Lucene search
K

8181 matches found

Redos
Redos
•added 2025/08/26 12:0 a.m.•6 views

ROS-20250826-03

Vulnerability of WEBrick library of Ruby programming language interpreter is related to incorrect checking of HTTP requests in the readheader method. HTTP requests in the readheader method. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform HTTP request spoofin...

6.5CVSS7.2AI score0.00422EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•2 views

ROS-20250826-01

The Cyrus IMAP mail server vulnerability is related to an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by sending multiple literals in a single command Cyrus IMAP mail server vulnerability is related...

7.5CVSS7.4AI score0.0307EPSS
Exploits0
Redos
Redos
•added 2025/08/26 12:0 a.m.•5 views

ROS-20250826-04

Vulnerability of Wireshark computer network traffic analyzer related to insufficient validation of user data in the column utility module of the Dissection engine. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the CBOR...

7.8CVSS7.1AI score0.00299EPSS
Exploits1
Redos
Redos
•added 2025/08/26 12:0 a.m.•5 views

ROS-20250826-06

Vulnerability of SetQuantumFormat function of ImageMagick console graphic editor is related to incorrect calculation of buffer size when processing received packets. calculation of buffer size when processing received packets. Exploitation of the vulnerability may allow an attacker to cause a...

7.5CVSS7.2AI score0.00481EPSS
Exploits0
Redos
Redos
•added 2025/08/25 12:0 a.m.•4 views

ROS-20250825-02

A vulnerability in the Nokogiri program library of the Ruby interpreter is related to improper handling of an an unexpected data type. Exploitation of the vulnerability could allow an attacker, acting remotely, disclose protected information or cause a denial of service A vulnerability in the...

8.2CVSS7.3AI score0.02886EPSS
Exploits1
Redos
Redos
•added 2025/08/25 12:0 a.m.•6 views

ROS-20250825-07

A vulnerability in the PHP adodb class library involves improper escaping of a query parameter. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL statements. SQL statements,...

10CVSS8.3AI score0.00468EPSS
Exploits0
Redos
Redos
•added 2025/08/25 12:0 a.m.•3 views

ROS-20250825-05

A vulnerability in the Ruby Sinatra web application development framework is related to a flaw in limiting the name of the of the directory path. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data...

7.5CVSS7.2AI score0.02059EPSS
Exploits0
Redos
Redos
•added 2025/08/25 12:0 a.m.•4 views

ROS-20250825-04

A vulnerability in ASGI Starlette toolkit for creating asynchronous Python web services is related to blocking the main thread for transferring a file to disk. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.1AI score0.0053EPSS
Exploits0
Redos
Redos
•added 2025/08/25 12:0 a.m.•3 views

ROS-20250825-03

The OpenSSH cryptographic security tool server vulnerability is related to a server modification to support the authentication option. Exploitation of the vulnerability could allow an attacker acting remotely execute a MITM attack...

3.7CVSS7.2AI score0.01677EPSS
Exploits0
Redos
Redos
•added 2025/08/25 12:0 a.m.•3 views

ROS-20250825-08

A vulnerability in the Iperf3 network bandwidth measurement tool is related to an achievable assertion in the iperfauth.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the Iperf3 network bandwidth measurement...

10CVSS8.1AI score0.004EPSS
Exploits0
Redos
Redos
•added 2025/08/25 12:0 a.m.•3 views

ROS-20250825-06

A vulnerability in the Aggregate Term Handler component of the SQLite database management system is related to errors in the numeric truncation errors. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of the SQLit...

7.7CVSS7.1AI score0.73495EPSS
Exploits3
Redos
Redos
•added 2025/08/25 12:0 a.m.•3 views

ROS-20250825-01

Vulnerability of Srio archiving utility is related to errors in TAR file header verification. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.3CVSS7.3AI score0.00686EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•9 views

ROS-20250822-07

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

7.5CVSS6.4AI score0.00693EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•4 views

ROS-20250822-01

A vulnerability in the Kea open source DHCP server is related to the use of an unreliable search path. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...

7.8CVSS6.3AI score0.00235EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•3 views

ROS-20250822-02

A vulnerability in the dom4j open source Java library for XML, XPath and XSLT is related to the improper cleansing of elements and attribute names in XML documents. Exploitation of the vulnerability could Allow an attacker acting remotely to launch an XXE attack on the target system...

7.5CVSS6.5AI score0.0657EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•3 views

ROS-20250822-06

Vulnerability in Moodle virtual learning environment related to user session hijacking via the sesskey. Exploitation of the vulnerability could allow an attacker acting remotely to obtain sensitive data...

4.2CVSS6.1AI score0.00261EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•5 views

ROS-20250822-18

A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...

8.1CVSS8.2AI score0.01058EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•4 views

ROS-20250822-17

A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...

8.1CVSS8.2AI score0.01058EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•5 views

ROS-20250822-20

Vulnerability in GPAC multimedia platform, related to manipulation of baseiniturl argument, resulting in the dereferencing of a null pointer. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a denial of service...

6.9CVSS5.1AI score0.00871EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•7 views

ROS-20250822-16

A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...

8.1CVSS8.2AI score0.01058EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•5 views

ROS-20250822-14

A vulnerability in a library for XSLT conversion of XML documents to other formats is related to a type confusion bug in xmlNode.psvi. type confusion bug in xmlNode.psvi. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

7.5CVSS7AI score0.012EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•3 views

ROS-20250822-15

Package manager vulnerability for Helm is related to local code execution when updating dependencies. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

8.6CVSS8.4AI score0.00363EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•8 views

ROS-20250822-22

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
Redos
Redos
•added 2025/08/22 12:0 a.m.•5 views

ROS-20250822-19

A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...

8.1CVSS8.2AI score0.01058EPSS
Exploits1
Redos
Redos
•added 2025/08/22 12:0 a.m.•10 views

ROS-20250822-21

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
Redos
Redos
•added 2025/08/22 12:0 a.m.•10 views

ROS-20250822-23

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
Redos
Redos
•added 2025/08/22 12:0 a.m.•6 views

ROS-20250822-11

A vulnerability in the HPACK decoder of Golang programming is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting locally to cause a denial of service...

7.5CVSS6.7AI score0.04561EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•8 views

ROS-20250822-09

The vulnerability of the package designed to work with JSON Web Tokens jwt-go is related to incorrect checking of the data when processing data transmitted via m"aud". Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the authentication process...

7.5CVSS6.2AI score0.02158EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•10 views

ROS-20250822-08

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

7.5CVSS6.4AI score0.00693EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•4 views

ROS-20250822-05

Apache Tomcat application server vulnerability related to bypassing the authentication procedure through the use of an alternate path or channel. using an alternate path or channel. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of...

7.5CVSS7.8AI score0.03163EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•8 views

ROS-20250822-24

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

7.5CVSS7AI score0.00953EPSS
Exploits2
Redos
Redos
•added 2025/08/22 12:0 a.m.•3 views

ROS-20250822-04

Apache Tomcat application server vulnerability related to bypassing the authentication procedure through the use of an alternate path or channel. using an alternate path or channel. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of...

7.5CVSS7.8AI score0.03163EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•4 views

ROS-20250822-03

SafeHtml validator vulnerability in Hibernate Validator library is related to failure to take measures to protect web page structure when processing HTML content. web page structure when processing HTML content. Exploitation of the vulnerability could allow an attacker acting remotely to conduct...

6.5CVSS6.9AI score0.02167EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•5 views

ROS-20250822-12

Vulnerability of http2 package of Go programming language is related to uncontrolled server resources consumption as a result of resetting Server.MaxConcurrentStreams parameter during request stream processing. as a result of resetting the Server.MaxConcurrentStreams parameter when processing a...

7.5CVSS6.8AI score0.03796EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•4 views

ROS-20250822-10

Vulnerability in clientgolang library of Prometheus event monitoring and notification application is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

7.5CVSS8.4AI score0.05994EPSS
Exploits0
Redos
Redos
•added 2025/08/22 12:0 a.m.•9 views

ROS-20250822-13

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.9AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2025/08/21 12:0 a.m.•5 views

ROS-20250821-02

A vulnerability in the BinaryStreamDriver component of the Java library for converting objects to XML or JSON XStream format is related to a buffer overflow on the stack from a manipulated binary input stream. Exploitation of the vulnerability could allow an attacker acting remotely to perform a...

7.5CVSS7.8AI score0.02015EPSS
Exploits0
Redos
Redos
•added 2025/08/21 12:0 a.m.•9 views

ROS-20250821-08

A vulnerability in the TCPDF PHP library is related to reading arbitrary files from the server's file system via the src tag. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information. information Vulnerability in TCPDF PHP library is related to improper...

7.5CVSS8.4AI score0.01325EPSS
Exploits3
Redos
Redos
•added 2025/08/21 12:0 a.m.•4 views

ROS-20250821-04

Vulnerability in libsoup library is related to disclosure of system data to unauthorized parties. Exploitation exploitation of the vulnerability could allow a remote attacker to disclose protected information. GNOME GUI libsoup library vulnerability is related to asymmetric resource consumption...

7.5CVSS8.2AI score0.00729EPSS
Exploits0
Redos
Redos
•added 2025/08/21 12:0 a.m.•6 views

ROS-20250821-06

A vulnerability in the Perl programming language is related to the race condition if a directory descriptor is opened when the thread is created. Exploitation of the vulnerability could allow an attacker to interfere with the application's behavior...

5.9CVSS7.1AI score0.00368EPSS
Exploits0
Redos
Redos
•added 2025/08/21 12:0 a.m.•4 views

ROS-20250821-07

A vulnerability in the cJSON parser is due to the fact that parsestring has a heap-based buffer, rereadable through "1":1, with no terminating newline character if cJSONParseWithLength is called. Exploitation of the of the vulnerability could allow an attacker acting remotely to gain access to...

5.5CVSS7.3AI score0.00219EPSS
Exploits1
Redos
Redos
•added 2025/08/21 12:0 a.m.•3 views

ROS-20250821-03

EMACS text editor vulnerability exists due to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

8.8CVSS7.3AI score0.02657EPSS
Exploits0
Redos
Redos
•added 2025/08/21 12:0 a.m.•4 views

ROS-20250821-01

WSGI server gunicorn vulnerability is related to flaws in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the existing security restrictions and execute an HTTP request smuggling attack...

7.5CVSS7.4AI score0.02996EPSS
Exploits0
Redos
Redos
•added 2025/08/21 12:0 a.m.•6 views

ROS-20250821-05

Vulnerability of the open source library Abseil-cpp for C++ standard library extension is related to failure to set an upper bound for its size argument in reserve and rehash functions. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential...

9.8CVSS7.1AI score0.00563EPSS
Exploits0
Redos
Redos
•added 2025/08/19 12:0 a.m.•4 views

ROS-20250819-13

A vulnerability in Salt's configuration management and remote execution system is related to the overwriting of the of the VirtKey class. Exploitation of the vulnerability could allow an attacker to bypass security restrictions. security Vulnerability in the system of configuration management and...

9.6CVSS7.8AI score0.00982EPSS
Exploits0
Redos
Redos
•added 2025/08/19 12:0 a.m.•2 views

ROS-20250819-11

Vulnerability of configuration management and remote Salt operations execution system is related to incorrect input data validation in the findfile method of the GitFS class. Exploitation of the vulnerability could allow an attacker to manipulate files and directories Vulnerability in the Salt...

9.6CVSS7AI score0.00982EPSS
Exploits0
Redos
Redos
•added 2025/08/19 12:0 a.m.•3 views

ROS-20250819-12

Vulnerability of configuration management and remote Salt operations execution system is related to incorrect input data validation in the findfile method of the GitFS class. Exploitation of the vulnerability could allow an attacker to manipulate files and directories Vulnerability in the Salt...

9.6CVSS7.7AI score0.00982EPSS
Exploits0
Redos
Redos
•added 2025/08/19 12:0 a.m.•9 views

ROS-20250819-05

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of restricted directory. Python programming language interpreter CPython functions TarFile.extractall and...

9.4CVSS5.9AI score0.01184EPSS
Exploits11
Redos
Redos
•added 2025/08/19 12:0 a.m.•5 views

ROS-20250819-09

Vulnerability of libxml2 library's xmlSchematronFormatReport function is related to reading data outside of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted XML file Vulnerability in the...

9.1CVSS6.3AI score0.01437EPSS
Exploits0
Redos
Redos
•added 2025/08/19 12:0 a.m.•3 views

ROS-20250819-10

The cJSON parser vulnerability is related to the error of dereferencing a null pointer in the function cJSONSetValuestring in cJSON.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the cJSONSetValuestring function of the...

7.6CVSS5.6AI score0.00961EPSS
Exploits2
Total number of security vulnerabilities8181