Lucene search
K

8162 matches found

Redos
Redos
•added 2025/04/14 12:0 a.m.•19 views

ROS-20250414-01

A vulnerability in the ocfs2 component of the Linux operating system kernel is related to incorrect input validation in the ocfs2reflinkxattrinline function in fs/ocfs2/xattr.c, in ocfs2reflink function in fs/ocfs2/refcounttree.c. Exploitation of the vulnerability could allow an attacker to cause...

7.8CVSS7.4AI score0.00339EPSS
Exploits0
Redos
Redos
•added 2025/04/10 12:0 a.m.•10 views

ROS-20250410-01

A vulnerability in the mailbox component of the Linux kernel is related to resource management errors in the bcm2835mboxprobe function in drivers/mailbox/bcm2835-mailbox.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the uvcparseformat...

7.8CVSS7.7AI score0.03301EPSS
Exploits2
Redos
Redos
•added 2025/04/09 12:0 a.m.•12 views

ROS-20250409-01

A vulnerability in the NFSD component of the Linux kernel is related to the dereferencing of a NULL pointer in the nfsd4processcbupdate function in fs/nfsd/nfs4callback.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the ALSA compone...

7.8CVSS7.5AI score0.03558EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•6 views

ROS-20250403-07

A vulnerability in the InnoDB component of the Oracle MySQL Server database management system is related to a flaw in the authorization procedure as a result of incorrect input data validation. authorization procedure as a result of incorrect input data verification. Exploitation of the...

4.9CVSS6.5AI score0.01236EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•9 views

ROS-20250403-04

A vulnerability in the Go programming language is related to improper syntax correctness checking of input. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

7.5CVSS7AI score0.00804EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•6 views

ROS-20250403-01

A vulnerability in the lookup function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in the doProlog function of the xmlparse.c file of the Expat...

9.8CVSS9.8AI score0.04829EPSS
Exploits2
Redos
Redos
•added 2025/04/03 12:0 a.m.•12 views

ROS-20250403-02

A vulnerability in the QPDF PDF conversion command line utility is related to the creation of a .pdf file with the PlASCII85Decoder::write parameter in libqpdf. .pdf file with the PlASCII85Decoder::write parameter in libqpdf. Exploitation of the vulnerability could allow an attacker to execute...

5.3CVSS8.1AI score0.00503EPSS
Exploits1
Redos
Redos
•added 2025/04/03 12:0 a.m.•11 views

ROS-20250403-08

A vulnerability in the crun open source OCI container runtime environment is related to an insecure reference following in .krunconfig.json. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...

8.5CVSS7AI score0.00533EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•7 views

ROS-20250403-06

A vulnerability in the InnoDB component of the Oracle MySQL Server database management system is related to a flaw in the authorization procedure as a result of incorrect input data validation. authorization procedure as a result of incorrect input data verification. Exploitation of the...

4.9CVSS6.5AI score0.01236EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•11 views

ROS-20250403-09

Apache Tomcat application server vulnerability is related to accepting input path data as an internal point without verification. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information and execute arbitrary code. unauthorized access to...

10CVSS8.2AI score0.99945EPSS
Exploits46
Redos
Redos
•added 2025/04/03 12:0 a.m.•7 views

ROS-20250403-10

Vulnerability in the Rack::Static class of the modular interface between web servers and Rack web applications is related to with errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected informat...

7.5CVSS7.1AI score0.01068EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•23 views

ROS-20250403-14

Vulnerability in the OpenSearch software package due to a problem in the implementation of Field Level Security FLS. Field Level Security FLS. Exploitation of the vulnerability could allow an attacker to obtain sensitive data Vulnerability in the OpenSearch software package due to missing spaces ...

8.8CVSS7.1AI score0.00821EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•21 views

ROS-20250403-16

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to an incorrect checking of X-Sendfile-Type header input in Rack::Sendfile during processing. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate log entries...

7.5CVSS7.1AI score0.00699EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•20 views

ROS-20250403-03

Vulnerability of SQLite hints and ETRN serialization functions of Exim mail server is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sendi...

9.8CVSS7.7AI score0.75782EPSS
Exploits6
Redos
Redos
•added 2025/04/03 12:0 a.m.•11 views

ROS-20250403-11

Vulnerability in the OpenSearch software package related to calls that utilize an internal underlying Identity Provider IdP rather than other externally configured IdPs. Exploitation of the vulnerability could Allow an attacker to impact data integrity...

5.3CVSS7.1AI score0.00328EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•9 views

ROS-20250403-12

OpenSearch software package vulnerability related to out-of-bounds memory reads. Exploitation of the vulnerability could allow an attacker to obtain sensitive data...

5.7CVSS6.5AI score0.00512EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•6 views

ROS-20250403-15

Vulnerabilities in GLPI's computer hardware request, incident and inventory system are related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to confidential information...

8.2CVSS7.2AI score0.00408EPSS
Exploits0
Redos
Redos
•added 2025/04/03 12:0 a.m.•11 views

ROS-20250403-13

Vulnerability of net/http, x/net/proxy and x/net/http/httpproxy packages of Go programming language is related to incorrect mapping of hosts to proxy server templates. Exploitation of the vulnerability could allow an intruder to affect confidentiality and availability of protected information...

4.4CVSS6.9AI score0.00384EPSS
Exploits2
Redos
Redos
•added 2025/04/03 12:0 a.m.•5 views

ROS-20250403-05

A vulnerability in the Media component of the Google Chrome browser is related to memory usage after it is released. after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page V8 JavaScript scrip...

8.8CVSS8.6AI score0.06387EPSS
Exploits1
Redos
Redos
•added 2025/04/02 12:0 a.m.•13 views

ROS-20250402-07

A vulnerability in the Consul and Consul Enterprise service configuration tool is related to insufficient validation of user input. of user input. Exploitation of the vulnerability could allow an attacker acting remotely to launch an SSRF attack. remotely to launch an SSRF attack Vulnerability in...

7.5CVSS7AI score0.08519EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•16 views

ROS-20250402-04

Vulnerability of the GLPI system of requests, incidents and inventory of computer equipment is related to improperly restricting access to the "install/update.php" file. Exploitation of the vulnerability could allow An attacker acting remotely could gain access to confidential information A...

7.5CVSS6.7AI score0.00598EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•83 views

ROS-20250402-09

The libexpat XML file parsing library vulnerability is related to boundary errors in the processing of XML content. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the target system...

7.5CVSS7.3AI score0.01569EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•13 views

ROS-20250402-05

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Html Sanitizer applications is related to with insufficient cleaning of user-supplied data. Exploitation of the vulnerability could allow An attacker acting remotely could conduct cross-site scripting attacks...

6.1CVSS6.4AI score0.00581EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•12 views

ROS-20250402-03

A vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the possibility of memory usage after release. Thunderbird is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow a...

9.8CVSS8.7AI score0.01196EPSS
Exploits1
Redos
Redos
•added 2025/04/02 12:0 a.m.•83 views

ROS-20250402-01

The vulnerability of the urllib.parse.urlsplit and urlparse functions of the Python programming language interpreter is related to the fact that urllib.parse.urlsplit and urlparse accept domain names with square brackets. Exploiting the vulnerability could allow an attacker to escalate their...

6.3CVSS7.3AI score0.01499EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•13 views

ROS-20250402-02

A vulnerability in the WebTransport component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to the possibility of memory usage after release. Thunderbird is related to the possibility of memory usage after release. Exploitation of the vulnerability could allow a...

9.8CVSS8.7AI score0.01196EPSS
Exploits1
Redos
Redos
•added 2025/04/02 12:0 a.m.•9 views

ROS-20250402-08

The vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to the fact that the application allows the use of entity aliases mapped to a single resource with the same alias name. Exploitation of the vulnerability could allow an attacker actin...

9.1CVSS7AI score0.00781EPSS
Exploits0
Redos
Redos
•added 2025/04/02 12:0 a.m.•12 views

ROS-20250402-06

Vulnerability of pamsmauthenticate function of PAM-PKCS11 authentication module of Linux operating systems is related to authentication errors. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the authentication procedure and gain unauthorized access to protected...

6.7CVSS7.3AI score0.00235EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•11 views

ROS-20250326-08

A vulnerability in the snmptrapd daemon of the Zabbix universal monitoring system is related to improper processing of the output data for logs. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface Vulnerability of strbase64encoderfc2047 function...

9.1CVSS7.5AI score0.00952EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•14 views

ROS-20250326-01

Pidgin instant messaging vulnerability is related to DNS response spoofing and redirecting client connections to a malicious server. redirecting client connections to a malicious server. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service to an...

5.9CVSS7.2AI score0.02419EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•6 views

ROS-20250326-07

A vulnerability in the snmptrapd daemon of the Zabbix universal monitoring system is related to improper processing of the output data for logs. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface Vulnerability of strbase64encoderfc2047 function...

9.1CVSS7.5AI score0.00952EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•7 views

ROS-20250326-06

A vulnerability in the Twisted Web component of the Twisted networking framework is related to insufficient input data validation when processing HTTP headers. data when processing HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

9.8CVSS7AI score0.04083EPSS
Exploits2
Redos
Redos
•added 2025/03/26 12:0 a.m.•14 views

ROS-20250326-05

A vulnerability in the sysexec function of MariaDB software is related to insecure permissions. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands with elevated privileges...

5.6CVSS8AI score0.0073EPSS
Exploits1
Redos
Redos
•added 2025/03/26 12:0 a.m.•10 views

ROS-20250326-03

The vulnerability in the document-oriented database management system MongoDB is related to bugs in the query analysis of some complex self-referential $lookup subconvectors, leading to sending to the server literal values in expressions for encrypted fields as plaintext instead of encrypted text...

3.3CVSS7.2AI score0.00119EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•11 views

ROS-20250326-04

A vulnerability in the Ruby Sinatra web application development framework is related to causing an Open Redirect Attack Attack by inserting an arbitrary address into this header. Exploiting the vulnerability allows an attacker, acting remotely, to gain access to sensitive data...

5.4CVSS7.4AI score0.00476EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•12 views

ROS-20250326-02

A vulnerability in the document-oriented MongoDB database management system is related to the lack of authorization checks. authorization checks. Exploitation of the vulnerability could allow a remote intruder gain unauthorized access to protected information...

6.5CVSS7AI score0.00376EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•8 views

ROS-20250326-09

Ruby interpreter vulnerability is related to a hidden time channel Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...

7.4CVSS7.3AI score0.00626EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•16 views

ROS-20250326-10

A vulnerability in the Nextcloud calendar cloud software application for creating and utilizing a Nextcloud data warehouse is related to the failure to clean up line breaks and special characters in the email value in a JSON request. Exploitation of the vulnerability could allow an attacker actin...

9.8CVSS7.4AI score0.32348EPSS
Exploits0
Redos
Redos
•added 2025/03/26 12:0 a.m.•27 views

ROS-20250326-11

A vulnerability in the sqlghashsource component of the virtuoso-opensource web application development platform is related to the unconstrained and unregulated resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using special...

7.5CVSS7.7AI score0.0088EPSS
Exploits29
Redos
Redos
•added 2025/03/25 12:0 a.m.•13 views

ROS-20250325-01

A vulnerability in the net component of the Linux kernel is related to a read error outside the allowed range in drivers/net/wwan/wwancore.c. valid range in drivers/net/wwan/wwancore.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the n...

7.8CVSS7.2AI score0.00336EPSS
Exploits1
Redos
Redos
•added 2025/03/20 12:0 a.m.•25 views

ROS-20250320-01

A vulnerability in the bpf component of the Linux kernel is related to resource management errors in the findequalscalars function in kernel/bpf/verifier.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the htcconnectservice function of...

7.8CVSS6.8AI score0.01325EPSS
Exploits1
Redos
Redos
•added 2025/03/19 12:0 a.m.•16 views

ROS-20250319-02

A vulnerability in the dm cache component of the Linux operating system kernel is related to a read error outside the bounds in the canresize function in drivers/md/dm-cache-target.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service Vulnerability in the...

7.8CVSS8.5AI score0.00809EPSS
Exploits0
Redos
Redos
•added 2025/03/19 12:0 a.m.•8 views

ROS-20250319-01

A vulnerability in the net component of the Linux operating system kernel is related to a reachability assertion in the inetaccept function in net/ipv4/afinet.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00301EPSS
Exploits0
Redos
Redos
•added 2025/03/18 12:0 a.m.•20 views

ROS-20250318-01

A vulnerability in the net component of the Linux kernel is related to the dereferencing of a NULL pointer in the sockcreate function in net/socket.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service A vulnerability in the net component of t...

7.8CVSS7.3AI score0.00281EPSS
Exploits0
Redos
Redos
•added 2025/03/17 12:0 a.m.•28 views

ROS-20250317-01

Vulnerability of x86androidtabletprobe function in drivers/platform/x86/x86/x86-android-tablets/core.c of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of...

7.8CVSS8.4AI score0.01087EPSS
Exploits0
Redos
Redos
•added 2025/03/14 12:0 a.m.•19 views

ROS-20250314-01

Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...

7.8CVSS7AI score0.00875EPSS
Exploits0
Redos
Redos
•added 2025/03/14 12:0 a.m.•15 views

ROS-20250314-02

A vulnerability in the wifi component of the Linux operating system kernel is related to an incorrect lock in the function ilpciresume in drivers/net/wireless/intel/iwlegacy/common.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...

7.8CVSS6.8AI score0.00529EPSS
Exploits2
Redos
Redos
•added 2025/03/12 12:0 a.m.•9 views

ROS-20250312-01

The vulnerability of thejd drm/amd/display component of the Linux kernel is related to incorrect verification of the input data in the calculatettucursor function in the drivers/gpu/drm/amd/display/dc/dml/dcn21/displayrqdlgcalc21.c, in the calculatettucursor function in the...

7.8CVSS7.2AI score0.00327EPSS
Exploits0
Redos
Redos
•added 2025/03/11 12:0 a.m.•10 views

ROS-20250311-07

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Redos
Redos
•added 2025/03/11 12:0 a.m.•82 views

ROS-20250311-05

PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...

8.1CVSS8.4AI score0.89472EPSS
Exploits10
Total number of security vulnerabilities8162