Lucene search
K

8110 matches found

Redos
Redos
•added 2024/10/08 12:0 a.m.•20 views

ROS-20241008-09

A vulnerability in the ZFS file system implementation and the OpenZFS open source volume manager is related to replacing the contents of a file with null-valued bytes. Exploitation of the vulnerability could allow an attacker acting remotely to disable security mechanisms...

7.5CVSS6.7AI score0.01158EPSS
Exploits1
Redos
Redos
•added 2024/10/08 12:0 a.m.•33 views

ROS-20241008-10

Vulnerability of u32initknode function in net/sched/clsu32.c module of Linux kernel is related to reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information or elevate their...

7.8CVSS7.2AI score0.00565EPSS
Exploits1
Redos
Redos
•added 2024/10/08 12:0 a.m.•16 views

ROS-20241008-05

A vulnerability in the ProcXkbGetKbdByName function of the xkb/xkb.c component of the Wayland protocol implementation for X.Org XWayland, an implementation of the X Window System X.Org Server is related to incorrect memory freeing before deleting the last link. Exploitation of the vulnerability...

8.8CVSS7.5AI score0.01681EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•18 views

ROS-20241008-04

A vulnerability in the RSS function of the QEMU hardware emulator is related to setting too large a value, causing an index out-of-bounds problem. values, causing a problem with the index going out of bounds. Exploitation of the vulnerability could allow an attacker acting locally to cause a deni...

6.8CVSS6.8AI score0.0065EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•11 views

ROS-20241008-01

Vulnerability in the DWARF Object Handler component of the library for providing access to debugging information DWARF libdwarf is associated with a re-release vulnerability. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a memory leak...

7.5CVSS6.7AI score0.01089EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•28 views

ROS-20241008-07

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. The vulnerability can be exploited by the GLPI system of requests, incidents and inventory of computer equipment. GLPI computer hardware vulnerability is related ...

9.8CVSS8.2AI score0.67107EPSS
Exploits0
Redos
Redos
•added 2024/10/08 12:0 a.m.•18 views

ROS-20241008-08

Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...

6.5CVSS7.2AI score0.00546EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•25 views

ROS-20241004-05

A vulnerability in the s390/ptrace component of the Linux kernel is related to incorrect processing of the fpc register settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the sc16is7xx component of the Linux kernel is related to...

7.8CVSS8.9AI score0.01999EPSS
Exploits1
Redos
Redos
•added 2024/10/04 12:0 a.m.•18 views

ROS-20241004-07

A vulnerability in the iouring component of the Linux operating system kernel is related to the reuse of previously released memory due to competitive access to a resource race condition in the scmfpcopy function in the net/core/scm.c module. Exploitation of the vulnerability could allow an...

7CVSS6.9AI score0.00224EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•10 views

ROS-20241004-08

A vulnerability in the logitech-hidpp component of the Linux operating system kernel is related to a kernel crash when disconnecting the USB receiver. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

4.7CVSS6.8AI score0.00171EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•20 views

ROS-20241004-01

Vulnerability of ext4remount function of the Linux kernel is related to memory usage after when processing old CONFIGQUOTA file names. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of protected information. protected information...

7.1CVSS6.5AI score0.00225EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•11 views

ROS-20241004-06

A vulnerability in the ksmbd component of the Linux operating system kernel is related to a link reset after using the opinfo. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.1CVSS7.3AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•34 views

ROS-20241004-04

The vulnerability of the filemapcachestat function in the mm/filemap.c module of the memory management subsystem of the kernel of Linux operating system is related to memory usage after its release. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.7AI score0.0095EPSS
Exploits0
Redos
Redos
•added 2024/10/04 12:0 a.m.•20 views

ROS-20241004-03

Vulnerability in the Ceph storage driver net/ceph/messengerv2.c of the kernel of the operating systems Linux kernel is related to operation out of buffer boundaries in memory when processing frame segment length with the parameter cephdecode32. Exploitation of the vulnerability could allow an...

8.8CVSS7.7AI score0.54577EPSS
Exploits1
Redos
Redos
•added 2024/10/04 12:0 a.m.•18 views

ROS-20241004-09

Vulnerability of the matchflags function of the Netfilter subsystem of the Linux kernel is related to the reading of data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information or cause a denial of...

8.2CVSS7.2AI score0.00516EPSS
Exploits1
Redos
Redos
•added 2024/10/04 12:0 a.m.•16 views

ROS-20241004-02

Vulnerability of the mremap function of Linux kernel operating systems is related to memory usage after its release as a result of a race situation when processing the rmap memory management structure. Exploitation of the vulnerability could allow an attacker to cause a denial of service or eleva...

7CVSS6.7AI score0.00232EPSS
Exploits1
Redos
Redos
•added 2024/10/03 12:0 a.m.•31 views

ROS-20241003-01

Vulnerability of dmaentryalloccheckleak function of dma-debug component of Linux operating system kernel is related to incorrect locking. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in the vaddr-test component of the Linux operati...

7.8CVSS7.3AI score0.00805EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•16 views

ROS-20241002-04

A vulnerability in the xenvifgetrequests function in the drivers/net/xen-netback/netback.c module of the cross-platform Xen hypervisor of the Linux kernel is related to the null pointer dereferencing in the function xenvifgetrequests. Exploiting the vulnerability could allow an attacker to cause ...

7.5CVSS6.6AI score0.01177EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•3 views

ROS-20241001-29

A vulnerability in the curl program is related to improper certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system...

6.5CVSS7AI score0.00729EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•35 views

ROS-20241002-06

A vulnerability in the iommu/arm-smmu-v3 component of the Linux operating system kernel is related to soft locking, caused by armsmmumminvalidaterange. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the erofs component of the Linux...

7.8CVSS8.6AI score0.00278EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•272 views

ROS-20241002-05

A vulnerability in the PWM PWM device driver of the Linux kernel operating system is related to reading memory outside of the allocated buffer. Exploitation of the vulnerability could allow An intruder can affect confidentiality, integrity and availability of protected information Vulnerability o...

7.8CVSS7.3AI score0.00274EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•13 views

ROS-20241002-02

Vulnerability of the tcindex indexing filter net/sched/clstcindex.c in the kernel of the of the Linux operating system is related to incorrect filter management, which leads to the repeated freeing previously freed memory. Exploitation of the vulnerability could allow an attacker to elevate...

7.8CVSS7AI score0.01029EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•23 views

ROS-20241002-01

A vulnerability in the btsdioremove function of the drivers\bluetooth\btsdio.c module of the Bluetooth driver of the kernel of the of the Linux operating system is related to the reuse of previously freed memory due to the state of the race. Exploitation of the vulnerability could allow an attack...

7.1CVSS7AI score0.00387EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•14 views

ROS-20241001-13

A vulnerability in the Botan C++ cryptographic library is related to asymmetric resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the C++ Botan cryptographic library is related to errors in parsing...

5.3CVSS6.6AI score0.00845EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•12 views

ROS-20241001-14

A vulnerability in the Nokogiri software library is related to the use of an inefficient regular expression. expression. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of denial of service...

7.5CVSS6.6AI score0.03549EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•21 views

ROS-20241001-16

The compiler vulnerability for writing Babel JavaScript code is related to the use of plugins that rely on Babel's internal path.evaluate or path.evaluateTruthy methods. Exploitation of the of the vulnerability could allow an attacker to execute arbitrary code...

9.3CVSS7.6AI score0.0052EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•32 views

ROS-20241001-10

A vulnerability in the Parse function of the Go programming language is related to uncontrolled recursion. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of service. A vulnerability in the Decoder.Decode function of the Go programming language is...

7.5CVSS7.6AI score0.01127EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•27 views

ROS-20241001-11

A vulnerability in the SSL Certifi certificate validation package is related to insufficient validation of the data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to affect the system integrity...

7.5CVSS6.6AI score0.01049EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•19 views

ROS-20241001-12

QEMU hardware emulator vulnerability is related to synchronization errors. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.5AI score0.01027EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•301 views

ROS-20241001-09

A vulnerability in the curl program is related to improper certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of the system...

6.5CVSS6.7AI score0.00729EPSS
Exploits1
Redos
Redos
•added 2024/10/02 12:0 a.m.•18 views

ROS-20241002-03

Vulnerability of btrfsgetrootref function in fs/btrfs/disk-io.c module of btrfs file system of Linux kernel is related to reuse of previously freed memory. of the Linux operating system is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker t...

7.1CVSS7AI score0.00254EPSS
Exploits0
Redos
Redos
•added 2024/10/02 12:0 a.m.•17 views

ROS-20241001-15

A vulnerability in the configuration implementation of the HTML cleanup tool for Rails Rails Rails Html Sanitizer applications is related to incorrect use of select and style elements when overriding allowed tags. Exploitation of the vulnerability could allow an attacker acting remotely to perfor...

6.1CVSS6.6AI score0.2914EPSS
Exploits1
Redos
Redos
•added 2024/10/01 12:0 a.m.•159 views

ROS-20250203-10

A vulnerability in the SSLselectnextproto function of the OpenSSL TLS and SSL protocols toolkit is related to the information disclosure. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data and cause a denial of service...

9.1CVSS6.9AI score0.05582EPSS
Exploits1
Redos
Redos
•added 2024/10/01 12:0 a.m.•22 views

ROS-20241001-02

Vulnerability of html/template package of Golang programming language is related to incorrect handling of &ltscript&gt occurrences of &ltscript&gt, &lt!--&gt and &lt/script&gt in JS literals in &ltscript&gt contexts. Exploitation vulnerability could allow an attacker acting remotely to perform an...

7.5CVSS6.6AI score0.01146EPSS
Exploits0
Redos
Redos
•added 2024/10/01 12:0 a.m.•13 views

ROS-20241001-01

VLC Media Player vulnerability is related to integer overflow, which can be caused by a malicious mms stream. caused by a malicious mms stream. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8CVSS7AI score0.0057EPSS
Exploits0
Redos
Redos
•added 2024/10/01 12:0 a.m.•25 views

ROS-20241001-05

A vulnerability in the OpenSSL library is related to reading the wrong address in memory when comparing subject names otherName of an X.509 certificate. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service A...

9.1CVSS6.8AI score0.66594EPSS
Exploits1
Redos
Redos
•added 2024/10/01 12:0 a.m.•9 views

ROS-20241001-08

Vulnerability of SPRT dissector of Wireshark computer network traffic analyzer related to access to an uninitialized pointer. uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service via packet injection or a specially crafted capture...

7.8CVSS7.2AI score0.00317EPSS
Exploits1
Redos
Redos
•added 2024/10/01 12:0 a.m.•290 views

ROS-20241001-06

A vulnerability in the Runc isolated container launch tool is related to race condition, that allows link tracking. Exploitation of the vulnerability could allow an attacker to impact data integrity...

3.6CVSS6.6AI score0.00317EPSS
Exploits0
Redos
Redos
•added 2024/10/01 12:0 a.m.•19 views

ROS-20241001-07

Vulnerability in DecodeConfig component of Golang programming language is related to incorrect normalization of HTTP Location header. HTTP Location header. Exploitation of the vulnerability could allow an attacker acting remotely, redirect the user to a malicious site...

6.1CVSS6.5AI score0.00497EPSS
Exploits1
Redos
Redos
•added 2024/10/01 12:0 a.m.•19 views

ROS-20241001-03

An HTTP server vulnerability for Ruby/Rack application Puma is related to a flaw in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTTP request HTTP Request Smuggling attack The HTTP server...

9.8CVSS7AI score0.0214EPSS
Exploits0
Redos
Redos
•added 2024/10/01 12:0 a.m.•19 views

ROS-20241001-04

Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...

9.8CVSS6.7AI score0.00641EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•21 views

ROS-20240927-01

Vulnerability of FFmpeg multimedia library function loadinputpicture is related to buffer copying without checking input data size. checking the size of the input data. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in interpolate component...

7.8CVSS7.9AI score0.00355EPSS
Exploits1
Redos
Redos
•added 2024/09/27 12:0 a.m.•250 views

ROS-20240927-03

A vulnerability in the Concurrency component of the Oracle Java SE and Oracle GraalVM Enterprise Edition software platforms is related to insufficient input validation. Edition is related to insufficient validation of input data. Exploitation of the vulnerability could allow an attacker acting...

3.7CVSS6.5AI score0.01276EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•10 views

ROS-20240927-04

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

3.7CVSS7AI score0.00746EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•1530 views

ROS-20240927-07

A vulnerability in the WikibaseLexeme extension of the MediaWik hypertext implementation software tool is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their privileges Vulnerability of UnlinkedWikibase extension of a...

9.1CVSS6.4AI score0.01287EPSS
Exploits1
Redos
Redos
•added 2024/09/27 12:0 a.m.•26 views

ROS-20240927-05

Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...

9.1CVSS7.5AI score0.26864EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•11 views

ROS-20240927-15

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

3.7CVSS7.2AI score0.00746EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•7 views

ROS-20240927-14

A vulnerability in the Hotspot component of the Oracle Java SE software platform, Oracle GraalVM virtual machines Enterprise Edition and Oracle GraalVM for JDK is related to writes beyond buffer boundaries in memory. Exploitation of the of the vulnerability could allow an attacker acting remotely...

3.7CVSS7.2AI score0.00746EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•7 views

ROS-20240927-08

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

8.8CVSS8.9AI score0.20472EPSS
Exploits0
Redos
Redos
•added 2024/09/27 12:0 a.m.•19 views

ROS-20240927-06

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

8.8CVSS9.1AI score0.20472EPSS
Exploits0
Total number of security vulnerabilities8110