Lucene search
K

8110 matches found

Redos
Redos
•added 2024/09/27 12:0 a.m.•16 views

ROS-20240927-02

A vulnerability in the Google Chrome browser is related to the execution of certain user interface gestures Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed the user interface using a specially crafted HTML page A vulnerability in Google Chrome browse...

8.8CVSS6.6AI score0.00265EPSS
Exploits3
Redos
Redos
•added 2024/09/25 12:0 a.m.•40 views

ROS-20240925-01

A vulnerability in the max3100 component of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the afalg component of the Linux kernel is related to NULL pointer dereferencing...

7.8CVSS7AI score0.00306EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•8 views

ROS-20240924-05

The vulnerability in Firefox ESR web browsers, Firefox and Thunderbird email client is related to writing beyond the buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Thunderbird email client and Firefox,...

9.8CVSS7.3AI score0.01233EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•13 views

ROS-20240924-02

Vulnerability in Thunderbird email client and Firefox browsers, Firefox ESR is related to writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in Firefox ESR, Firefox web browsers...

9.8CVSS7.1AI score0.01233EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•7 views

ROS-20240924-06

A vulnerability in the Garbage Collector component of the Firefox and Firefox ESR browsers and the Thunderbird email client is related to memory release errors in object operations. Thunderbird email client is associated with memory freeing errors when performing operations on objects. Exploitati...

9.8CVSS7.6AI score0.01585EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•15 views

ROS-20240924-01

The vulnerability in Firefox and Firefox ESR browsers and Thunderbird email client is related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, redirect a user to an arbitrary URL using a specially crafted extension The vulnerability in...

9.8CVSS7.5AI score0.01585EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•38 views

ROS-20240924-04

A vulnerability in the fastrpc component of the Linux operating system kernel is related to race conditions after a memory release. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity, and availability A vulnerability in the usbsubmiturb function of...

7.8CVSS6.8AI score0.0026EPSS
Exploits0
Redos
Redos
•added 2024/09/24 12:0 a.m.•52 views

ROS-20240924-03

Vulnerability of the ice component of the Linux kernel is related to the NULL pointer dereferencing in the kzalloc. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the arm64/mm component of the Linux kernel is related to incorrect handling o...

7.8CVSS7AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•14 views

ROS-20240923-04

A vulnerability in the Node.js software platform is related to flaws in HTTP request processing. Exploitation vulnerability could allow an attacker acting remotely to send a covert HTTP request HTTP Request Smuggling attack. HTTP Request Smuggling...

6.5CVSS7AI score0.01155EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•262 views

ROS-20240923-05

A vulnerability in the interpreter of the software suite for processing, transforming, and generating Ghostscript documents is related to errors in relative directory path handling. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a special...

8.8CVSS8.2AI score0.27992EPSS
Exploits6
Redos
Redos
•added 2024/09/23 12:0 a.m.•13 views

ROS-20240923-03

A vulnerability in the gffilterpidpidmergepropertiesinternal function of the GPAC multimedia platform, related to a The lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service Vulnerability in the...

7.5CVSS6.6AI score0.01635EPSS
Exploits3
Redos
Redos
•added 2024/09/23 12:0 a.m.•18 views

ROS-20240923-01

The vulnerability of WebKitGTK and WPE WebKit web page display modules is related to memory access after it is memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7AI score0.00844EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•17 views

ROS-20240923-07

NBD protocol vulnerability in libnbd library is related to incorrect verification of NBD server certificate when using TLS to connect to NBD server. using TLS to connect to the NBD server. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the integrity of the...

7.4CVSS6.8AI score0.0039EPSS
Exploits0
Redos
Redos
•added 2024/09/23 12:0 a.m.•18 views

ROS-20240923-06

Vulnerability of net/http and net/http2 libraries of Go programming language in terms of implementation of the HTTP/2 protocol is related to uncontrolled resource consumption as a result of incorrect determination of the termination of HTTP/2 is related to uncontrolled resource consumption as a...

7.5CVSS7.1AI score0.91969EPSS
Exploits1
Redos
Redos
•added 2024/09/23 12:0 a.m.•7 views

ROS-20240923-08

Vulnerabilities in Mozilla Firefox, Firefox ESR and Thunderbird email client are related to flaws in the in access control. Exploitation of the vulnerability could allow an attacker acting remotely, spoofing attacks Vulnerability in the implementation of the HSTS HTTP Strict Transport Security...

8.8CVSS8.7AI score0.02155EPSS
Exploits2
Redos
Redos
•added 2024/09/23 12:0 a.m.•39 views

ROS-20240923-02

Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

8.8CVSS9.8AI score0.02155EPSS
Exploits1
Redos
Redos
•added 2024/09/20 12:0 a.m.•669 views

ROS-20240920-11

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS7.1AI score0.00977EPSS
Exploits0
Redos
Redos
•added 2024/09/20 12:0 a.m.•686 views

ROS-20240920-09

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

7.8AI score0.00536EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•15 views

ROS-20240918-09

A vulnerability in the Compositing component of Google Chrome browser is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user's security interface using a specially crafted HTML page. security interface using a specially...

5.4CVSS6.3AI score0.00248EPSS
Exploits1
Redos
Redos
•added 2024/09/19 12:0 a.m.•286 views

ROS-20240918-08

A vulnerability in FreeIPA's centralized user identity management system is associated with insufficient password hash calculation. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate their privileges by brute-forcing possible values for a user's password...

8.1CVSS7.1AI score0.02053EPSS
Exploits1
Redos
Redos
•added 2024/09/19 12:0 a.m.•268 views

ROS-20240918-07

A vulnerability in the BlueZ Bluetooth protocol stack for Linux is related to improper index validation of the BlueZ Audio AVRCP of the BlueZ Audio AVRCP array. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8CVSS7.2AI score0.01427EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•87 views

ROS-20240918-06

Vulnerability of DNS-server Unbound is related to the possibility of forming a pulse stream of a large number of requests to the server using responses from DNS resolvers. DNS server Unbound vulnerability is related to the possibility of generating a pulse flow of a large number of requests to th...

7.5CVSS7AI score0.01729EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•18 views

ROS-20240918-10

The Jenkins Automation Server vulnerability is related to a lack of permission checking at the endpoint of the HTTP. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information The Jenkins Automation Server Remoting library vulnerability is...

8.8CVSS7.6AI score0.28782EPSS
Exploits4
Redos
Redos
•added 2024/09/19 12:0 a.m.•19 views

ROS-20240918-15

A vulnerability in the Mbed TLS software is related to the use of a faulty or risky cryptographic algorithm. Exploitation of the vulnerability could allow an intruder to disclose protected information information...

5.1CVSS6.7AI score0.00236EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•19 views

ROS-20240919-01

Vulnerability of Microsoft.NET Framework and .NET software platform of Windows operating systems is related to incorrect definition of symbolic links before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.3CVSS6.9AI score0.01292EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•21 views

ROS-20240918-11

A vulnerability in the libpcap library's freeaddrinfo function is related to calling freeaddrinfo for the same allocated memory block. same allocated block of memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

4.4CVSS4.7AI score0.00227EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•20 views

ROS-20240918-14

A vulnerability in Asterisk and Certified Asterisk IP telephony management systems is related to errors in sending a SIP request to a URI. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service and shutdown...

5.7CVSS6.7AI score0.00553EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•21 views

ROS-20240919-03

A vulnerability in the nommu component of the Linux operating system kernel is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm component of the Linux kernel is related to NULL pointer dereferencing...

5.5CVSS6.5AI score0.00208EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•20 views

ROS-20240918-13

A vulnerability in HashiCorp's Vault and Vault Enterprise enterprise information archiving platforms is related to storing the plaintext values of client tokens and token accessors in the audit log auditing. Exploitation of the vulnerability could allow an attacker to gain access to sensitive...

6.5CVSS6.8AI score0.00474EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•24 views

ROS-20240918-12

A vulnerability in the Ruby REXML XML toolkit is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The XML Toolkit for Ruby REXML vulnerability is related to the presence of a DoS vulnerability in X...

7.5CVSS7AI score0.01283EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•69 views

ROS-20240919-02

Vulnerability of the reweightentity function of the sched component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity, and availability. A...

7.8CVSS7.2AI score0.00248EPSS
Exploits0
Redos
Redos
•added 2024/09/19 12:0 a.m.•17 views

ROS-20240918-16

A vulnerability in the deserialize JavaScript library function for Jwcrypto is related to an uncontrolled resource consumption. uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by transmitting a specially...

6.8CVSS6.6AI score0.0098EPSS
Exploits1
Redos
Redos
•added 2024/09/18 12:0 a.m.•335 views

ROS-20240918-03

A vulnerability in the WebCore::RenderLayer::renderer function of the WPE WebKit and WebKitGTK web page display modules is related to memory usage after it is freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in...

8.8CVSS7.8AI score0.01053EPSS
Exploits0
Redos
Redos
•added 2024/09/18 12:0 a.m.•11 views

ROS-20240918-05

A vulnerability in the net component of the Golang programming language is related to the execution of a loop with an inaccessible exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.9CVSS7AI score0.01001EPSS
Exploits0
Redos
Redos
•added 2024/09/18 12:0 a.m.•16 views

ROS-20240918-02

A vulnerability in the WebKitGTK web page display module is related to disclosure of information in an erroneous data area of data. Exploitation of the vulnerability allows an attacker acting remotely to gain access to the sensitive data...

6.5CVSS6.7AI score0.01259EPSS
Exploits0
Redos
Redos
•added 2024/09/18 12:0 a.m.•41 views

ROS-20240918-04

Webmin hosting control panel vulnerability is related to failure to take measures to protect the structure of a web page. of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the ajaxterm module of the Webmin hosti...

8.8CVSS6.7AI score0.00708EPSS
Exploits9
Redos
Redos
•added 2024/09/18 12:0 a.m.•19 views

ROS-20240918-01

A vulnerability in the CGI::Cookie.parse function of the Ruby programming language is related to incorrect processing of security prefixes in cookie names. security prefixes in cookie names. Exploitation of the vulnerability allows an attacker, acting remotely, to affect data integrity...

9.8CVSS8.1AI score0.04766EPSS
Exploits3
Redos
Redos
•added 2024/09/17 12:0 a.m.•158 views

ROS-20241220-03

A vulnerability in the xmlparse.c file of the libexpat XML file parsing library is related to an integer overflow for nDefaultAtts on 32-bit platforms. Exploitation of the vulnerability could allow an an attacker to cause a denial of service...

9.8CVSS7AI score0.0113EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•20 views

ROS-20240917-05

Vulnerability in the sysinfo.cgi script implementation of Webmin hosting control panel exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute an arbitrary script...

5.4CVSS7.2AI score0.00303EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•298 views

ROS-20240829-10

A vulnerability in the xmlparse.c file of the libexpat XML file parsing library is related to an integer overflow for nDefaultAtts on 32-bit platforms. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the xmlparse.c file of the libexpat...

9.8CVSS6.7AI score0.01393EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•18 views

ROS-20240917-07

Vulnerability in the PCI Device Handler component of the Xen cross-platform hypervisor is related to bugs in the program's code of the program. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity and availability of the system A vulnerability in the x86...

7.5CVSS7.4AI score0.00235EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•22 views

ROS-20240917-06

A glitch in the sessionlogin.cgi script of the Webmin hosting control panel and web interface for unix-like systems Usermin exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a...

6.1CVSS7AI score0.004EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•23 views

ROS-20240917-02

A vulnerability in the PyFindObjects function of the PyFindObjects library for the open-source Python programming language scipy is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and...

9.8CVSS6.7AI score0.0111EPSS
Exploits2
Redos
Redos
•added 2024/09/17 12:0 a.m.•18 views

ROS-20240917-03

A vulnerability in the QEMU hardware emulator info command is related to uncontrolled consumption of resources. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise their integrity, and cause a denial of service by using a specially crafted file...

7.8CVSS6.9AI score0.00333EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•14 views

ROS-20240917-04

A vulnerability in the crypto.X509Certificate function of the Node.js software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

5.3CVSS6.8AI score0.01157EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•25 views

ROS-20240917-01

A vulnerability in the user tabs of Google Chrome and Microsoft Edge browsers is related to an incorrect security checks for standard elements. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface with a specially crafted HTML page. generated HTM...

9.6CVSS8.5AI score0.19272EPSS
Exploits6
Redos
Redos
•added 2024/09/17 12:0 a.m.•16 views

ROS-20240917-08

Vulnerability of classes ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network of the ipaddress module of the Python programming language interpreter CPython is related to the incorrect IP address range validation. Exploitation of the vulnerability could...

7.5CVSS6.8AI score0.01034EPSS
Exploits0
Redos
Redos
•added 2024/09/17 12:0 a.m.•30 views

ROS-20240917-09

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/09/16 12:0 a.m.•147 views

ROS-20240916-13

A vulnerability in the email module of the Python programming language interpreter is due to insufficient inadequate input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the security mechanism...

5.3CVSS7.2AI score0.02507EPSS
Exploits1
Redos
Redos
•added 2024/09/16 12:0 a.m.•24 views

ROS-20240916-02

The vulnerability of the sql/itemcmpfunc.cc component of the MariaDB DBMS is related to a flaw in the use of the function assert. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service The vulnerability of the Createtmptable::finalize component of the...

7.5CVSS8.1AI score0.02458EPSS
Exploits22
Total number of security vulnerabilities8110