Lucene search
K

8157 matches found

Redos
Redos
•added 2025/05/06 12:0 a.m.•13 views

ROS-20250505-31

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.00527EPSS
Exploits1
Redos
Redos
•added 2025/05/06 12:0 a.m.•14 views

ROS-20250505-32

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.00527EPSS
Exploits1
Redos
Redos
•added 2025/04/30 12:0 a.m.•8 views

ROS-20250430-08

A vulnerability in Nomad Application Orchestrator involves the insertion of sensitive information into a log file. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a client's secret client token...

6.5CVSS6.6AI score0.00449EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•6 views

ROS-20250430-16

The package manager vulnerability for Kubernetes Helm is related to the creation of a diagram file in such a way, that it expands and becomes much larger in uncompressed form. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of service A package manager...

6.5CVSS6.7AI score0.00407EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•50 views

ROS-20250430-15

Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...

4.3CVSS6.5AI score0.0016EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•50 views

ROS-20250430-14

The vulnerability of ASP.NET Core software platform and Microsoft's software development tool Visual Studio is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01383EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•59 views

ROS-20250430-04

A vulnerability in the libsoup library of the GNOME GUI is related to an infinite loop when reading WebSocket data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service GNOME GUI libsoup library vulnerability is related to NULL pointer dereferenci...

9CVSS8.7AI score0.00933EPSS
Exploits3
Redos
Redos
•added 2025/04/30 12:0 a.m.•6 views

ROS-20250430-02

A vulnerability in the libavformat/westwoodvqa.c component of the FFmpeg multimedia library is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service using a specially crafted VQA file FFmpeg multimedia library...

9.8CVSS8.6AI score0.00715EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•6 views

ROS-20250430-01

A vulnerability in the BusyBox set of command line utilities is related to a post-release usage error in the awk applet. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system The BusyBox command line utility set vulnerability is related to a NUL...

9.8CVSS7.9AI score0.03379EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•47 views

ROS-20250430-06

A vulnerability in the vim text editor function is related to the execution of shell commands via specially crafted tar archives. created tar archives. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the vim text editor function is relate...

7.1CVSS7.8AI score0.20775EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•50 views

ROS-20250430-05

Vulnerability of Erlang programming language OTP library set is related to improper packet handling SFTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service Vulnerability of SSH protocol implementation from Erlang/OTP library...

10CVSS8.2AI score0.97673EPSS
Exploits36
Redos
Redos
•added 2025/04/30 12:0 a.m.•4 views

ROS-20250430-07

A vulnerability in the compiler of the html templating tool jinja is related to a sandbox escape via the attr filter format selection method. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

8.8CVSS6.9AI score0.00465EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•6 views

ROS-20250430-09

VBI libzvbi VBI capture and decode library vulnerability is related to an integer overflow in the vbicapturesimloadcaption function in src/io-sim.c. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system VBI capture and decode...

7.5CVSS8AI score0.00764EPSS
Exploits0
Redos
Redos
•added 2025/04/30 12:0 a.m.•13 views

ROS-20250430-10

The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. hidden HTTP request HTTP Request...

9.8CVSS5.9AI score0.01263EPSS
Exploits3
Redos
Redos
•added 2025/04/30 12:0 a.m.•14 views

ROS-20250430-11

The vulnerability in the PHP programming language interpreter is related to flaws in header processing of of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request...

9.8CVSS5.9AI score0.01263EPSS
Exploits3
Redos
Redos
•added 2025/04/30 12:0 a.m.•13 views

ROS-20250430-12

The vulnerability in the PHP programming language interpreter is related to a flaw in header processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to send a hidden HTTP request HTTP Request Smuggling attack. A hidden HTTP request HTTP Request Smuggling attac...

9.8CVSS5.8AI score0.01263EPSS
Exploits3
Redos
Redos
•added 2025/04/30 12:0 a.m.•9 views

ROS-20250430-03

A vulnerability in the GPAC multimedia platform is related to a heap buffer overflow in the isomedia/sampledescs.c:1799, in gfisomnewmphadescription in gpac/MP4Box. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the GPAC multimedia platfo...

7.8CVSS7.2AI score0.00346EPSS
Exploits3
Redos
Redos
•added 2025/04/30 12:0 a.m.•57 views

ROS-20250430-13

HAProxy server software vulnerability is related to bounds errors in regsub function in src/sample.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

6.8CVSS6.7AI score0.00688EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•64 views

ROS-20250424-07

Vulnerability of xmlPatMatch function in pattern.c file of libxml2 library is related to null pointer dereferencing. pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service A vulnerability in the libxml2 library is related...

7.8CVSS7.9AI score0.01009EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•28 views

ROS-20250424-04

The GPAC multimedia platform vulnerability involves uncontrolled resource consumption. Exploitation The vulnerability could allow an attacker to cause a denial of service A vulnerability in a function in gfm2tsprocesspmt of the GPAC multimedia platform is related to buffer copying without checkin...

7.8CVSS7.2AI score0.00375EPSS
Exploits4
Redos
Redos
•added 2025/04/24 12:0 a.m.•10 views

ROS-20250424-14

Vulnerability in Apache Tomcat application server's JNDIRealm module implementation is related to flaws in the authentication mechanism. authentication mechanism. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information. Unauthorized...

6.5CVSS7.1AI score0.09886EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•4 views

ROS-20250424-11

Vulnerability of CLARRV, DLARRV, SLARRV and ZLARRV functions of the library for numerical calculations of linear algebra LAPACK, linear algebra library OpenBLAS is related to reading beyond buffer limits. LAPACK, OpenBLAS linear algebra library is related to reading outside the allowed boundaries...

9.1CVSS7.1AI score0.0262EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•66 views

ROS-20250424-03

Vulnerability of the executefilterdelta function of the archivereadsupportformatrar.c component of the Libarchive archiving library is related to reading beyond the allowed data buffer boundaries. of Libarchive archiving library is related to reading outside the allowed data buffer boundaries...

7.8CVSS7.5AI score0.00551EPSS
Exploits2
Redos
Redos
•added 2025/04/24 12:0 a.m.•5 views

ROS-20250424-09

The vulnerability in Google Chrome and Microsoft Edge browsers is related to the possibility of memory usage after a release. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality,...

8.8CVSS6.3AI score0.00791EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•65 views

ROS-20250424-10

A vulnerability in the libtar package is related to the initiation of a malloc0 call for the gnulonglink variable. Exploitation The vulnerability could allow a remote attacker to gain access to sensitive information. information The libtar package vulnerability is related to the initiation of a...

9.1CVSS6.9AI score0.01431EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•66 views

ROS-20250424-08

A vulnerability in the containerd container runtime environment is related to an integer overflow when processing a UID:GID that exceeds the maximum 32-bit signed integer. Exploitation of the vulnerability could Allow an attacker to cause a denial of service...

7.8CVSS7AI score0.00275EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•6 views

ROS-20250424-02

The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS8.1AI score0.99615EPSS
Exploits7
Redos
Redos
•added 2025/04/24 12:0 a.m.•9 views

ROS-20250424-34

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.0033EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•11 views

ROS-20250424-33

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.0033EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•16 views

ROS-20250424-12

A vulnerability in the eval function of the Cloud Deployment and Query Tool modules of the database management tool pgAdmin 4 is related to incorrect code generation control when processing endpoints /sqleditor/querytool/download and /cloud/deploy with querycommitted and highavailability...

9.9CVSS7.5AI score0.46222EPSS
Exploits7
Redos
Redos
•added 2025/04/24 12:0 a.m.•5 views

ROS-20250424-25

The vulnerability of the cURL server communication software tool is related to the fact that the application could leak credentials when requesting to use a .netrc file for credentials and following HTTP redirects. following HTTP redirects. Exploitation of the vulnerability could allow an attacke...

3.4CVSS7.2AI score0.01351EPSS
Exploits2
Redos
Redos
•added 2025/04/24 12:0 a.m.•8 views

ROS-20250424-13

A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.0033EPSS
Exploits1
Redos
Redos
•added 2025/04/24 12:0 a.m.•6 views

ROS-20250424-01

A vulnerability in the nftsetcommitupdate function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the reuse of previously freed memory. of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability...

7.8CVSS7.3AI score0.00843EPSS
Exploits0
Redos
Redos
•added 2025/04/24 12:0 a.m.•66 views

ROS-20250424-05

Vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to access credentials with HTTP redirection to another resource. access to credentials...

3.4CVSS7.2AI score0.01351EPSS
Exploits2
Redos
Redos
•added 2025/04/24 12:0 a.m.•8 views

ROS-20250424-06

A vulnerability in the listitemverbose function of the Libarchive library is related to a bounds error in the processing of .tar .tar files in the listitemverbose function in tar/util.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system A...

7.8CVSS7.7AI score0.00329EPSS
Exploits2
Redos
Redos
•added 2025/04/22 12:0 a.m.•14 views

ROS-20250422-01

A vulnerability in the Bluetooth driver of the Linux kernel is related to the dereferencing of a null pointer due to competitive resource access race condition in the hciuartttyioctl function between the HCIUARTSETPROTO and HCIUARTGETPROTO commands in the drivers/bluetooth/hcildisc.c module...

4.7CVSS7AI score0.00325EPSS
Exploits0
Redos
Redos
•added 2025/04/21 12:0 a.m.•9 views

ROS-20250421-01

Vulnerability of the vmfaultt vasmmapfault function of the arch/powerpc/platforms/book3s/vas-api.c module of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.8AI score0.00271EPSS
Exploits1
Redos
Redos
•added 2025/04/17 12:0 a.m.•7 views

ROS-20250417-07

Exim mail server vulnerability is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

8.1CVSS7AI score0.00509EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•10 views

ROS-20250417-01

A vulnerability in the Nextcloud calendar cloud software application for creating and utilizing the Nextcloud Nextcloud data warehouse is related to disclosure of internal website paths when the SMTP server is unavailable. Exploitation of the vulnerability could allow an attacker acting remotely ...

4.3CVSS6.8AI score0.00438EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•14 views

ROS-20250417-02

Vulnerability of /settings/store API endpoint of pgAdmin database management tool is related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform a cross-site scripted attack Server mode...

8.8CVSS7.7AI score0.79933EPSS
Exploits1
Redos
Redos
•added 2025/04/17 12:0 a.m.•38 views

ROS-20250417-05

Ingress controller vulnerability in the Kubernetes ingress-nginx cluster is related to the use of the Ingress mirror-target and mirror-host annotations to inject configuration into nginx. Exploitation of the The vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS7.8AI score0.99098EPSS
Exploits21
Redos
Redos
•added 2025/04/17 12:0 a.m.•16 views

ROS-20250417-08

A vulnerability in the net/http package of the Go programming language is related to a flaw in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.1CVSS7.8AI score0.00724EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•10 views

ROS-20250417-09

Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird email client of operating systems Windows is related to a post-release usage error in XSLTProcessor. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...

6.5CVSS6.5AI score0.00824EPSS
Exploits1
Redos
Redos
•added 2025/04/17 12:0 a.m.•11 views

ROS-20250417-06

Vulnerability in moodle virtual learning environment is related to insufficient validation of HTTP request source in the confirmedsesskey. Exploitation of the vulnerability could allow an attacker acting remotely to perform Cross-site request forgery attacks...

8.8CVSS6.8AI score0.00455EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•9 views

ROS-20250417-03

The Jenkins Automation Server vulnerability is related to the fact that the vulnerable plugin does not edit encrypted secret values when accessing config.xml of agents via REST API or CLI. Exploitation of the vulnerability could Allow an attacker acting remotely to gain access to potentially...

5.4CVSS7.2AI score0.00684EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•76 views

ROS-20250417-04

A vulnerability in the numbers.ct file of the libxslt library is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in libxslt library's xsltGetInheritedNsList function is related to memory usage after...

7.8CVSS7.3AI score0.00324EPSS
Exploits4
Redos
Redos
•added 2025/04/17 12:0 a.m.•6 views

ROS-20250417-13

Vulnerability in the URI gem software tool due to the fact that the URIjoin, URImerge and URI+ methods retain sensitive information, such as "user:password", even after host replacement. Exploitation vulnerability could allow an attacker acting remotely to gain access to potentially sensitive...

5.3CVSS6.9AI score0.00472EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•5 views

ROS-20250417-10

Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird email client of operating systems Windows is related to a post-release usage error in XSLTProcessor. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...

6.5CVSS6.5AI score0.00824EPSS
Exploits1
Redos
Redos
•added 2025/04/17 12:0 a.m.•24 views

ROS-20250417-12

Vulnerability in cgi gem software tool due to insufficient input validation when processing unreliable input using regular expressions in CGI::UtilescapeElement. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the cgi gem...

7.5CVSS6.6AI score0.00784EPSS
Exploits0
Redos
Redos
•added 2025/04/17 12:0 a.m.•10 views

ROS-20250417-11

Vulnerability of the phpseclib cryptographic protocol library is related to insufficient verification of user input data user input. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.00569EPSS
Exploits0
Total number of security vulnerabilities8157