Lucene search
K

8110 matches found

Redos
Redos
•added 2025/01/15 12:0 a.m.•9 views

ROS-20250115-06

A vulnerability in the ocfs2 component of the Linux kernel is related to the dereferencing of a NULL pointer in the ocfs2fillsuper function in fs/ocfs2/super.c, toocfs2trigger, ocfs2dbfrozentrigger and ocfs2journalaccess in fs/ocfs2/journal.c. Exploitation of the vulnerability could allow an...

7.8CVSS7.3AI score0.00296EPSS
Exploits0
Redos
Redos
•added 2025/01/15 12:0 a.m.•12 views

ROS-20250115-01

A vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird email client is related to improper permission persistence. exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information, to affect the confidentiality of protected informati...

7.5CVSS8.1AI score0.00611EPSS
Exploits0
Redos
Redos
•added 2025/01/15 12:0 a.m.•9 views

ROS-20250115-04

A vulnerability in the ldapescape function of the PHP programming language interpreter is related to the operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the dblib and...

9.8CVSS8.4AI score0.02286EPSS
Exploits4
Redos
Redos
•added 2025/01/14 12:0 a.m.•12 views

ROS-20250114-13

The Redis database management system DBMS vulnerability is related to the use of memory after its memory after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by injecting a specially crafted lua script A vulnerability in the Redis database...

9.8CVSS7.7AI score0.07802EPSS
Exploits2
Redos
Redos
•added 2025/01/14 12:0 a.m.•10 views

ROS-20250114-12

A vulnerability in the implementation of the Zstandard compression method of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code provided that a user opens a specially generated archive. by a user opening a special...

7.8CVSS7.6AI score0.21985EPSS
Exploits1
Redos
Redos
•added 2025/01/14 12:0 a.m.•9 views

ROS-20250114-14

A vulnerability in the compress component of the Linux operating system kernel is related to incorrect blocking in the f2fsreleasecompressblocks and f2fsreservecompressblocks functions in f2fs/file.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

7.1CVSS6.8AI score0.00239EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•6 views

ROS-20250114-11

The vulnerability of the Python virtualenv virtual environment constructor activation scripts is related to the failure to take steps to neutralize special elements used by the operating system command. measures to neutralize special elements used in the operating system command. Exploitation...

8.4CVSS7.6AI score0.01557EPSS
Exploits1
Redos
Redos
•added 2025/01/14 12:0 a.m.•11 views

ROS-20250114-02

LibreOffice office suite vulnerability is related to incorrect cryptographic signature verification. signature. Exploitation of the vulnerability could allow an attacker to create a specially crafted document, which, upon recovery, would report the valid status of the electronic signature A...

10CVSS6.8AI score0.00428EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•148 views

ROS-20250114-01

HTTP client aiohttp vulnerability is related to execution of a loop with an unreachable exit condition. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability of HTTP client aiohttp is related to a symbolic link issue in...

7.5CVSS7AI score0.01085EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•143 views

ROS-20250114-15

Vulnerability of gfxv943initmicrocode function in drivers/gpu/drm/amd/amdgpu/gfxv943.c module of driver Linux operating system kernel amdgpu is related to memory writes outside of the allocated buffer. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity...

9.8CVSS7.2AI score0.00762EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•146 views

ROS-20250114-03

Vulnerability in the Hash Handler component of the 389-ds-basic package is related to insufficient verification of the of password hashes. Exploitation of the vulnerability could allow an intruder to cause a denial of service...

5.7CVSS6.7AI score0.00573EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•9 views

ROS-20250114-07

A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•12 views

ROS-20250114-04

The incognito mode vulnerability in Mozilla Firefox, Firefox ESR browsers is due to the application not properly impose security restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions Incognito mode vulnerability in...

9.8CVSS7.4AI score0.00738EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•10 views

ROS-20250114-05

A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•11 views

ROS-20250114-08

A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•14 views

ROS-20250114-06

A vulnerability in the Serialization component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect clearing or freeing of resources. resources. Exploitation of the vulnerability could allow an attacker acting...

4.8CVSS4.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2025/01/14 12:0 a.m.•9 views

ROS-20250114-10

Vulnerability in the animation control and synchronization handler on web pages of Mozilla Firefox browsers, Firefox ESR is related to the possibility of memory usage after its release. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting it into...

9.8CVSS9.6AI score0.32568EPSS
Exploits1
Redos
Redos
•added 2025/01/14 12:0 a.m.•11 views

ROS-20250114-09

Vulnerability in the animation control and synchronization handler on web pages of Mozilla Firefox browsers, Firefox ESR is related to the possibility of memory usage after its release. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by injecting it into...

9.8CVSS9.6AI score0.32568EPSS
Exploits1
Redos
Redos
•added 2025/01/13 12:0 a.m.•26 views

ROS-20250113-05

A vulnerability in the dma-mapping component of the Linux kernel is related to incorrect input validation in the mapbenchmarkioctl function in kernel/dma/mapbenchmark.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the f2fs component of...

9.8CVSS7.5AI score0.00788EPSS
Exploits0
Redos
Redos
•added 2025/01/13 12:0 a.m.•8 views

ROS-20250113-04

A vulnerability in the usb component of the Linux kernel is related to incorrect locking in the functions freeepfback, uaudiosetvolume, uaudiosetmute and gaudiosetup functions in drivers/usb/gadget/function/uaudio.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...

5.5CVSS6.8AI score0.0021EPSS
Exploits0
Redos
Redos
•added 2025/01/13 12:0 a.m.•20 views

ROS-20250113-03

Vulnerability in Intel Ethernet network controllers RDMA driver for Linux is related to access control flaws access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges...

9.8CVSS7.1AI score0.00978EPSS
Exploits0
Redos
Redos
•added 2025/01/13 12:0 a.m.•14 views

ROS-20250113-01

A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

7.5CVSS6.8AI score0.66594EPSS
Exploits0
Redos
Redos
•added 2025/01/13 12:0 a.m.•17 views

ROS-20250113-02

Vulnerability of sessionuser function in fs/ksmbd/smb2pdu.c module of KSMBD file system of Linux kernel is related to reading data outside the allocated buffer. Linux kernel file system KSMBD is related to reading data outside the allocated buffer. Exploitation of the vulnerability could allow an...

9.8CVSS7.3AI score0.02975EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•19 views

ROS-20250110-05

The vulnerability of the Zabbix universal monitoring system server is related to the use of uncontrolled format strings when processing HttpRequest objects. format strings when processing HttpRequest objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain...

9.1CVSS9.2AI score0.00952EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•4 views

ROS-20250110-08

A vulnerability in the qrreadermatchcenters function of the ZBar barcode reading library is related to writing outside the buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential data, compromise its integrity, and compromise its integrity...

9.8CVSS7.3AI score0.01787EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•5 views

ROS-20250110-07

A vulnerability in the DNS server responsible for coredns name resolution is related to an incorrect implementation of the of caching. Exploitation of the vulnerability could allow a remote attacker to execute a spoofing attack. spoofing attack...

5.3CVSS7.1AI score0.0076EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•144 views

ROS-20250110-03

A vulnerability in the XMLResumeParser function of the libexpat XML parsing library is related to improper checking for unusual or exceptional conditions. Exploitation of the vulnerability could allow an attacker to stop/stop a parser that is not running...

5.9CVSS6.7AI score0.0104EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•5 views

ROS-20250110-04

Vulnerability of instancecreate method of the program for monitoring and adaptive tuning of system devices tuned is related to insufficient input data validation when processing the instancename parameter. Exploitation of the vulnerability could allow an attacker to conduct spoofing attacks...

7.8CVSS7.7AI score0.00298EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•9 views

ROS-20250110-09

Vulnerability in Erlang programming language OTP library set is related to incorrect certificate validation. certificate. Exploitation of the vulnerability allows an attacker acting remotely to perform a MitM attack...

5.5CVSS6.8AI score0.00251EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•14 views

ROS-20250110-13

MinIO object storage server vulnerability is related to insecure privilege management. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges to root...

9.3CVSS6.9AI score0.00702EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•6 views

ROS-20250110-11

A vulnerability in the Action Pack framework of the Ruby on Rails software platform is related to incorrect validation of the of input data. Exploitation of the vulnerability could allow a remote attacker to bypass certain security restrictions. certain security restrictions...

9.8CVSS6.9AI score0.00658EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•10 views

ROS-20250110-02

A vulnerability in the Exiv2 media metadata management library is related to a flaw in the use of the assert function. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted image file Vulnerability in the Jp2Image::readMetadata...

7.8CVSS7.8AI score0.02555EPSS
Exploits3
Redos
Redos
•added 2025/01/10 12:0 a.m.•16 views

ROS-20250110-12

Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource "Race Situation". "Race Situation". Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code by downloading specially crafted JSP files Apache Tomcat...

9.8CVSS7.4AI score0.43663EPSS
Exploits13
Redos
Redos
•added 2025/01/10 12:0 a.m.•17 views

ROS-20250110-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is associated with authorization errors due to a buffer overrun. authorization errors as a result of an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow...

7.5CVSS6.9AI score0.00267EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•9 views

ROS-20250110-14

Vulnerability of ServerConfig.PublicKeyCallback function of the library for Go crypto programming language is related to a flaw in the authorization procedure for key processing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

9.1CVSS7.1AI score0.03092EPSS
Exploits2
Redos
Redos
•added 2025/01/10 12:0 a.m.•157 views

ROS-20250110-06

The vulnerability of the Zabbix universal monitoring system server is related to the use of uncontrolled format strings when processing HttpRequest objects. format strings when processing HttpRequest objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain...

9.1CVSS9.2AI score0.00952EPSS
Exploits0
Redos
Redos
•added 2025/01/10 12:0 a.m.•14 views

ROS-20250110-10

A vulnerability in the asyncio.SelectorSocketTransport.writelines function of the Python programming language is associated with an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service denial of service...

8.7CVSS6.6AI score0.0188EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•5 views

ROS-20250109-02

Vulnerability in dogtag-pki and pki-core packages is related to incorrect input validation during query processing LDAP. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the authentication process. authentication...

7.5CVSS7.4AI score0.00659EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•21 views

ROS-20250109-03

Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability of the GLPI system...

9.3CVSS7.5AI score0.36733EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•78 views

ROS-20250109-01

A NetworkManager network connection management vulnerability involves the injection of corrupted LLDP packets. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

3.1CVSS7.3AI score0.00447EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•18 views

ROS-20250109-08

The ungetbyte and ungetc methods of StringIO string handler for Ruby programming language are vulnerable to with an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of protected information...

9.8CVSS6.9AI score0.02364EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•19 views

ROS-20250109-04

Vulnerability of the Fields plug-in of the GLPI system of requests, incidents and inventory of computer equipment is related to failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow An attacker acting remotely could execute arbitrary SQL code...

7.7CVSS8.3AI score0.0047EPSS
Exploits0
Redos
Redos
•added 2025/01/09 12:0 a.m.•6 views

ROS-20250109-06

The ungetbyte and ungetc methods of StringIO string handler for Ruby programming language are vulnerable to with an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality of protected information...

8.8CVSS7.2AI score0.72648EPSS
Exploits18
Redos
Redos
•added 2025/01/09 12:0 a.m.•8 views

ROS-20250109-05

Vulnerability in Firefox ESR, Firefox web browsers and Thunderbird email client is related to errors in data type conversion due to enabled autorun private mode. data type conversion errors due to enabled private mode autorun. Exploitation of the vulnerability could allow an attacker acting...

8.8CVSS8.5AI score0.72648EPSS
Exploits18
Redos
Redos
•added 2025/01/09 12:0 a.m.•8 views

ROS-20250109-07

A vulnerability in the Downloads component of Microsoft Edge and Google Chrome browsers is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected information...

9.6CVSS8.7AI score0.06295EPSS
Exploits11
Redos
Redos
•added 2024/12/20 12:0 a.m.•9 views

ROS-20241220-02

A vulnerability in the minimalist console MPEG audio player mpg123 is related to a boundary error inside the libmpg123 when decoding PCM. Exploitation of the vulnerability could allow an attacker acting remotely, to pass specially crafted data to an application, cause corruption in the heap, and...

6.7CVSS7AI score0.00348EPSS
Exploits0
Redos
Redos
•added 2024/12/20 12:0 a.m.•15 views

ROS-20241220-01

A vulnerability in the password verification function of the PHP programming language is related to insufficient calculation of the password hash. password hash. Exploitation of the vulnerability allows an attacker to affect data integrity...

8.1CVSS7AI score0.00944EPSS
Exploits1
Redos
Redos
•added 2024/12/20 12:0 a.m.•11 views

ROS-20241220-04

Vulnerability of ServerConfig.PublicKeyCallback function of the library for Go crypto programming language is related to a flaw in the authorization procedure for key processing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

9.1CVSS7.1AI score0.03092EPSS
Exploits2
Redos
Redos
•added 2024/12/18 12:0 a.m.•12 views

ROS-20241218-01

Vulnerability of the kmallocreserve function in the net/core/skbuff.c module of the network subsystem of the Linux kernel is related to integer overflow. Linux kernel subsystem is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

8.1CVSS7.1AI score0.01077EPSS
Exploits5
Redos
Redos
•added 2024/12/16 12:0 a.m.•18 views

ROS-20241216-10

The Jetty servlet container vulnerability is related to the lack of control over internal resource consumption within DoSFilter. Exploitation of the vulnerability could allow an attacker acting remotely to repeatedly send crafted requests multiple times, cause an OutofMemory error, and finally...

7.5CVSS6.8AI score0.00946EPSS
Exploits0
Total number of security vulnerabilities8110