Lucene search
K

8110 matches found

Redos
Redos
•added 2024/08/28 12:0 a.m.•326 views

ROS-20240827-15

A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

5.7CVSS6.5AI score0.0032EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•350 views

ROS-20240827-12

A vulnerability in the cfgmarkports function of the Unbound DNS server is related to heap buffer overflow errors. Exploitation of the vulnerability allows an attacker acting remotely to cause denial of service or unauthorized actions on the system. A vulnerability in the ubctxsetfwd function of t...

4.8CVSS7.5AI score0.00363EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•22 views

ROS-20240827-14

A vulnerability in the Pydantic data validation library involves the use of regular expressions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.00949EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•13 views

ROS-20240827-13

A vulnerability in the UltraJSON package of the Python programming language is related to the implementation of an incorrect control flow control flow. Exploitation of the vulnerability could allow an attacker acting remotely to cause impact data integrity...

7.5CVSS6.6AI score0.02283EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•19 views

ROS-20240827-04

A vulnerability in the CGI component of the Ruby programming language is related to the occurrence of an interpretation conflict when inserting unreliable input data into HTTP response header. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data...

8.8CVSS7.2AI score0.02287EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-05

The Unbound DNS server vulnerability is related to the ability of a process outside of the unbound group to reconfigure the of the unbound execution environment. Exploitation of the vulnerability allows an attacker acting remotely to impact the integrity and availability of the system. Impact the...

8CVSS6.8AI score0.00318EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•22 views

ROS-20240827-06

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...

6.1CVSS6.2AI score0.01119EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•23 views

ROS-20240827-07

Vulnerability in UnlinkedWikibase extension of a software tool for implementing hypertext environments MediaWiki is related to improper input neutralization during web page creation. Exploitation The vulnerability could allow an attacker acting remotely to perform cross-site scripting attacks XSS...

9.8CVSS6.8AI score0.00473EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•13 views

ROS-20240827-18

Vulnerability of the actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb file of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...

5.4CVSS6.3AI score0.0068EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•14 views

ROS-20240827-20

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during generation of the of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Ruby...

6.1CVSS6.1AI score0.01119EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•28 views

ROS-20240827-09

A vulnerability in GLPI's computer hardware requisition, incident, and inventory system is related to external file name or path control. Exploitation of the vulnerability could allow an attacker acting remotely, to upload a malicious PHP script and hijack the plugin loader to execute that...

8.8CVSS7.5AI score0.21078EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•12 views

ROS-20240827-03

Vulnerability of the file actionpack/lib/actiondispatch/middleware/templates/routes/table.html.erb of Ruby interpreter is related to incorrect neutralization of input data during generation of a web page. web page. Exploitation of the vulnerability could allow an attacker acting locally to conduc...

5.4CVSS6.3AI score0.0068EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•295 views

ROS-20240827-01

A vulnerability in the modwsgi module of the Apache web server is related to errors in X-Client-IP header processing. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to network services. access to network services...

7.5CVSS7.1AI score0.0069EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•15 views

ROS-20240827-19

The vulnerability in the Ruby interpreter is related to improper neutralization of input data during the generation of a of a web page. Exploitation of the vulnerability could allow an attacker acting locally to conduct cross-site scripting Vulnerability in the Active Storage component of the Rub...

6.1CVSS6.1AI score0.01119EPSS
Exploits1
Redos
Redos
•added 2024/08/28 12:0 a.m.•11 views

ROS-20240827-10

A vulnerability in the File Name Handler component of the vim text editor exists due to a bug in the use of pointers after memory release in the dialogchanged function. pointers after memory release in dialogchanged function. Exploitation of the vulnerability could allow an an attacker to cause a...

5.3CVSS6.5AI score0.00363EPSS
Exploits0
Redos
Redos
•added 2024/08/28 12:0 a.m.•17 views

ROS-20240827-08

Vulnerability in FontForge font editing software exists due to failure to take measures to neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

6.5CVSS6.9AI score0.0187EPSS
Exploits2
Redos
Redos
•added 2024/08/28 12:0 a.m.•16 views

ROS-20240827-02

Vulnerability of rfbClientCleanup function of libvncclient component of LibVNCServer cross-platform library is related to a memory leak. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

7.5CVSS6.6AI score0.00947EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•24 views

ROS-20240826-02

Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...

6.5CVSS7.7AI score0.0148EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•15 views

ROS-20240826-21

Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...

6.5CVSS7.7AI score0.0148EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•261 views

ROS-20240826-06

A vulnerability in the pdfbasefontalloc function of the Ghostscript document processing, conversion, and generation software suite is related to a buffer overflow resulting from an incorrect buffer overflow. Ghostscript document generation software suite is related to a buffer overflow caused by...

3.3CVSS8.7AI score0.00375EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•13 views

ROS-20240826-05

Vulnerability in FontForge font editing software exists due to failure to take measures to neutralization of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

4.2CVSS7.3AI score0.01082EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•25 views

ROS-20240826-04

A vulnerability exists in the Apache Derby database management system due to failure to take measures to to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the database. remotely to gain unauthorized access to t...

9.8CVSS7.3AI score0.01418EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•24 views

ROS-20240826-07

A vulnerability in the SafeList.preserveRelativeLinks parameter of the Java library for analyzing, retrieving, and manipulating data in HTML jsoup documents is related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker to...

6.1CVSS6.1AI score0.01208EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•10 views

ROS-20240826-22

Vulnerability of passwordverify function of PHP programming language interpreter is related to flaws in the authentication procedure. of the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely Bypass the authentication process and gain unauthorized...

6.5CVSS6.8AI score0.0148EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•12 views

ROS-20240826-23

A vulnerability in the Blender three-dimensional computer graphics software suite is related to the lack of validation for values less than 0. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause a denial of...

7.8CVSS7.2AI score0.01135EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•24 views

ROS-20240826-08

A vulnerability in the source/blender/imbuf/intern/dds/DirectDrawSurface.cpp component of the Blender software suite of the Blender 3D computer graphics software suite is related to an incorrect assumption about the thread size. thread size. Exploitation of the vulnerability allows an attacker...

7.8CVSS7.5AI score0.01135EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•20 views

ROS-20240826-03

Vulnerability of ID3Support::ID3v2Frame::getFrameValue function of "exempi" utility is related to writing outside the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

6.5CVSS7AI score0.00998EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•28 views

ROS-20240826-09

The vulnerability in the Time library of the Ruby interpreter is related to the use of regular expression c inefficient computational complexity. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in the URI component of the Ruby...

5.3CVSS7.1AI score0.02637EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•40 views

ROS-20240826-01

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...

7.5CVSS7.1AI score0.99999EPSS
Exploits19
Redos
Redos
•added 2024/08/26 12:0 a.m.•298 views

ROS-20240826-14

A vulnerability in Graphviz graph visualization application is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted config6a file. a specially crafted config6a file...

7.8CVSS8.1AI score0.00712EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•295 views

ROS-20240826-15

A vulnerability in the ODBC library for UNIX UnixODBC is related to pointer offsets outside of allocated memory. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data and cause a denial of service. data, as well as cause a denial of service...

7.8CVSS7.4AI score0.00284EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•25 views

ROS-20240826-16

A vulnerability in the Concurrency component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK, and Oracle Java SE software platform is related to insufficient input validation. for JDK and Oracle Java SE software platform is related to insufficient input validation...

7.4CVSS7.1AI score0.01136EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•9 views

ROS-20240826-25

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•32 views

ROS-20240826-12

Vulnerability of Ruby programming language components rfc2396parser.rb and rfc3986parser.rb is related to incorrect implementation of processing invalid URLs. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability in the URI component of th...

5.3CVSS7.2AI score0.02637EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•12 views

ROS-20240826-27

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•8 views

ROS-20240826-26

A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is associated with insufficient protection of service data. Exploitation of the vulnerability could allow an attacker acting remotely to gain...

7.4CVSS7.5AI score0.01136EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•22 views

ROS-20240826-17

Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition. denial of service Vulnerability of...

9.3CVSS6.4AI score0.82853EPSS
Exploits9
Redos
Redos
•added 2024/08/26 12:0 a.m.•22 views

ROS-20240826-19

Vulnerability in Wheel Python Packaging Authority package installation tools is related to uncontrolled resource consumption. resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.6AI score0.02659EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•19 views

ROS-20240826-11

Vulnerability of Connector/J component of MySQL Connectors driver is related to insufficient input data validation. data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of protected information. confidentiality, integrity...

8.3CVSS7AI score0.00872EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•6 views

ROS-20240826-24

Vulnerability of pygments/lexers/smithy.py file of SmithyLexer component of syntax highlighting program Pygments is related to the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.6AI score0.00503EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•18 views

ROS-20240826-18

Vulnerability in the .NET development platform of Microsoft's software development tool Visual Studio is related to the transmission of credentials in unencrypted form. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability in the...

7.5CVSS6.7AI score0.02701EPSS
Exploits0
Redos
Redos
•added 2024/08/26 12:0 a.m.•18 views

ROS-20240826-10

Vulnerability of pygments/lexers/smithy.py file of SmithyLexer component of syntax highlighting program Pygments is related to the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7AI score0.00503EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•19 views

ROS-20240826-13

A vulnerability in the protojson.Unmarshal function of the golang-google-protobuf package of the Golang programming language is related to an infinite loop when anmarshaling certain JSON forms. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service ...

7.5CVSS7.1AI score0.91969EPSS
Exploits1
Redos
Redos
•added 2024/08/26 12:0 a.m.•23 views

ROS-20240826-20

Vulnerability in archive-zip package of Golang programming language is related to incorrect processing of zip files. zip files. Exploitation of the vulnerability could allow an attacker to create an arbitrary zip file Vulnerability of net/http and net/http2 libraries of Go programming language in...

9.8CVSS8.3AI score0.91969EPSS
Exploits1
Redos
Redos
•added 2024/08/23 12:0 a.m.•57 views

ROS-20240823-01

Vulnerability of amdgpurasgetcontext function in drm/amdgpu component of Linux operating system kernel is related to null pointer dereferencing on drmcvtmode failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of brcmfnotifyescancomplete...

8.8CVSS6.8AI score0.01167EPSS
Exploits0
Redos
Redos
•added 2024/08/23 12:0 a.m.•22 views

ROS-20240823-02

A vulnerability in the Host Authorization Middleware Action Pack component of the Ruby on Rails software platform is related to the creation of "X-Forwarded-Host" headers in combination with certain "authorized host" formats. host." Exploitation of the vulnerability could allow an attacker acting...

6.1CVSS6.7AI score0.04182EPSS
Exploits0
Redos
Redos
•added 2024/08/22 12:0 a.m.•47 views

ROS-20240822-01

The vulnerability of the hubportinit function of the core component of the Linux operating system kernel is related to reading outside the memory boundaries. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected informatio...

7.8CVSS7.2AI score0.0094EPSS
Exploits0
Redos
Redos
•added 2024/08/21 12:0 a.m.•29 views

ROS-20240821-02

Vulnerability of the seg6init function in the net/ipv6/seg6.c module of the IPv6 protocol implementation of the Linux kernel is related to the reuse of previously freed memory. Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attack...

7.8CVSS9.4AI score0.01231EPSS
Exploits0
Redos
Redos
•added 2024/08/21 12:0 a.m.•28 views

ROS-20240821-01

The vulnerability of the kobjectadd function in the md component of the Linux operating system kernel is related to the lack of releasing the previous state of a synchronization request before assigning a reference to a new one. Exploitation the vulnerability could allow an attacker to cause a...

5.9CVSS9.1AI score0.01287EPSS
Exploits0
Redos
Redos
•added 2024/08/20 12:0 a.m.•10 views

ROS-20240820-16

A vulnerability in the filtervar function of the PHP programming language interpreter is related to insufficient data authentication. data authentication. Exploitation of the vulnerability could allow an attacker acting remotely, spoof URLs with erroneous data...

5.3CVSS5.4AI score0.12117EPSS
Exploits1
Total number of security vulnerabilities8110