Lucene search
K

8110 matches found

Redos
Redos
•added 2024/09/05 12:0 a.m.•13 views

ROS-20240904-13

A vulnerability in the session cookie pga4session of the pgAdmin 4 database management tool is related to an incorrect serialization. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

9.9CVSS7.2AI score0.79326EPSS
Exploits4
Redos
Redos
•added 2024/09/04 12:0 a.m.•29 views

ROS-20240904-08

Vulnerability in the MHDcreatepostprocessor function of the HTTP libmicrohttpd web server implementation is related to a improper parsing of the multipart/form-data boundary. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

5.9CVSS6.7AI score0.01243EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•340 views

ROS-20240904-07

A vulnerability in the Python programming language interpreter CPython is related to a loop with an unreachable exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.7CVSS6.6AI score0.01275EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•353 views

ROS-20240904-03

A vulnerability in the Gstreamer multimedia framework is associated with an integer overflow when processing EXIF file metadata. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.1AI score0.01565EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•17 views

ROS-20240904-06

A vulnerability in the yasmintnumcopy function of the YASM assembler is related to the lack of memory release after the effective lifetime. Exploitation of the vulnerability could allow an attacker to gain access to the sensitive data...

3.3CVSS6.9AI score0.00467EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-09

A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...

5.5CVSS7.2AI score0.05794EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•353 views

ROS-20240904-04

A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation The vulnerability could allow an attacker to affect the confidentiality, integrity, and availability of protected information by sending specially crafted IPv6 packets. availabilit...

8.1CVSS6.6AI score0.01165EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•19 views

ROS-20240904-05

Node.js software platform vulnerability is related to improper access control. Exploitation vulnerability could allow an attacker to execute arbitrary code...

6.5CVSS7.7AI score0.01104EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•22 views

ROS-20240904-12

A vulnerability in the ECMAScript 5 extension of the es5-ext package is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00535EPSS
Exploits1
Redos
Redos
•added 2024/09/04 12:0 a.m.•10 views

ROS-20240904-10

A vulnerability in the Clojure dynamic programming language is related to the deserialization of untrusted data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the Clojure dynamic programming language is related to the...

9.8CVSS7.8AI score0.01533EPSS
Exploits2
Redos
Redos
•added 2024/09/04 12:0 a.m.•24 views

ROS-20240904-01

Vulnerability of the getedge function of the ospfte.c file of the OSPF Daemonr component of the software tool for implementing network routing on Unix-like systems FRRouting is related to resource release errors. network routing on Unix-like systems FRRouting is related to resource release errors...

7.5CVSS7.1AI score0.00825EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•20 views

ROS-20240904-02

Vulnerability of Microsoft .NET software platforms and Microsoft software development tools Visual Studio is related to a heap buffer overflow. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

6.3CVSS6.9AI score0.01248EPSS
Exploits0
Redos
Redos
•added 2024/09/04 12:0 a.m.•357 views

ROS-20240904-11

A vulnerability in the implementation of the PEAP Protected Extensible Authentication Protocol protocol of the Wi-Fi WPA Supplicant client is caused by flaws in the authorization procedure. Wi-Fi WPA Supplicant is caused by a flaw in the authorization procedure. Exploitation of the vulnerability...

6.5CVSS7.1AI score0.01177EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•19 views

ROS-20240902-09

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

8.8CVSS7.8AI score0.00536EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•272 views

ROS-20240902-05

Vulnerability of tgetstr component in tinfo/libtermcap.c library for terminal I/O management ncurses is related to the dereferencing of a NULL pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6.6AI score
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•19 views

ROS-20240902-04

A vulnerability in the xmlattr filter of the Jinja2 templating engine for the Python programming language is related to the failure to take measures to protect the structure of a web page. to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting...

6.1CVSS6.1AI score0.00892EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•11 views

ROS-20240902-06

Vulnerability of swfgetstring function of GPAC multimedia platform, is related to the operation exceeding the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the gfdashsetupperio...

7.1CVSS6.5AI score0.00528EPSS
Exploits2
Redos
Redos
•added 2024/09/02 12:0 a.m.•20 views

ROS-20240902-01

A vulnerability in Intel Microcode processor microcode is related to the possibility of unauthorized bug injection. Exploitation of the vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cause a denial of service. Intel Microcode processor...

7.2CVSS7.1AI score0.00312EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•11 views

ROS-20240902-07

A vulnerability in the cpio binary archiver is related to regression when using the command line parameter --no-absolute-filenames. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

4.9CVSS6.8AI score0.00906EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•14 views

ROS-20240902-16

The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials A vulnerability in the net/http module o...

9.1CVSS6.7AI score0.01414EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•352 views

ROS-20240902-17

A vulnerability in the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays is related to a stack-based buffer overflow. GStreamer ORC data arrays is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an...

7CVSS6.9AI score0.00379EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•30 views

ROS-20240902-12

The vulnerability in the retryablehttp package is related to the lack of purging cleared URLs when writing them to its log file. Exploitation of the vulnerability could allow an attacker to obtain sensitive credentials HTTP basic authentication credentials...

6CVSS6.8AI score0.00358EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•22 views

ROS-20240902-13

A vulnerability in the Go Getter library is related to a Git update for an existing maliciously modified Git configuration. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS6.8AI score0.00973EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•12 views

ROS-20240902-14

Vulnerability of HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to incorrect processing of requests coming from unauthorized IP addresses. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

7.5CVSS6.9AI score0.00491EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•9 views

ROS-20240902-22

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS7.2AI score0.00977EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•25 views

ROS-20240902-11

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to too soft memory allocation checks in Angle for GLSL shaders. with too soft memory allocation checks in Angle for GLSL shaders. Exploitation of the vulnerability could Allow an attacker acting...

9.8CVSS7.1AI score0.00977EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•19 views

ROS-20240902-20

A vulnerability in the KeePass password manager is related to unencrypted storage of critical information. Exploitation of the vulnerability could allow an attacker to obtain passwords in clear form...

5.5CVSS6.9AI score0.03661EPSS
Exploits2
Redos
Redos
•added 2024/09/02 12:0 a.m.•146 views

ROS-20240902-23

A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...

10CVSS7.4AI score0.01283EPSS
Exploits1
Redos
Redos
•added 2024/09/02 12:0 a.m.•20 views

ROS-20240902-18

A vulnerability in the Flatpak application and environment management tool is related to improper Neutralization of special output elements used by a downstream component. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...

10CVSS7AI score0.01283EPSS
Exploits1
Redos
Redos
•added 2024/09/02 12:0 a.m.•12 views

ROS-20240902-19

A vulnerability exists in the phpMyAdmin database administration web application due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...

5.4CVSS5.8AI score0.01163EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•11 views

ROS-20240902-21

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

8.8CVSS8.1AI score0.00536EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•19 views

ROS-20240902-03

Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...

8.8CVSS7.3AI score0.01728EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•18 views

ROS-20240902-15

A vulnerability in the net/http module of the Go programming language is related to improper input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.9AI score0.01414EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•15 views

ROS-20240902-02

A vulnerability in the implementation of the INVD processor instruction for virtual machines running on servers with AMD processors is associated with loss or omission of information. AMD processors is associated with information loss or skipping. Exploitation of the vulnerability could allow An...

6.5CVSS6.7AI score0.01018EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•19 views

ROS-20240902-08

A vulnerability in the bus lockout regulator mechanism for some Intel processor models is associated with a a security mechanism failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service A firmware vulnerability in Intel Xeon D processors involves an incorrec...

6.5CVSS7.2AI score0.0075EPSS
Exploits0
Redos
Redos
•added 2024/09/02 12:0 a.m.•359 views

ROS-20240902-10

GdkPixbuf image loading library vulnerability is related to heap memory corruption in aniloadchunk. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS6.9AI score0.00415EPSS
Exploits1
Redos
Redos
•added 2024/08/30 12:0 a.m.•28 views

ROS-20240830-01

Vulnerability of the rndissetresponse function in the rndis component of the Linux kernel is related to the "BufOffset + 8" operation, which can cause an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vrr compone...

7.8CVSS6.6AI score0.00257EPSS
Exploits0
Redos
Redos
•added 2024/08/29 12:0 a.m.•34 views

ROS-20240829-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to resource release errors. resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the Core component of the Oracle V...

8.2CVSS6.3AI score0.00457EPSS
Exploits0
Redos
Redos
•added 2024/08/29 12:0 a.m.•41 views

ROS-20240829-02

A vulnerability in the hciqca component of the Linux operating system kernel is related to memory usage after a release. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the gso component of the Linux operating system kernel is related to the...

7.8CVSS7.3AI score0.00269EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-11

Vulnerability in the HTTP2 Stream Handler component of Apache Tomcat application server is related to insufficient exceptional state handling. exceptional state handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a...

7.5CVSS6.5AI score0.04602EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•20 views

ROS-20240828-04

A vulnerability in OpenVPN software is related to the lack of uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

9.1CVSS7.1AI score0.00805EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•21 views

ROS-20240827-04

A vulnerability in the CGI component of the Ruby programming language is related to the occurrence of an interpretation conflict when inserting unreliable input data into HTTP response header. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data...

8.8CVSS7.2AI score0.02287EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•31 views

ROS-20240828-07

A vulnerability in the ice component of the Linux operating system kernel is related to the rapid removal and launch of VF Commit. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the kmalloc function in the iouring component of the Linux...

7.8CVSS7.8AI score0.00413EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•352 views

ROS-20240828-06

A vulnerability in the LibTIFF library is related to null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01516EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•32 views

ROS-20240828-05

Vulnerability in the Connector/J component of the MySQL Connectors driver of the Oracle database management system MySQL exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read, modify, add or delete data...

5.3CVSS6.6AI score0.01286EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•27 views

ROS-20240828-03

Vulnerability of Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to the incorrect handling of exceptional conditions with improper handling of exceptional conditions. Exploitation of the vulnerability could allow a remote attacker to use memory after it has been...

9.8CVSS7.4AI score0.00598EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•15 views

ROS-20240827-17

Vulnerability in the /api/v1/alerts file of the Prometheus monitoring system component for processing alerts Alertmanager is related to incorrect neutralization of input data during web page generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

7.5CVSS7.7AI score0.00568EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•357 views

ROS-20240827-16

A vulnerability in the C-ares asynchronous DNS query library is related to uncontrolled resource consumption in the event of misinterpretation of packet length. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a corrupted UDP packet...

7.5CVSS6.9AI score0.01577EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•13 views

ROS-20240828-08

Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to using uninitialized resource. is related to the use of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to disclose protected information Vulnerability in...

9.8CVSS7.8AI score0.00598EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•15 views

ROS-20240828-02

A vulnerability in GLPI's asset and data center management software is related to the CSV file injection by creating a file with a spoofed header. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

8.8CVSS7.6AI score0.00748EPSS
Exploits1
Total number of security vulnerabilities8110