Lucene search
K

8181 matches found

Redos
Redos
•added 2025/08/08 12:0 a.m.•4 views

ROS-20250808-07

The vulnerability in the GoBGP border gateway protocol is related to the lack of input data length conformance checking. where all bytes are available for an RTR message. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service A vulnerability in the...

9.8CVSS4.7AI score0.00744EPSS
Exploits0
Redos
Redos
•added 2025/08/08 12:0 a.m.•6 views

ROS-20250808-06

A vulnerability in the Golang programming language is related to the handling of untrusted version control system VCS repositories that contain malicious configuration. Version Control System VCS repositories containing malicious configuration. Exploitation of the vulnerability could allow an...

8.6CVSS6.7AI score0.00273EPSS
Exploits0
Redos
Redos
•added 2025/08/07 12:0 a.m.•3 views

ROS-20250807-01

A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...

7.5CVSS6.6AI score0.01067EPSS
Exploits1
Redos
Redos
•added 2025/08/07 12:0 a.m.•6 views

ROS-20250807-02

The vulnerability of the Podman OCI container management and launching software tool is related to errors in the in the certificate authentication procedure. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...

8.3CVSS6.4AI score0.00397EPSS
Exploits0
Redos
Redos
•added 2025/08/07 12:0 a.m.•5 views

ROS-20250807-05

The vulnerability of the RESTEasy software tool is related to incorrect input data validation, leading to the return of an invalid header that is integrated into the server response. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code A vulnerabilit...

7.5CVSS7.2AI score0.02023EPSS
Exploits1
Redos
Redos
•added 2025/08/07 12:0 a.m.•5 views

ROS-20250807-03

Libjxl library vulnerability is related to boundary conditions when working with EXIF files. Exploitation The vulnerability could allow a remote attacker to gain access to potentially sensitive information...

9.1CVSS9.2AI score0.00802EPSS
Exploits0
Redos
Redos
•added 2025/08/07 12:0 a.m.•8 views

ROS-20250807-04

Git distributed version control system vulnerability in software development tools Microsoft Visual Studio is related to the use of an unreliable search path when spell checking of cloned repositories. Exploitation of the vulnerability could allow an attacker to execute arbitrary code when clonin...

8.6CVSS8AI score0.02775EPSS
Exploits10
Redos
Redos
•added 2025/08/07 12:0 a.m.•4 views

ROS-20250807-06

Vulnerability in vim text editor is related to input validation errors when processing directory traversal sequences in the tar.vim plugin. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in vim text editor is related to input validation errors wh...

4.1CVSS7.7AI score0.00731EPSS
Exploits2
Redos
Redos
•added 2025/08/06 12:0 a.m.•4 views

ROS-20250806-02

A vulnerability in the modauthopenidc module of the Apache HTTP Server HTTPD web server is related to insufficient user data validation when OIDCPreservePost is enabled in modauthopenidc. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.5AI score0.01214EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•9 views

ROS-20250806-01

Squid proxy server vulnerability is related to buffer overflow in dynamic memory when processing URN headers. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted HTTP requests. arbitrary code by sending specially crafted HTTP...

9.8CVSS7.7AI score0.22744EPSS
Exploits1
Redos
Redos
•added 2025/08/06 12:0 a.m.•8 views

ROS-20250806-12

A vulnerability in the mtr network diagnostic tool is related to improper handling of an item specified in the MTRPACKET environment variable. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

7.8CVSS6.1AI score0.00142EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•5 views

ROS-20250806-09

A vulnerability in the MongoDB database management system server is related to excessive iteration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service MongoDB database management system vulnerability is related to the fact that the software stor...

8.8CVSS8AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•4 views

ROS-20250806-05

A vulnerability in the Job Invocation component of tfm-rubygem-foremanansible is related to data manipulation. Exploitation of the vulnerability could allow an attacker acting remotely to view the job invocation, searching for passwords and other sensitive data...

6.5CVSS6AI score0.00768EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•6 views

ROS-20250806-07

The libblockdev library vulnerability is related to file system mount and drive management as a result of incorrect access delimitation when accessing the udisks daemon. as a result of incorrect access delimitation when accessing the udisks daemon. Exploitation of the vulnerability could allow an...

7CVSS8.4AI score0.00423EPSS
Exploits18
Redos
Redos
•added 2025/08/06 12:0 a.m.•4 views

ROS-20250806-08

A vulnerability in the MongoDB database management system server is related to excessive iteration. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service MongoDB database management system vulnerability is related to the fact that the software stor...

8.8CVSS8AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•5 views

ROS-20250806-06

Vulnerability in the libxml2 XML file parsing library is related to boundary checking errors in the shell xmllint - shell.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

2.5CVSS7AI score0.0019EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•6 views

ROS-20250806-03

Vulnerability of network traffic analysis software tcpdump is related to boundary conditions in libpcap when reading pcapng. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.8CVSS5.8AI score0.00626EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•7 views

ROS-20250806-10

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by using a specially crafted HTML page A vulnerability in the V8...

8.8CVSS8.3AI score0.09185EPSS
Exploits5
Redos
Redos
•added 2025/08/06 12:0 a.m.•8 views

ROS-20250806-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of registration data. inadequate protection of login credentials. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to...

5.3CVSS4AI score0.00846EPSS
Exploits1
Redos
Redos
•added 2025/08/06 12:0 a.m.•7 views

ROS-20250806-04

Vulnerability of the Connector/J subcomponent of the MySQL Connectors driver of the Oracle database management system MySQL is related to insufficient access control. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected data...

8.8CVSS8.5AI score0.03742EPSS
Exploits0
Redos
Redos
•added 2025/08/06 12:0 a.m.•10 views

ROS-20250806-13

Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the crypto-elliptic component of the Golang programming language is related to the...

9.1CVSS8.5AI score0.00856EPSS
Exploits2
Redos
Redos
•added 2025/08/04 12:0 a.m.•4 views

ROS-20250804-02

A vulnerability in Apache Kafka Message Manager is related to flaws in the deserialization mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in sasl.oauthbearer.token.endpoint.url and sasl.oauthbearer.jwks.endpoint.url client...

8.8CVSS7.6AI score0.62368EPSS
Exploits2
Redos
Redos
•added 2025/08/04 12:0 a.m.•8 views

ROS-20250804-03

Vulnerability of NCompress::NRar5::CDecoder method of RAR5 decoder of 7-Zip archiver is related to possibility of heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability of NArchive::NCom::CHandler::GetStream metho...

7.5CVSS6.3AI score0.00635EPSS
Exploits2
Redos
Redos
•added 2025/08/04 12:0 a.m.•8 views

ROS-20250804-04

Vulnerability of the vsockremovesock function of the net/vmwvsock/afvsock.c module of the Linux kernel network functions implementation of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an intruder to affect the...

7.8CVSS7.5AI score0.00844EPSS
Exploits3
Redos
Redos
•added 2025/08/04 12:0 a.m.•7 views

ROS-20250804-01

A vulnerability in the cURL command line utility interface is related to the allocation of unlimited memory when processing HTTP headers. HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6AI score0.62246EPSS
Exploits1
Redos
Redos
•added 2025/08/04 12:0 a.m.•3 views

ROS-20250804-21

A vulnerability in the cURL command line utility interface is related to the allocation of unlimited memory when processing HTTP headers. HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS7AI score0.62246EPSS
Exploits1
Redos
Redos
•added 2025/08/01 12:0 a.m.•7 views

ROS-20250801-01

A vulnerability in a set of add-on tools and libraries for the Go language designed to integrate with the OpenTelemetry, OpenTelemetry-Go Contrib is related to unconstrained and unregulated resource allocation when adding net.peer.sock.addr and net.peer.sock.port tags. regulation when adding...

7.5CVSS7.1AI score0.01592EPSS
Exploits0
Redos
Redos
•added 2025/08/01 12:0 a.m.•6 views

ROS-20250801-02

Vulnerability of vfiopcidevindenylist function of Linux kernel is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker to affect the integrity and availability of protected information...

7.5CVSS7.3AI score0.00196EPSS
Exploits0
Redos
Redos
•added 2025/07/31 12:0 a.m.•7 views

ROS-20250731-03

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

8.7CVSS7.4AI score0.02772EPSS
Exploits0
Redos
Redos
•added 2025/07/31 12:0 a.m.•5 views

ROS-20250731-04

A vulnerability in the Alerts & IRM service of the Grafana monitoring and surveillance platform is related to Insufficient protection of service data when connected to a DingDing contact point. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected...

7.6CVSS7.2AI score0.37565EPSS
Exploits0
Redos
Redos
•added 2025/07/31 12:0 a.m.•6 views

ROS-20250731-05

A vulnerability in the Moby open source container framework is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.2CVSS6.2AI score0.00152EPSS
Exploits0
Redos
Redos
•added 2025/07/31 12:0 a.m.•5 views

ROS-20250731-02

A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information...

9.8CVSS8.3AI score0.0124EPSS
Exploits0
Redos
Redos
•added 2025/07/31 12:0 a.m.•49 views

ROS-20250731-01

Vulnerability in the implementation of OAuth request signing logic for Python OAuthLib is due to insufficient user data validation in urivalidate functions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.5CVSS6.5AI score0.01258EPSS
Exploits1
Redos
Redos
•added 2025/07/30 12:0 a.m.•3 views

ROS-20250730-01

A vulnerability in the Navigations component of the Google Chrome and Microsoft Edge browsers is related to a flaw in the source validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions with a specially crafted HTML...

8.8CVSS6.8AI score0.00552EPSS
Exploits0
Redos
Redos
•added 2025/07/29 12:0 a.m.•4 views

ROS-20250729-07

A vulnerability in FreeIPA's centralized user identity management system is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges to the level of a domain administrator and impact the domain. remotely, escalate the...

9.1CVSS9.2AI score0.01827EPSS
Exploits1
Redos
Redos
•added 2025/07/29 12:0 a.m.•4 views

ROS-20250729-01

A vulnerability in the django.utils.html.urlize function of the Django web application software platform is related to an incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service A vulnerability in the Django w...

7.5CVSS5.4AI score0.25327EPSS
Exploits0
Redos
Redos
•added 2025/07/29 12:0 a.m.•3 views

ROS-20250729-06

A vulnerability in FreeIPA's centralized user identity management system is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges to the level of a domain administrator and impact the domain. remotely, escalate the...

9.1CVSS9.2AI score0.01827EPSS
Exploits1
Redos
Redos
•added 2025/07/29 12:0 a.m.•3 views

ROS-20250729-03

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

7.4CVSS7.2AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2025/07/29 12:0 a.m.•6 views

ROS-20250729-04

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

7.4CVSS7.2AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2025/07/29 12:0 a.m.•4 views

ROS-20250729-05

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

7.4CVSS7.2AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2025/07/29 12:0 a.m.•3 views

ROS-20250729-02

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

7.4CVSS7.2AI score0.0073EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•4 views

ROS-20250724-02

A vulnerability in the Cockpit server management system is related to the failure to clean data at the at the management level. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

7.3CVSS7.4AI score0.01181EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•3 views

ROS-20250724-03

A vulnerability in the Ansible configuration management system is related to the fact that the application allows the use a hostvars object to reference and execute template content. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security...

5.5CVSS6.7AI score0.00502EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•9 views

ROS-20250724-06

A vulnerability in the Ruby websocket-extensions module that supports the implementation of WebSocket extensions is related to spending quadratic time parsing a header containing an unclosed string parameter value, which is a repeating two-byte sequence of backslash and some of backslash and some...

7.5CVSS7.4AI score0.04404EPSS
Exploits1
Redos
Redos
•added 2025/07/24 12:0 a.m.•8 views

ROS-20250724-04

The vulnerability of the fstrflocaltime function of the jq functional programming language is related to the use of memory after its release. memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, affect the availability of protected information...

8.1CVSS5.9AI score0.00352EPSS
Exploits1
Redos
Redos
•added 2025/07/24 12:0 a.m.•5 views

ROS-20250724-10

A vulnerability in the LibSSH client authentication library is related to boundary conditions in the function sftphandle... Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information...

8.1CVSS6AI score0.02394EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•5 views

ROS-20250724-05

A vulnerability in the FCGI web server-application interaction library for Perl is related to the inclusion of code from libfcgi/fcgiapp.c that is prone to integer overflow. Exploitation of the vulnerability could Allow a remote attacker to execute arbitrary code on the target system...

5.3CVSS6.2AI score0.00516EPSS
Exploits1
Redos
Redos
•added 2025/07/24 12:0 a.m.•8 views

ROS-20250724-01

Vulnerability of amdgpucswaitallfences function in drivers/gpu/drm/amd/amdgpu/amdgpucs.c driver module amdgpu of AMD Radeon video cards in the Linux kernel is related to the reuse of previously released memory due to competitive access to the resource race condition. Exploitation of the...

7.8CVSS7AI score0.00319EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•4 views

ROS-20250724-08

A vulnerability in the Grafana monitoring and surveillance platform is related to insufficient input validation data when processing panel headers or names. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

2.7CVSS6.3AI score0.00394EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•7 views

ROS-20250724-07

A vulnerability in the Microsoft .NET software platform and Microsoft's software development tool Visual Studio is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

7.5CVSS7.7AI score0.0089EPSS
Exploits0
Total number of security vulnerabilities8181