Lucene search
K

8110 matches found

Redos
Redos
•added 2024/12/03 12:0 a.m.•27 views

ROS-20241203-19

Apache HTTP Server web server kernel vulnerability is related to the inclusion of functions from an invalid controlled area. Exploitation of the vulnerability could allow a remote attacker, execute arbitrary code by running local handlers through internal redirection A vulnerability in the...

9.8CVSS7.9AI score0.41611EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•15 views

ROS-20241203-10

Vulnerability in the IPAuthenticationProvider component of a centralized service for maintaining configuration information and providing distributed synchronization and group services. configuration, naming, providing distributed synchronization and provisioning of group services Apache ZooKeeper...

9.1CVSS6.9AI score0.00924EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•16 views

ROS-20240203-05

Apache Tomcat application server vulnerability is related to an unchecked error condition. Exploitation The vulnerability could allow an attacker acting remotely to bypass the authentication process and cause a denial of service Apache Tomcat application server vulnerability is related to...

9.8CVSS8.2AI score0.06287EPSS
Exploits2
Redos
Redos
•added 2024/12/03 12:0 a.m.•14 views

ROS-20241203-02

A vulnerability in the streamformatter moby package is related to running multiple simultaneous write operations. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The moby package vulnerability is related to running concurrent builds that call...

8.1CVSS7.1AI score0.00641EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•10 views

ROS-20241203-01

The Go programming language vulnerability is related to errors in processing special characters "" in the in the context of CSS. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the Parse function of the Golang programming...

7.5CVSS7AI score0.01412EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•17 views

ROS-20241203-07

Nextcloud mail client vulnerability is related to incorrect automatic configuration. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality Nextcloud mail client vulnerability is related to insufficient access control. Exploitation of the...

8.2CVSS7.2AI score0.00698EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•13 views

ROS-20241203-03

The HTTP request interpretation vulnerability in HAProxy is related to the ability to access a path that is restricted by an ACL access control list installed on the product. Exploitation of the vulnerability could Allow an attacker acting remotely to obtain sensitive information...

5.3CVSS6.7AI score0.01043EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•239 views

ROS-20241203-04

A vulnerability in the Kubernetes virtual machine cluster management software tool is related to incorrectly restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code outside of the container...

8.1CVSS7.7AI score0.03001EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•19 views

ROS-20241203-23

The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...

9.8CVSS7.3AI score0.01328EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•15 views

ROS-20241203-06

Vulnerability of coretable/dynamic module of Moodle virtual learning environment is related to access control flaws in access control. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protected information...

6.5CVSS6.9AI score0.00346EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•15 views

ROS-20241203-11

A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.7CVSS6.8AI score0.0032EPSS
Exploits0
Redos
Redos
•added 2024/12/03 12:0 a.m.•4 views

ROS-20241203-32

A vulnerability in the implementation of the HSTS HTTP Strict Transport Security mechanism of the curl command line utility exists due to a bug in the implementation of the HSTS cache. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct a man-in-the-middle attack...

6.5CVSS7AI score0.0197EPSS
Exploits1
Redos
Redos
•added 2024/12/03 12:0 a.m.•23 views

ROS-20241203-17

WSGI server gevent.pywsgi vulnerability in the Python Gevent library is related to insufficient validation of the of executed requests. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity, availability, and confidentiality of protected information...

9.8CVSS6.5AI score0.01334EPSS
Exploits1
Redos
Redos
•added 2024/12/02 12:0 a.m.•19 views

ROS-20241202-02

Vulnerability of drivers/virt/acrn components of the Linux operating system kernel is related to errors of post-release usage errors in the acrnvmmemsegunmap and acrnvmvmrammap functions in the drivers/virt/acrn/mm.c. Exploitation of the vulnerability could allow an attacker to escalate privilege...

9.8CVSS7.5AI score0.01107EPSS
Exploits0
Redos
Redos
•added 2024/12/02 12:0 a.m.•17 views

ROS-20241202-01

A vulnerability in the hns3 component of the Linux kernel is related to memory leaks in the function hns3pmuirqregister in drivers/perf/hisilicon/hns3pmu.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the openrisc component of the Linu...

8.2CVSS7AI score0.00651EPSS
Exploits0
Redos
Redos
•added 2024/11/29 12:0 a.m.•19 views

ROS-20241129-01

A vulnerability in the ks8851 component of the Linux operating system kernel is related to improper locking in the ks8851dbgdumpkkt, ks8851rxpkts, and ks8851irq functions in the drivers/net/ethernet/micrel/ks8851common.c. Exploitation of the vulnerability could allow an attacker to cause a denial...

7.8CVSS8.3AI score0.00281EPSS
Exploits0
Redos
Redos
•added 2024/11/29 12:0 a.m.•34 views

ROS-20241129-02

A vulnerability in the openvswitch component of the Linux operating system kernel is related to incorrect input validation in the parseicmpv6 function in net/openvswitch/flow.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cppccpufr...

7.8CVSS8.4AI score0.01136EPSS
Exploits1
Redos
Redos
•added 2024/11/27 12:0 a.m.•16 views

ROS-20241127-01

A vulnerability in the bna component of the Linux operating system kernel is related to out-of-bounds read errors in the bnaddebugfswriteregrd and bnaddebugfswriteregwr functions in the drivers/net/ethernet/brocade/bna/bnaddebugfs.c. Exploitation of the vulnerability could allow an attacker to...

9.8CVSS8.2AI score0.00747EPSS
Exploits0
Redos
Redos
•added 2024/11/27 12:0 a.m.•20 views

ROS-20241127-02

A vulnerability in the virtio component of the Linux kernel is related to memory corruption in the functions virtioi2cpreparereqs, virtioi2ccompletereqs and virtioi2cxfer functions in drivers/i2c/busses/i2c-virtio.c. Exploitation of the vulnerability could allow an attacker to gain access to...

7.8CVSS8.6AI score0.00247EPSS
Exploits1
Redos
Redos
•added 2024/11/27 12:0 a.m.•21 views

ROS-20241127-03

A vulnerability in the net/smc components of the Linux operating system kernel is related to information disclosure in the function smcibfindroute in net/smc/smcib.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the e1000e...

9.1CVSS7.7AI score0.00923EPSS
Exploits0
Redos
Redos
•added 2024/11/26 12:0 a.m.•9 views

ROS-20241126-01

Vulnerability of hcilebigsyncestablishedevt function in net/bluetooth/hcievent.c module of Bluetooth protocol implementation in Linux kernel is related to dereferencing of null pointer. of the Linux kernel Bluetooth protocol is related to null pointer dereferencing. Exploitation of the...

5.5CVSS6.5AI score0.0021EPSS
Exploits0
Redos
Redos
•added 2024/11/26 12:0 a.m.•253 views

ROS-20241126-02

A vulnerability in the drm/amd/amdkfd component of the Linux operating system kernel is related to incorrect initialization in the stopcpsch function in drivers/gpu/drm/amd/amdkfd/kfddevicequeuemanager.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

9.8CVSS7.5AI score0.01358EPSS
Exploits0
Redos
Redos
•added 2024/11/25 12:0 a.m.•16 views

ROS-20241125-02

A vulnerability in the hns3 component of the Linux operating system kernel is related to out-of-bounds read errors in the hns3getcoalinfo function in drivers/net/ethernet/hisilicon/hns3/hns3debugfs.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

7.8CVSS6.7AI score0.00253EPSS
Exploits0
Redos
Redos
•added 2024/11/25 12:0 a.m.•29 views

ROS-20241125-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to a memory corruption in the function f2fsinitpagearraycache in f2fs/compress.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the sim...

9.1CVSS7.6AI score0.01219EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•18 views

ROS-20241121-02

A vulnerability in the Access Rule Handler component of the Openstack cloud services platform involves manipulation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system. affect the integrity of the system...

5.5CVSS6.7AI score0.00493EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•10 views

ROS-20241121-04

Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is related to...

9.9CVSS7.1AI score0.16496EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•25 views

ROS-20241121-01

Vulnerability in Moodle virtual learning environment related to excessive data output by application in Messaging error message. Messaging error message. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to confidential information. remotely, to...

7.5CVSS7.4AI score0.00403EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•20 views

ROS-20241121-05

The vulnerability in the Moodle virtual learning environment is related to issues with controlling the visibility of user information in gradebook reports. of user information in gradebook reports. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

8.1CVSS6.8AI score0.83343EPSS
Exploits8
Redos
Redos
•added 2024/11/21 12:0 a.m.•16 views

ROS-20241121-06

A vulnerability in the Consul service configuration tool is related to the use of URL paths in L7 traffic. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access rules based on HTTP request paths. HTTP request paths The vulnerability in the Consul service...

8.1CVSS5.9AI score0.00725EPSS
Exploits0
Redos
Redos
•added 2024/11/21 12:0 a.m.•16 views

ROS-20231121-04

Vulnerability in Nextcloud cloud storage creation and utilization software is related to improper access controls. Exploitation of the vulnerability could allow an intruder, acting remotely, to gain access to sensitive information Nextcloud cloud storage creation and utilization software...

6.5CVSS7AI score0.00652EPSS
Exploits0
Redos
Redos
•added 2024/11/20 12:0 a.m.•33 views

ROS-20241120-02

A vulnerability in the locking/wwmutex/test components of the Linux operating system kernel is related to improper locking in the functions listforeachentrysafe, stressonework, and stress in the kernel/locking/test/test-wwmutex.c. Exploitation of the vulnerability could allow an attacker to cause...

7.8CVSS7.2AI score0.00263EPSS
Exploits0
Redos
Redos
•added 2024/11/20 12:0 a.m.•17 views

ROS-20241120-01

Vulnerability of drm/amd/display components of Linux kernel is related to dereferencing of the NULL pointer in the amdgpudminit function in drivers/gpu/drm/amd/display/amdgpudm/amdgpudm.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in th...

7.8CVSS6.8AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/11/19 12:0 a.m.•30 views

ROS-20241119-01

A vulnerability in the ath11k component of the SUNRPC kernel of the Linux system is related to use-after-use errors release in the rpcclntremovepipedir and rpcsetuppipedir functions in net/sunrpc/clnt.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the syste...

8.8CVSS7.3AI score0.01EPSS
Exploits0
Redos
Redos
•added 2024/11/19 12:0 a.m.•260 views

ROS-20241119-02

Vulnerability of cxl/region components of Linux kernel is related to the use of uninitialized resource in the cxlregionattach function in drivers/cxl/core/region.c. Exploitation of the the vulnerability could allow an attacker to cause a denial of service A vulnerability in the tls component of t...

9.1CVSS7.2AI score0.00923EPSS
Exploits0
Redos
Redos
•added 2024/11/18 12:0 a.m.•25 views

ROS-20241118-02

A vulnerability in the bcmasp component of the Linux kernel is related to a memory leak in the functions umacinit, bcmasptxpoll, bcmaspinittx and bcmaspnetifdeinit functions in drivers/net/ethernet/broadcom/asp2/bcmaspintf.c. Exploitation of the vulnerability could allow an attacker to cause a...

7.8CVSS6.8AI score0.00654EPSS
Exploits0
Redos
Redos
•added 2024/11/18 12:0 a.m.•25 views

ROS-20241118-01

Vulnerability in the ena component of the Linux kernel is related to resource management errors in the enaunmaptxbuff and enafreetxbufs functions in drivers/net/ethernet/amazon/ena/ena/enanetdev.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

9.1CVSS7.3AI score0.01401EPSS
Exploits0
Redos
Redos
•added 2024/11/15 12:0 a.m.•29 views

ROS-20241115-02

A vulnerability in the octeontx2-pf component of the Linux kernel is related to a memory leak in the function otx2qosreadtxschqcfgtl in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

7.8CVSS7.5AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2024/11/15 12:0 a.m.•35 views

ROS-20241115-01

A vulnerability in the pinctrl component of the Linux kernel is related to the dereferencing of a NULL pointer in the pcssetmux function in drivers/pinctrl/pinctrl-single.c.. pcssetmux function in drivers/pinctrl/pinctrl-single.c. Exploitation of the vulnerability could allow an attacker to cause...

7.1CVSS7.4AI score0.00259EPSS
Exploits0
Redos
Redos
•added 2024/11/14 12:0 a.m.•36 views

ROS-20241114-01

Vulnerability of net/rds components of Linux operating system kernel is related to dereferencing of NULL pointer in the rdsrdmamap function in net/rds/rdma.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the nftables component of the...

7.8CVSS7.4AI score0.00966EPSS
Exploits0
Redos
Redos
•added 2024/11/14 12:0 a.m.•18 views

ROS-20241114-02

The vulnerability of the micrel component of the Linux operating system kernel is related to the NULL pointer dereferencing in lan8814txtstamp, lan8814getsigrx, lan8814matchrxts, lan8814ptpciadjfine functions, lan8814getsigtx, lan8814dequeuetxskb, and lan8814matchskb in drivers/net/phy/micrel.c...

7.8CVSS7AI score0.00632EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•11 views

ROS-20241112-05

A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.8CVSS7.2AI score0.00894EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241112-08

A vulnerability in the Raft Consensus Algorithm of the Raft data distribution algorithm of the Integrated storage Raft storage of HashiCorp Vault and Vault Enterprise platforms for archiving corporate information is associated with unlimited resource consumption as a result of nodes incorrectly...

7.5CVSS6.7AI score0.00479EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•17 views

ROS-20241112-10

A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the use of https URLs even after certificate validation errors. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data and compromise their integrity. remotely to gain...

8.1CVSS6.9AI score0.03295EPSS
Exploits2
Redos
Redos
•added 2024/11/13 12:0 a.m.•37 views

ROS-20241112-12

A vulnerability in the drm/vmwgfx components of the Linux operating system kernel is related to memory corruption in the vmwducursormobsize and vmwducursorplanecleanupfb functions in the drivers/gpu/drm/vmwgfx/vmwgfxkms.c. Exploitation of the vulnerability could allow an attacker to elevate the...

8.8CVSS7.3AI score0.00646EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•12 views

ROS-20241112-09

A vulnerability in the Consul service configuration tool is related to input validation errors when processing catalog traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTTP request and read arbitrary files on the system...

8.3CVSS6.8AI score0.00473EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•17 views

ROS-20241112-11

A vulnerability in the index.php component of Enterprise Server, a cloud-based software package for creating and using Nextcloud Server data storage is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to modify or delete VCards in the...

8.1CVSS6.8AI score0.00805EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•33 views

ROS-20241113-01

A vulnerability in the sched/debug components of the Linux operating system kernel is related to information disclosure in the updatescheddomaindebugfs function in kernel/sched/debug.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A...

7.8CVSS7.4AI score0.00907EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•16 views

ROS-20241113-02

A vulnerability in the HDMA component of the Linux operating system kernel is related to race conditions in the functions dwhdmav0corewritechunk and dwhdmav0corestart in drivers/dma/dw-edma/dw-hdma-v0-core.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the...

5.5CVSS7AI score0.00246EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•19 views

ROS-20241112-02

A vulnerability in the ansible-core component of the Red Hat Ansible configuration management system is related to incorrect processing of output data for logs. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in Red Hat Ansible configurati...

6.3CVSS6.8AI score0.00859EPSS
Exploits0
Redos
Redos
•added 2024/11/13 12:0 a.m.•21 views

ROS-20241112-04

Vulnerability of http requests of CurlAsyncHTTPClient component of Tornado asynchronous network library is related to improper neutralization of CRLF sequences. Exploitation of the vulnerability could allow an attacker acting remotely to inject arbitrary headers into a request or cause an...

7.2AI score
Exploits0
Total number of security vulnerabilities8110