Lucene search
K

8181 matches found

Redos
Redos
•added 2025/07/24 12:0 a.m.•7 views

ROS-20250724-07

A vulnerability in the Microsoft .NET software platform and Microsoft's software development tool Visual Studio is related to the use of an insecure search path. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

7.5CVSS7.7AI score0.0089EPSS
Exploits0
Redos
Redos
•added 2025/07/24 12:0 a.m.•5 views

ROS-20250724-09

A vulnerability in the urllib3 module of the Python programming language interpreter is related to incorrect implementation of the Redirect object when processing redirects and retries. implementation of the Redirect object when processing redirects and retries. Exploitation of the vulnerability...

6.1CVSS6AI score0.004EPSS
Exploits1
Redos
Redos
•added 2025/07/23 12:0 a.m.•6 views

ROS-20250723-01

The vulnerability of the PAM-PKCS11 authentication module of Linux operating systems is related to the fact that the value of the certpolicy defaults to "none". Exploitation of the vulnerability could allow an attacker acting remotely to bypass the authentication process. remotely to bypass the...

9.2CVSS7.8AI score0.00677EPSS
Exploits0
Redos
Redos
•added 2025/07/22 12:0 a.m.•7 views

ROS-20250722-04

Vulnerability of the glibc system library dlopen function is related to the use of an insecure search path for executable programs when processing the LDLIBRARYPATH variable. executable programs when processing the LDLIBRARYPATH variable. Exploitation of the vulnerability could allow an attacker...

7.8CVSS7.8AI score0.00422EPSS
Exploits1
Redos
Redos
•added 2025/07/22 12:0 a.m.•4 views

ROS-20250722-01

Vulnerability of the ComposeQueryEngine function UriQuery.c of the URI parsing and processing library uriparser is related to integer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code or cause a denial of service...

8.6CVSS7.5AI score0.01233EPSS
Exploits0
Redos
Redos
•added 2025/07/22 12:0 a.m.•5 views

ROS-20250722-02

Vulnerabilities in GLPI's asset management and data center software are related to an excessive amount of data output by the application. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially sensitive information...

7.5CVSS7.5AI score0.01246EPSS
Exploits1
Redos
Redos
•added 2025/07/22 12:0 a.m.•6 views

ROS-20250722-03

A vulnerability in the FreeType font rasterization library is related to reading outside buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending a specially generated file of variant fonts...

8.1CVSS7.8AI score0.26049EPSS
Exploits1
Redos
Redos
•added 2025/07/21 12:0 a.m.•6 views

ROS-20250721-02

A vulnerability in the assert function of the GNU C Library system library is related to incorrect calculations of the the size of the allocated buffer. Exploitation of the vulnerability could allow an attacker acting remotely, affect the availability of protected information...

6.2CVSS6.5AI score0.00349EPSS
Exploits0
Redos
Redos
•added 2025/07/21 12:0 a.m.•5 views

ROS-20250721-01

The vulnerability of the iorwinitfile function of the iouring/rw.c module of the asynchronous I/O interface of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...

7.8CVSS7.3AI score0.00249EPSS
Exploits0
Redos
Redos
•added 2025/07/18 12:0 a.m.•7 views

ROS-20250718-01

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect optimization, where JIT compilation created incorrect code in certain cases. optimization, in which JIT-compilation in certain cases created incorrect code for arguments. arguments. Exploitation...

8.8CVSS8.5AI score0.00727EPSS
Exploits0
Redos
Redos
•added 2025/07/18 12:0 a.m.•6 views

ROS-20250718-02

The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to the operation exceeding the memory buffer boundaries. memory buffer boundaries. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code or cause a denial of service...

8.8CVSS9.2AI score0.00823EPSS
Exploits0
Redos
Redos
•added 2025/07/18 12:0 a.m.•5 views

ROS-20250718-03

The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to the operation exceeding the memory buffer boundaries. memory buffer boundaries. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code or cause a denial of service...

8.8CVSS9.2AI score0.00823EPSS
Exploits0
Redos
Redos
•added 2025/07/17 12:0 a.m.•12 views

ROS-20250717-01

GLPI asset and data center management software vulnerability is related to incorrect access restrictions in the API. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive information...

7.5CVSS7.1AI score0.00351EPSS
Exploits0
Redos
Redos
•added 2025/07/17 12:0 a.m.•8 views

ROS-20250717-02

Vulnerability of the auxiliary ticket escalation tool in the Escalade GLPI plugin is related to incorrect access controls. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

6.5CVSS7.2AI score0.00242EPSS
Exploits0
Redos
Redos
•added 2025/07/17 12:0 a.m.•5 views

ROS-20250717-04

A vulnerability in the Thunderbird email client is related to errors in processing OpenPGP cryptographic signatures. Exploitation of the vulnerability could allow a remote attacker to launch a spoofing attack Vulnerability in the implementation of S/MIME Secure/Multipurpose Internet Mail Extensio...

4.3CVSS6.9AI score0.00633EPSS
Exploits0
Redos
Redos
•added 2025/07/17 12:0 a.m.•3 views

ROS-20250717-03

A vulnerability in the OpenSC smart card handling library is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

5.9CVSS7AI score0.01156EPSS
Exploits1
Redos
Redos
•added 2025/07/16 12:0 a.m.•5 views

ROS-20250716-02

A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise data archiving platforms is related to uncontrolled cancelation of key change and recovery operations by the Vault operator. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

3.1CVSS6.2AI score0.00214EPSS
Exploits0
Redos
Redos
•added 2025/07/16 12:0 a.m.•4 views

ROS-20250716-01

DNS BIND server vulnerability is related to asymmetric resource consumption. Exploiting the vulnerability Allows a remote attacker to cause a denial of service...

7.5CVSS7.6AI score0.14614EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•7 views

ROS-20250710-12

A vulnerability in the Libexif library for grammar parsing EXIF files is related to an optimization of the compiler optimization that removes buffer overflow protection in libexif. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code on the target...

9.8CVSS10AI score0.03189EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•5 views

ROS-20250710-06

The Redis database management system DBMS vulnerability is related to boundary checking errors in parsing file names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

9.8CVSS5.3AI score0.00797EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•6 views

ROS-20250710-04

Tornado asynchronous network library vulnerability is related to excessive logging in parser multipart/form-data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.3AI score0.00667EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•4 views

ROS-20250710-02

Vulnerability in XkbSizeKeySyms function of the Wayland protocol implementation for X.Org XWayland, an implementation of the XWayland Server X Window System X.Org Server is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service or...

7.8CVSS8.7AI score0.00485EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•2 views

ROS-20250710-03

Vulnerability in Update Handler component of Mozilla Firefox, Mozilla Firefox ESR and Mozilla Thunderbird browsers is related to access control flaws. Mozilla Thunderbird is related to access control flaws. Exploitation of the vulnerability could allow An attacker acting remotely could elevate hi...

8.8CVSS9.1AI score0.00538EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•4 views

ROS-20250710-07

YAML LibYAML analysis and creation library vulnerability is related to insufficient validation of user data in the LoadFile method. user data in the LoadFile method. Exploitation of the vulnerability could allow an attacker, acting remotely, to overwrite arbitrary files on the system...

9.1CVSS9.2AI score0.00368EPSS
Exploits1
Redos
Redos
•added 2025/07/10 12:0 a.m.•10 views

ROS-20250710-09

A vulnerability in the Apache MINA Java network application framework is related to incorrect handling ofjq SSL/TLS closenotify messages, as a result of which the software does not close the connection and keeps the socket open, allowing the client to subsequently receive open socket messages...

7.5CVSS6.6AI score0.02201EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•7 views

ROS-20250710-05

The vulnerability in the Perl programming language is due to the fact that the software uses the function rand as the default entropy source, which is not cryptographically secure. Exploitation of the vulnerability could allow an attacker to bypass the implemented security restrictions...

7.7CVSS5.2AI score0.00179EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•4 views

ROS-20250710-01

Vulnerability in the DoH implementation of the DNS BIND server is related to the allocation of unlimited memory. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.2AI score0.16182EPSS
Exploits0
Redos
Redos
•added 2025/07/10 12:0 a.m.•7 views

ROS-20250710-11

Vulnerability of PropertyUtilsBean class of Apache Commons Beanutils utility is related to flaws in unbundled access to the class loader. Exploitation of the vulnerability could allow an attacker, acting remotely, execute arbitrary code...

8.8CVSS8.8AI score0.01495EPSS
Exploits1
Redos
Redos
•added 2025/07/10 12:0 a.m.•8 views

ROS-20250710-08

A vulnerability in the OpenWire command handler of the Apache ActiveMQ software platform is related to a lack of control over user input. control over user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted...

7.5CVSS6.2AI score0.08594EPSS
Exploits2
Redos
Redos
•added 2025/07/10 12:0 a.m.•6 views

ROS-20250710-13

A vulnerability in the Jackson-databind library of the FasterXML project is related to the recovery of inaccurate data in memory. of invalid data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected...

8.8CVSS8.2AI score0.21949EPSS
Exploits2
Redos
Redos
•added 2025/07/10 12:0 a.m.•8 views

ROS-20250710-14

Apache Tomcat application server vulnerability is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

7.5CVSS7.3AI score0.53228EPSS
Exploits1
Redos
Redos
•added 2025/07/07 12:0 a.m.•7 views

ROS-20250707-03

A vulnerability in the Portainer container management platform is related to the transmission of HTTP headers to the registry. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...

6.8CVSS6.3AI score0.00347EPSS
Exploits0
Redos
Redos
•added 2025/07/07 12:0 a.m.•5 views

ROS-20250707-04

Vulnerability in FontFaceSet interface of Mozilla Firefox, Firefox ESR browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service WebCompat extension vulnerability in Mozilla Firefox, Firefox ES...

9.8CVSS6.1AI score0.03057EPSS
Exploits0
Redos
Redos
•added 2025/07/07 12:0 a.m.•6 views

ROS-20250707-02

Vulnerability in the prefix-based ACL policy search mechanism of Nomad application orchestrator is related to incorrect assignment of access control rules. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass existing security mechanisms by creating a job with a...

8.1CVSS8.6AI score0.00484EPSS
Exploits0
Redos
Redos
•added 2025/07/07 12:0 a.m.•7 views

ROS-20250707-01

A vulnerability in the Konsole terminal emulator of the KDE desktop environment is related to the implementation of an incorrect control flow when processing telnet://, rlogin:// and ssh:// URLs. control flow when handling telnet://, rlogin:// and ssh:// URLs. Exploitation of the vulnerability...

8.2CVSS8.3AI score0.00551EPSS
Exploits0
Redos
Redos
•added 2025/07/07 12:0 a.m.•8 views

ROS-20250707-06

Vulnerability of the sudo system administration program is related to insufficient implementation of security measures when running sudo with the -h option --host. security measures when sudo is run with the -h --host option. Exploiting the vulnerability could allow an attacker to elevate their...

9.3CVSS9.9AI score0.47467EPSS
Exploits77
Redos
Redos
•added 2025/07/07 12:0 a.m.•4 views

ROS-20250707-05

A vulnerability in the Google Chrome browser is related to post-release usage errors in Animation in Google Chrome. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system...

5.4CVSS5.8AI score0.00158EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•3 views

ROS-20250703-04

A vulnerability in the cross-platform software development framework Qt is related to the fact that QAbstractOAuth in Qt Network Authorization uses only time to run PRNG Exploitation of this vulnerability could allow an attacker acting remotely to bypass authentication. of the vulnerability could...

9.8CVSS7.4AI score0.0097EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•7 views

ROS-20250703-06

A vulnerability in the mpmathify function of the mpmath library of the Python programming language interpreter is related to the unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ReDos. remotely to cause a deni...

7.5CVSS7AI score0.041EPSS
Exploits1
Redos
Redos
•added 2025/07/03 12:0 a.m.•7 views

ROS-20250703-03

A vulnerability in the pgAdmin 4 database management tool is related to improper data cleanup, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

6.1CVSS8AI score0.0091EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•5 views

ROS-20250703-05

A vulnerability in the cross-platform software development framework Qt is related to the fact that QAbstractOAuth in Qt Network Authorization uses only time to run PRNG Exploitation of this vulnerability could allow an attacker acting remotely to bypass authentication. of the vulnerability could...

9.8CVSS7.4AI score0.0097EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•4 views

ROS-20250703-12

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to the fact that the library passes .netrc credentials to third parties for certain malicious URLs. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...

5.3CVSS5.4AI score0.00846EPSS
Exploits1
Redos
Redos
•added 2025/07/03 12:0 a.m.•5 views

ROS-20250703-10

Vulnerability of the Drupal CMS kernel is related to insufficient control over modification of dynamically defined object characteristics. of dynamically defined object characteristics. Exploitation of the vulnerability could allow an attacker, acting remotely. remotely, to execute arbitrary code...

9.8CVSS9.5AI score0.00956EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•4 views

ROS-20250703-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to the fact that the library passes .netrc credentials to third parties for certain malicious URLs. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...

5.3CVSS5.4AI score0.00846EPSS
Exploits1
Redos
Redos
•added 2025/07/03 12:0 a.m.•3 views

ROS-20250703-08

A vulnerability in the Thunderbird email client is related to incorrect processing of the p2-from header. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to...

8.1CVSS8.3AI score0.00466EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•12 views

ROS-20250703-07

A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the libvpx library of the Google Chrome and Microsoft Edge...

9.8CVSS8.3AI score0.10666EPSS
Exploits6
Redos
Redos
•added 2025/07/03 12:0 a.m.•10 views

ROS-20250703-09

Vulnerability of RoundCube Webmail mail client is related to flaws in deserialization mechanism of from parameter processing. processing the from parameter. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code by sending a specially crafted request...

9.9CVSS9.6AI score0.89462EPSS
Exploits29
Redos
Redos
•added 2025/07/03 12:0 a.m.•6 views

ROS-20250703-01

Vulnerability in Server Mode LDAP authentication configuration of database management tool pgAdmin 4 is related to incorrect session commit as a result of improper access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the security restrictions...

8CVSS7.8AI score0.0044EPSS
Exploits0
Redos
Redos
•added 2025/07/03 12:0 a.m.•8 views

ROS-20250703-02

A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.00804EPSS
Exploits0
Redos
Redos
•added 2025/07/01 12:0 a.m.•12 views

ROS-20250630-09

Vulnerability of net/http, x/net/proxy and x/net/http/httpproxy packages of Go programming language is related to incorrect mapping of hosts to proxy server templates. Exploitation of the vulnerability could allow an intruder to affect confidentiality and availability of protected information A...

7.5CVSS8.2AI score0.00693EPSS
Exploits2
Total number of security vulnerabilities8181