Lucene search
K

8110 matches found

Redos
Redos
•added 2024/09/16 12:0 a.m.•30 views

ROS-20240916-12

Vulnerability in the crypto.setEngine method of the Node.js software platform is related to flaws in access delimitation access. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the existing security restrictions...

7.5CVSS6.8AI score0.01348EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•313 views

ROS-20240916-10

A vulnerability in the ncwrapentry component of the library for controlling I/O to the terminal ncurses, is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availabili...

6.5CVSS7.3AI score0.00962EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•16 views

ROS-20240916-08

Vulnerability of MongoDB database management system is related to errors in TLS certificate validation procedure. of TLS certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, establish an unauthorized connection to the MongoDB server...

9.8CVSS7.1AI score0.005EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•13 views

ROS-20240916-05

A vulnerability in the email module of the Python programming language interpreter is due to insufficient inadequate input validation. Exploitation of the vulnerability could allow an attacker acting remotely, bypass the security mechanism...

5.3CVSS7.2AI score0.02507EPSS
Exploits1
Redos
Redos
•added 2024/09/16 12:0 a.m.•26 views

ROS-20240916-09

The vulnerability of the x86 HVM Hypercall Handler component of the Xen kernel's x86 HVM hypervisor is related to the ability to freely switch between 64-bit and other system modes. Linux kernel hypervisor is related to the ability to freely switch between 64-bit and other system modes...

6.5CVSS7AI score0.0853EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•6 views

ROS-20240916-01

A vulnerability in the Webmin hosting control panel is related to incorrect permissions and privileges. Exploitation of the vulnerability could allow an attacker acting remotely to bypass implemented security restrictions. security...

7.3AI score
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•23 views

ROS-20240916-04

A vulnerability in the PrivateDecrypt function of the cryptographic library of the Node.js software platform is related to the following use of hidden side channels as a result of time discrepancy between decryption of valid and invalid encrypted texts based on the PKCS1 v1.5.5 cryptography...

7.4CVSS7.2AI score0.01302EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•13 views

ROS-20240916-11

Vulnerability of the sssctl command of the remote directory access control service and authentication mechanism SSSD is related to the lack of input data cleanup measures. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, a...

9.3CVSS7.5AI score0.02524EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•15 views

ROS-20240916-03

A vulnerability in the Node.js software platform is related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker acting remotely to disable the validation of the integrity A vulnerability in the APIgenerateKeys function of the Node.js software platform is...

9.8CVSS8.1AI score0.02209EPSS
Exploits2
Redos
Redos
•added 2024/09/16 12:0 a.m.•18 views

ROS-20240916-06

Vulnerability in the Device Handler component of the Xen cross-platform hypervisor of the Linux kernel is related to incorrect placement of a preprocessor directive in the source code. Exploiting the vulnerability could allow an attacker to escalate privileges...

4.1CVSS7.4AI score0.00264EPSS
Exploits0
Redos
Redos
•added 2024/09/16 12:0 a.m.•23 views

ROS-20240916-02

The vulnerability of the sql/itemcmpfunc.cc component of the MariaDB DBMS is related to a flaw in the use of the function assert. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service The vulnerability of the Createtmptable::finalize component of the...

7.5CVSS8.1AI score0.02458EPSS
Exploits22
Redos
Redos
•added 2024/09/12 12:0 a.m.•36 views

ROS-20240912-01

A vulnerability in the H5Olayoutencode function in the H5Olayout.c file of the HDF5 library is related to an overflow of the buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the...

9.8CVSS8.7AI score0.01545EPSS
Exploits15
Redos
Redos
•added 2024/09/11 12:0 a.m.•16 views

ROS-20240911-08

The vulnerability of the configobj ini file reader and writer is related to the placement of a malicious value into a server-side configuration file by a developer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.9CVSS6.7AI score0.01259EPSS
Exploits1
Redos
Redos
•added 2024/09/11 12:0 a.m.•21 views

ROS-20240911-10

A vulnerability in the Python PyJWT implementation of JWT is related to the lack of locking of some public key formats. key formats. Exploitation of the vulnerability allows an attacker acting remotely to affect the data integrity...

7.5CVSS6.7AI score0.012EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•335 views

ROS-20240911-09

Vulnerability of the pkgconftupleparse function libpkgconf/tuple.c of the software tool for setting flags for pkgconf development libraries is related to a buffer overrun. compiler and linker flags for pkgconf development libraries is related to the operation exceeding the buffer boundaries. in...

5.5CVSS6.9AI score0.00516EPSS
Exploits1
Redos
Redos
•added 2024/09/11 12:0 a.m.•18 views

ROS-20240911-07

Vulnerability of utfcptr2len function of vim text editor is related to operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00598EPSS
Exploits1
Redos
Redos
•added 2024/09/11 12:0 a.m.•25 views

ROS-20240911-11

Vulnerability in the cross-platform Xen hypervisor of the Linux operating system kernel is related to disclosure of information. Exploitation of the vulnerability could allow an attacker acting remotely to gain Unauthorized access to protected information A vulnerability in the libfsimage compone...

8.8CVSS7.2AI score0.03764EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•7 views

ROS-20240911-18

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•9 views

ROS-20240911-22

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•12 views

ROS-20240911-01

A vulnerability in the Libvirt virtualization management library is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.2CVSS6.7AI score0.00242EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•275 views

ROS-20240911-02

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•13 views

ROS-20240911-21

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•8 views

ROS-20240911-19

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•8 views

ROS-20240911-20

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•340 views

ROS-20240911-04

A vulnerability in the Kerberos network authentication protocol is associated with modification of the Extra Count open field of the confidential GSS krb5 shell token. Exploitation of the vulnerability allows an attacker acting remotely to affect the integrity and operation of the system. remotel...

9.1CVSS7.2AI score0.01863EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•8 views

ROS-20240911-17

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

8.8CVSS8.4AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•13 views

ROS-20240911-03

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to ignoring the certificate validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data...

5.6CVSS7.3AI score0.0034EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•21 views

ROS-20240911-05

A vulnerability in the libspf2 library of the Exim mail server is related to an integer overflow resulting from the of SPF macros. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS7.8AI score0.51474EPSS
Exploits0
Redos
Redos
•added 2024/09/11 12:0 a.m.•18 views

ROS-20240911-06

A vulnerability in the stack protection feature of the GNU Compiler Collection GCC for different programming languages is due to a data protection mechanism violation. Collection GCC is related to a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker...

4.8CVSS6.5AI score0.00666EPSS
Exploits1
Redos
Redos
•added 2024/09/10 12:0 a.m.•31 views

ROS-20240910-06

A vulnerability in the Zabbix universal monitoring system is related to improper code generation controls. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Zabbix universal monitoring system vulnerability is related to the ability to directly...

9.1CVSS8.1AI score0.01606EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•20 views

ROS-20240910-07

A vulnerability in the snapctl component of the snapd self-contained package management utility is related to incorrect analysis of command line arguments, allowing an unprivileged user to initiate an authorized action on behalf of snapd. to initiate an authorized action on behalf of snap...

8.1CVSS6.8AI score0.00826EPSS
Exploits1
Redos
Redos
•added 2024/09/10 12:0 a.m.•342 views

ROS-20240910-08

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service A vulnerability in the Gstream...

8.8CVSS7.9AI score0.01537EPSS
Exploits7
Redos
Redos
•added 2024/09/10 12:0 a.m.•275 views

ROS-20240910-02

A vulnerability in the dbussethostname function of the Avahi local area network service discovery system is associated with an achievable assertion. Exploitation of the vulnerability allows an attacker to cause a denial of service A vulnerability in the avahirdataparse function of the Avahi local...

6.2CVSS6.7AI score0.00314EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•288 views

ROS-20240910-03

A vulnerability in the libexpat XML parsing library is related to incorrectly restricting the reference to the XML external entity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

9.8CVSS6.7AI score0.01686EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•347 views

ROS-20240910-04

A vulnerability in the pcapfindalldevsex function of the libpcap library is related to the default support for remote packet capture. remote packet capture. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

4.4CVSS7.2AI score0.0022EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•287 views

ROS-20240910-01

A vulnerability in the HAProxy server software is related to entering an infinite loop when given certain input data. of certain inputs. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.8AI score0.01203EPSS
Exploits0
Redos
Redos
•added 2024/09/10 12:0 a.m.•17 views

ROS-20240910-05

Nomad application orchestrator vulnerability related to vulnerability to write outside of catalog distribution during migration. Exploitation of the vulnerability could allow an attacker acting remotely, to impact the confidentiality, integrity, and availability of the...

5.8CVSS6.8AI score0.00333EPSS
Exploits0
Redos
Redos
•added 2024/09/09 12:0 a.m.•18 views

ROS-20240909-03

Vulnerability of the opteeregisterdevice function in the drivers/tee/optee/device.c module of the Trusted Execution Environment TEE module of the Linux kernel is related to incorrect processing of the return code. return code. Exploitation of the vulnerability could allow an attacker to cause a...

7.8CVSS7AI score0.01176EPSS
Exploits0
Redos
Redos
•added 2024/09/09 12:0 a.m.•25 views

ROS-20240909-01

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

7.5CVSS6.6AI score0.00656EPSS
Exploits0
Redos
Redos
•added 2024/09/09 12:0 a.m.•29 views

ROS-20240909-02

Vulnerability in the cryptography package of the Python programming language interpreter is related to errors in the procedure of to authenticate a certificate. Exploitation of the vulnerability could allow an attacker acting remotely to perform a man-in-the-middle attack. remotely to execute a...

7.5CVSS6.8AI score0.00613EPSS
Exploits1
Redos
Redos
•added 2024/09/09 12:0 a.m.•18 views

ROS-20240909-04

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to NULL pointer dereferencing. with NULL pointer dereference. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of...

7.5CVSS6.6AI score0.00656EPSS
Exploits0
Redos
Redos
•added 2024/09/06 12:0 a.m.•21 views

ROS-20240906-02

Vulnerability of the kmemcachedestroy function of the lib/listdebug.c library of the Linux kernel is related to a buffer overrun. is related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.1CVSS7.1AI score0.00233EPSS
Exploits0
Redos
Redos
•added 2024/09/06 12:0 a.m.•17 views

ROS-20240906-01

Vulnerability of ip6tnlrcv function in net/ipv6/ip6tunnel.c module of Linux kernel IPv6 protocol implementation is related to use of uninitialized memory. of the Linux operating system is related to the use of uninitialized memory. Exploitation of the vulnerability could allow a remote attacker t...

7.8CVSS8.1AI score0.00255EPSS
Exploits0
Redos
Redos
•added 2024/09/05 12:0 a.m.•19 views

ROS-20240905-02

A vulnerability in the Python programming language interpreter CPython is related to incorrectly enclosing newline characters in quotation marks for email headers when serializing a message. newline quotes for email headers when serializing a message. Exploitation vulnerability could allow an...

5.5CVSS6.7AI score0.00737EPSS
Exploits0
Redos
Redos
•added 2024/09/05 12:0 a.m.•24 views

ROS-20240905-04

Vulnerability of the dosetvfinfo function in the net/core/rtnetlink.c module of the TCP/IP protocol stack implementation of the Linux kernel of Linux operating system is related to reading memory outside the allocated buffer. Exploitation exploitation of the vulnerability may allow an intruder to...

8.1CVSS7.3AI score0.01305EPSS
Exploits1
Redos
Redos
•added 2024/09/05 12:0 a.m.•20 views

ROS-20240904-15

Vulnerabilities in the implementation of the Kerberos protocol of Windows operating systems are related to flaws in the in access control. Exploitation of the vulnerability could allow a remote attacker, escalate their privileges...

7.2CVSS7.2AI score0.04488EPSS
Exploits0
Redos
Redos
•added 2024/09/05 12:0 a.m.•19 views

ROS-20240904-14

A vulnerability in Performance Co-Pilot performance monitoring and visualization software PCP is related to the mixed privilege levels used by systemd services associated with PCP. Exploitation of the vulnerability could allow an attacker to execute a symbolic link attack and break the isolation ...

8.8CVSS7.4AI score0.01002EPSS
Exploits0
Redos
Redos
•added 2024/09/05 12:0 a.m.•12 views

ROS-20240904-13

A vulnerability in the session cookie pga4session of the pgAdmin 4 database management tool is related to an incorrect serialization. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

9.9CVSS7.2AI score0.79326EPSS
Exploits4
Redos
Redos
•added 2024/09/05 12:0 a.m.•356 views

ROS-20240905-03

A vulnerability in the GTK GUI creation library GIMP Toolkit is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

7CVSS7AI score0.00464EPSS
Exploits0
Redos
Redos
•added 2024/09/05 12:0 a.m.•12 views

ROS-20240905-01

Vulnerability of the bgpattrencap function in the bgpd/bgpattr.c file of the software tool for implementing network routing on Unix-like systems FRRouting is related to the lack of verification of actual remaining routing on Unix-like systems FRRouting is related to the lack of checking the actua...

9.8CVSS6.7AI score0.00641EPSS
Exploits0
Total number of security vulnerabilities8110