Lucene search
K

8110 matches found

Redos
Redos
•added 2024/11/13 12:0 a.m.•20 views

ROS-20241112-07

Eclipse Mosquitto message broker vulnerability is related to a heap buffer overflow when executing a onsubscribe callback. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information The Eclipse Mosquitto message broker vulnerability is relate...

9.8CVSS7.9AI score0.579EPSS
Exploits2
Redos
Redos
•added 2024/11/13 12:0 a.m.•19 views

ROS-20241112-03

Vulnerability of the JWE, JWS, JWT go-jose standards set implementation package for Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service Vulnerability of...

7.5CVSS7.6AI score0.91969EPSS
Exploits1
Redos
Redos
•added 2024/11/13 12:0 a.m.•17 views

ROS-20241112-06

The XML toolkit vulnerability for Ruby REXML is related to inefficient regular expression complexity expressions. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of service attack using regular expressions. denial-of-service attack using regular...

8.7CVSS7.2AI score0.01429EPSS
Exploits0
Redos
Redos
•added 2024/11/12 12:0 a.m.•12 views

ROS-20241112-01

An implementation vulnerability in the Simple Authentication and Security Layer GNU SASL framework is related to reading outside the outside the allocated space on the GNU SASL libgsasl server side using a malicious authenticated GSS-API client. Exploitation of the vulnerability could allow an...

8.1CVSS6.6AI score0.01091EPSS
Exploits0
Redos
Redos
•added 2024/11/08 12:0 a.m.•23 views

ROS-20241108-02

A vulnerability in the powerpc/powernv component of the Linux operating system kernel is related to a memory leak in the function scomdebuginitone in arch/powerpc/platforms/powernv/opal-xscom.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability i...

7.8CVSS7.8AI score0.00861EPSS
Exploits0
Redos
Redos
•added 2024/11/08 12:0 a.m.•14 views

ROS-20241108-03

Vulnerability of multiqtune function of schmultiq component of Linux kernel is related to writing outside of dynamic memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code in kernel mode by executing specially specially...

7.8CVSS7.8AI score0.00284EPSS
Exploits0
Redos
Redos
•added 2024/11/08 12:0 a.m.•29 views

ROS-20241108-01

A vulnerability in the mac80211 component of the Linux operating system kernel is related to information disclosure in the function stainfofree in net/mac80211/stainfo.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the As...

7.1CVSS6.8AI score0.00232EPSS
Exploits0
Redos
Redos
•added 2024/11/07 12:0 a.m.•12 views

ROS-20241107-02

A vulnerability in the x86/mmu components of the Linux operating system kernel is related to incorrect calculations in the kvmtdpmmutrysplithugepages, kvmtdpmmucleardirtyslot, and cleardirtyptmasked functions in the arch/x86/kvm/mmu/tdpmmu.c. Exploitation of the vulnerability could allow an...

7.4CVSS7AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/11/07 12:0 a.m.•34 views

ROS-20241107-01

A vulnerability in the imx component of the Linux kernel is associated with a memory leak in the function ipucscscalerrelease in drivers/staging/media/imx/imx-media-csc-scaler.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in Linux kernel...

7.8CVSS7.6AI score0.0033EPSS
Exploits0
Redos
Redos
•added 2024/11/06 12:0 a.m.•34 views

ROS-20241106-01

Vulnerability of the supply component of the Linux kernel is related to resource management errors in the bq27xxxbatteryi2cremove function in drivers/power/supply/bq27xxxbatteryi2c.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...

7.8CVSS8.7AI score0.00622EPSS
Exploits0
Redos
Redos
•added 2024/11/05 12:0 a.m.•37 views

ROS-20241105-01

A vulnerability in the i2c component of the Linux kernel is related to a stack overflow in the function mlxbfi2csmbusstarttransaction in drivers/i2c/busses/i2c-mlxbf.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the netfilter componen...

9.1CVSS8.2AI score0.01635EPSS
Exploits0
Redos
Redos
•added 2024/11/01 12:0 a.m.•21 views

ROS-20241101-01

A vulnerability in the sysfs component of the Linux operating system kernel is related to excessive output in the sysfsbreakactiveprotection function in fs/sysfs/file.c. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information Vulnerability in the clk...

7.8CVSS7.6AI score0.00423EPSS
Exploits0
Redos
Redos
•added 2024/11/01 12:0 a.m.•26 views

ROS-20241101-02

A vulnerability in the vmxnet3 component of the Linux operating system kernel is related to resource management errors in the vmxnet3processxdp function in drivers/net/vmxnet3/vmxnet3xdp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in t...

7.8CVSS7AI score0.00476EPSS
Exploits0
Redos
Redos
•added 2024/10/31 12:0 a.m.•30 views

ROS-20241031-02

A vulnerability in the qcom component of the Linux operating system kernel is related to read errors outside of bounds in the F function in drivers/clk/qcom/gcc-ipq9574.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mm/memory-failu...

5.5CVSS7AI score0.00241EPSS
Exploits0
Redos
Redos
•added 2024/10/31 12:0 a.m.•29 views

ROS-20241031-01

A vulnerability in the nilfs2 component of the Linux operating system kernel is related to improper error handling in the nilfsgetblock function in fs/nilfs2/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the nilfs2 component of...

7.8CVSS7.3AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•311 views

ROS-20241029-08

Vulnerability in the OpenSearch software package related to improper validation of the nextUrl parameter. Exploitation of the vulnerability could allow an attacker to redirect a user to a malicious site A vulnerability in the server.maxHeadersCount configuration of the ws client-server library in...

7.5CVSS7.4AI score0.01471EPSS
Exploits4
Redos
Redos
•added 2024/10/29 12:0 a.m.•14 views

ROS-20241029-07

The vulnerability in Buildah container image management tool is related to input validation errors in the directory traversal sequences in cache mounts. Exploitation of the vulnerability could allow an infringing user to escalate privileges on the system...

7.8CVSS7.4AI score0.00392EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•16 views

ROS-20241029-04

A vulnerability in the containers-common library of the Golang programming language is related to incorrect handling of certain file paths due to incorrect validation. certain file paths due to improper validation. Exploitation of the vulnerability could allow an attacker acting remotely to explo...

8.2CVSS7.1AI score0.0099EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•7 views

ROS-20241029-14

The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...

6.5CVSS7.3AI score0.01345EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•6 views

ROS-20241029-15

The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...

6.5CVSS7.3AI score0.01345EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•8 views

ROS-20241029-03

The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...

6.5CVSS7.3AI score0.01345EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•25 views

ROS-20241029-02

A vulnerability in the Action Dispatch component of the Ruby interpreter with the Action Pack extension is related to bugs in the procedures for filtering Action Dispatch request parameters. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

8.7CVSS7.3AI score0.01103EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•19 views

ROS-20241029-06

A vulnerability in the ImageOverlay::parse function of the libheif file format decoder and encoder is related to insufficient checking when decoding a HEIF file containing an overlaid image with spurious offsets. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

8.1CVSS7.1AI score0.00825EPSS
Exploits1
Redos
Redos
•added 2024/10/29 12:0 a.m.•6 views

ROS-20241029-12

A vulnerability in the Podman OCI container management and startup software tool is related to bugs in the option bind-propagation of the Dockerfile RUN --mount instruction. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...

4.7CVSS6.9AI score0.00287EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•4 views

ROS-20241029-13

A vulnerability in the containers-common library of the Golang programming language is related to incorrect handling of certain file paths due to incorrect validation. certain file paths due to improper validation. Exploitation of the vulnerability could allow an attacker acting remotely to use...

8.2CVSS7.1AI score0.0099EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•18 views

ROS-20241029-11

A vulnerability in the blockformat function of the Ruby interpreter with the Action Mailer Gem extension is related to the execution of the function for an unexpectedly large amount of time. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.7CVSS7.1AI score0.00944EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•13 views

ROS-20241029-01

A vulnerability in the libreswan client plug-in of the NetworkManager network connection management program is related to insufficient checking of key values inside the VPN configuration file. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS8.1AI score0.00452EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•15 views

ROS-20241029-09

A vulnerability in the plaintextforblockquotenode function of the Ruby interpreter with the Action Text Gem extension is related to the execution of the function for an unexpectedly large amount of time. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial o...

8.7CVSS7.2AI score0.00991EPSS
Exploits0
Redos
Redos
•added 2024/10/29 12:0 a.m.•16 views

ROS-20241029-05

A vulnerability in the Podman OCI container management and startup software tool is related to bugs in the option bind-propagation of the Dockerfile RUN --mount instruction. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...

4.7CVSS6.9AI score0.00287EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•29 views

ROS-20241028-03

The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...

7CVSS7.5AI score0.00689EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•268 views

ROS-20241028-04

A vulnerability in the tcp component of the Linux operating system kernel is related to excessive output in the function sockprotinuseadd in net/ipv4/inethashtables.c. Exploitation of the vulnerability could allow an attacker to gain access to confidential information A vulnerability in the btrtl...

8.4CVSS6.8AI score0.00761EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•8 views

ROS-20241028-01

Vulnerability in HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to user enumeration when using the LDAP authentication method. Exploitation The vulnerability could allow an attacker acting remotely to impact the integrity of the systems...

5.3CVSS6.9AI score0.00613EPSS
Exploits0
Redos
Redos
•added 2024/10/28 12:0 a.m.•12 views

ROS-20241028-02

The vulnerability of the net-netip component of Golang programming language is related to incorrect operation of Is methods IsPrivate, IsLoopback, etc. methods. Exploitation of the vulnerability can allow an intruder to bypass the existing access restriction policy...

9.8CVSS7.2AI score0.01952EPSS
Exploits0
Redos
Redos
•added 2024/10/25 12:0 a.m.•21 views

ROS-20241025-01

A vulnerability in the netlink component of the Linux kernel is related to the use of an uninitialized resource in the sizeof function in lib/nlattr.c. uninitialized resource in the sizeof function in lib/nlattr.c. Exploitation of the vulnerability could allow an attacker to cause a denial of...

5.5CVSS6.6AI score0.0024EPSS
Exploits0
Redos
Redos
•added 2024/10/25 12:0 a.m.•19 views

ROS-20241025-02

Vulnerability of usb-audio component of Linux kernel is related to NULL pointer dereferencing in the sndusbsetsampleratev2v3 function in sound/usb/clock.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the target component of the target...

7.8CVSS8.1AI score0.00279EPSS
Exploits0
Redos
Redos
•added 2024/10/25 12:0 a.m.•23 views

ROS-20241024-01

A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.5AI score0.01414EPSS
Exploits0
Redos
Redos
•added 2024/10/25 12:0 a.m.•21 views

ROS-20241024-03

Vulnerability of idxd components of the Linux operating system kernel is related to resource management errors in the idxdcleanupinternals and idxdinitevl functions in drivers/dma/idxd/init.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability i...

5.5CVSS6.2AI score0.00272EPSS
Exploits0
Redos
Redos
•added 2024/10/25 12:0 a.m.•30 views

ROS-20241024-02

Vulnerability in the drm component of the Linux operating system kernel is related to use-after-use errors in the drmgemprimemmap release in the drmgemprimemmap function in drivers/gpu/drm/drmprime.c. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system...

7.8CVSS7.5AI score0.00983EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•156 views

ROS-20241023-11

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•15 views

ROS-20241023-01

A vulnerability in the HAProxy server software is related to the opening of a 0-RTT session with a spoofed IP address. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the the functionality of the allowed/blocked IP address list...

5.3CVSS7.2AI score0.00502EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•9 views

ROS-20241023-03

A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to improper privilege assignment. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate privileges...

7.2CVSS7.3AI score0.00528EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•16 views

ROS-20241023-02

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•11 views

ROS-20241023-05

A vulnerability in the btrfs component of the Linux operating system kernel is related to an incorrect lock in the function emitfiemapextent in fs/btrfs/extentio.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the powerpc/pseries/iommu...

7.1CVSS6.6AI score0.00226EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•25 views

ROS-20241023-04

Vulnerability in ext4 component of Linux kernel is related to division by zero errors in function mbupdateavgfragmentsize in fs/ext4/mballoc.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the fsl-qdma component of the Linux operating...

7.1CVSS7.2AI score0.00301EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•154 views

ROS-20241023-08

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•16 views

ROS-20241023-09

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•15 views

ROS-20241023-07

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/23 12:0 a.m.•15 views

ROS-20241023-06

Vulnerability of the BufWinLeave function of the vim text editor is related to memory usage after its release. Exploitation of the vulnerability could allow an attacker to gain access to confidential information. information...

4.7CVSS7.3AI score0.00291EPSS
Exploits0
Redos
Redos
•added 2024/10/22 12:0 a.m.•33 views

ROS-20241021-07

Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service or execute arbitrary code...

7.1CVSS7.7AI score0.03422EPSS
Exploits1
Redos
Redos
•added 2024/10/22 12:0 a.m.•25 views

ROS-20241021-08

A vulnerability in the ad4130 component of the Linux operating system kernel is related to incorrect input validation in the ad4130setupintclk function in drivers/iio/adc/ad4130.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service Vulnerability of devlinkin...

7.8CVSS7.7AI score0.00828EPSS
Exploits0
Total number of security vulnerabilities8110