based JSON Web Token JWT audience when using the Vault JWT authentication method, which prevented...

7.5CVSS6.8AI score0.00343EPSS
Exploits0
Redos
Redos
•added 2025/08/28 12:0 a.m.•4 views

ROS-20250828-04

A vulnerability in the Moodle virtual learning environment is related to insufficient cleanup of data provided by the by the user in the calendar event header when the event is deleted. Exploitation of the vulnerability could allow A remote attacker to perform cross-site scripting attacks A...

9.8CVSS5.7AI score0.00435EPSS
Exploits0
Redos
Redos
•added 2025/08/28 12:0 a.m.•3 views

ROS-20250828-05

The vulnerability of the GNU Tar archiver's implementation of the readheader function is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a Denial of service using a specially crafted inpu...

7.5CVSS6.3AI score0.03028EPSS
Exploits0
Redos
Redos
•added 2025/08/28 12:0 a.m.•5 views

ROS-20250828-01

A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before file access. before accessing a file. Exploitation of the vulnerability allows an attacker to bypass security restrictions A vulnerability in the CopyCoder component of the 7-Zip file archiver is...

6.5CVSS6.7AI score0.01703EPSS
Exploits2
Redos
Redos
•added 2025/08/28 12:0 a.m.•4 views

ROS-20250828-02

A vulnerability in the GNU Bison universal parser generator is related to double memory freeing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

3.6AI score0.00019EPSS
Exploits0
Redos
Redos
•added 2025/08/28 12:0 a.m.•3 views

ROS-20250828-03

The Apache Tomcat application server vulnerability is due to Apache Tomcat not setting the attribute "Secure" attribute for session cookie JSESSIONID when using RemoteIpFilter with requests, received from a reverse proxy server over HTTP and containing an X-Forwarded-Proto header set to on https...

4.3CVSS7.5AI score0.01831EPSS
Exploits0
Redos
Redos
•added 2025/08/28 12:0 a.m.•6 views

ROS-20250828-06

A vulnerability in the Verify component of the Go programming language is related to incorrect assignment of permissions for a critical resource. a critical resource. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security...

8.6CVSS8.8AI score0.00363EPSS
Exploits1
Redos
Redos
•added 2025/08/27 12:0 a.m.•5 views

ROS-20250827-01

Vulnerability of ComposeQueryMallocExMm riQuery.c function of Uriparser parser is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

5.9CVSS7.3AI score0.01316EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•3 views

ROS-20250827-02

A vulnerability in the command line utility for converting PDF documents QPDF is related to a heap buffer overflow in PlASCII85Decoder::write heap buffer overflow in PlASCII85Decoder::write. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

5.5CVSS7.7AI score0.01272EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•5 views

ROS-20250827-09

Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding the memory buffer boundaries. operation outside of the memory buffer. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity,...

9.8CVSS7.2AI score0.00472EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•4 views

ROS-20250827-06

A vulnerability in the pbkdf2 library of the Node.js software platform is related to a flaw in the input data validation mechanism. of input data. Exploitation of the vulnerability could allow an attacker acting remotely to forge a digital signature by sending specially crafted packets...

9.1CVSS7AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•5 views

ROS-20250827-08

Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding the memory buffer boundaries. operation outside of the memory buffer. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity,...

9.8CVSS7.2AI score0.00472EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•5 views

ROS-20250827-07

A vulnerability in GLPI's asset management and data center management software is related to improper neutralization of HTML tags associated with scripts on a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code GLPI asset and data center...

6.5CVSS7.8AI score0.00214EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•5 views

ROS-20250827-03

A vulnerability in the resolveFile method of the Apache Commons VFS Virtual File System unified API for accessing different file systems is due to errors in the relative path handling of the directory when processing the relative path of the directory. Virtual File System method is related to...

7.5CVSS6.9AI score0.01277EPSS
Exploits0
Redos
Redos
•added 2025/08/27 12:0 a.m.•2 views

ROS-20250827-04

Vulnerability of ImageMagick console graphic editor related to the boundary check error in the function InterpretImageFilename. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information, gain access to confidential information Vulnerability of...

9.8CVSS7.6AI score0.00792EPSS
Exploits3
Redos
Redos
•added 2025/08/27 12:0 a.m.•4 views

ROS-20250827-05

A vulnerability in the Perl programming language is related to generating cnonce insecurely. Exploiting the vulnerability could allow an attacker to compromise the target system...

6.5CVSS7.2AI score0.00394EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•7 views

ROS-20250826-07

Glib library vulnerability is related to an overflow error when processing a long invalid ISO 8601 timestamp using the gdatetimenewfromiso8601 function. ISO 8601 timestamp using the gdatetimenewfromiso8601 function. Exploitation of the vulnerability could allow an an attacker to cause a denial of...

4.8CVSS8.2AI score0.00443EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•4 views

ROS-20250826-02

The vulnerability of the Diffie-Hellman key negotiation protocol is related to unnecessary public key checking in the Diffie-Hellman key negotiation protocol when using an approved secure prime number. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.5CVSS7AI score0.01083EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•4 views

ROS-20250826-09

Apache Tomcat application server vulnerability involves uncontrolled resource consumption. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service. Apache Tomcat application server vulnerability is related to integer overflow. Exploitation exploitation ...

7.5CVSS7.2AI score0.0196EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•4 views

ROS-20250826-08

Apache Tomcat application server vulnerability involves uncontrolled resource consumption. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service. Apache Tomcat application server vulnerability is related to integer overflow. Exploitation exploitation ...

7.5CVSS7.2AI score0.0196EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•6 views

ROS-20250826-05

A vulnerability in the DBI module of the Perl DBI database interface is related to improper assignment of permissions to a a critical resource. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, as well as cause a denial of service...

6.1CVSS7.3AI score0.00488EPSS
Exploits1
Total number of security vulnerabilities8181