Lucene search
K

6095 matches found

OSV
OSV
added 2025/02/24 4:35 p.m.12 views

SUSE-SU-2025:0698-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklis...

7.8CVSS8.1AI score0.03301EPSS
Exploits1References9
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.20 views

Advisory ROSA-SA-2025-2719

Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1 CVE-ID: CVE-2021-3156 BDU-ID: 2021-00364 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parseargs function of the Sudo system administration program is related to a buffer overflow in dynamic memory. Exploitatio...

7.8CVSS8AI score0.99295EPSS
Exploits101
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.45 views

Advisory ROSA-SA-2025-2714

Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 packageevrstring: openssh-8.0p1-19.0.1 CVE-ID: CVE-2023-38408 BDU-ID: 2023-03950 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PKCS11 function of the PKCS11 component of the ssh-agent component of the OpenSSH cryptographic security tool ...

9.8CVSS7.7AI score0.76768EPSS
Exploits10
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.14 views

Advisory ROSA-SA-2025-2713

Software: openblas 2000.3.15 OS: ROSA Virtualization 3.0 packageevrstring: openblas-2000.3.15 CVE-ID: CVE-2021-4048 BDU-ID: 2021-05061 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Microsoft Visio vector graphics, diagram and flowchart editor is related to memory usage after memory has be...

9.1CVSS7.3AI score0.0262EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.28 views

Advisory ROSA-SA-2025-2716

Software: perl 5.26.3 OS: ROSA Virtualization 3.0 packageevrstring: perl-5.26.3 CVE-ID: CVE-2020-10878 BDU-ID: 2020-04040 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PLregkindOPn == NOTHING parameter of the Perl programming language interpreter is related to integer overflow. Exploitation of...

8.6CVSS7.6AI score0.04879EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.5 views

Advisory ROSA-SA-2025-2700

Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25681 BDU-ID: 2021-01117 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sortrrset function dnssec.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation of...

8.3CVSS8AI score0.81191EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.6 views

PT-2025-25835

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue is related to the pktgen thread write function, where access outside of a user-given buffer occurred. The fix involves...

6.5CVSS6.7AI score0.00159EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/02/15 10:22 p.m.14 views

Advisory ROSA-SA-2025-2691

Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation ...

8.3CVSS8AI score0.70754EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/02/15 10:9 p.m.8 views

Advisory ROSA-SA-2025-2688

Software: perl 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-0.074-2 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authentication procedure. Exploitatio...

8.1CVSS7.4AI score0.01742EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/02/15 10:9 p.m.12 views

Advisory ROSA-SA-2025-2689

Software: scipy 1.0.0 OS: ROSA Virtualization 3.0 packageevrstring: scipy-1.0.0-21.0.2 CVE-ID: CVE-2023-29824 BDU-ID: 2024-07432 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PyFindObjects function of the PyFindObjects library for the open source Python programming language scipy is relat...

9.8CVSS9.5AI score0.0111EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/02/15 10:9 p.m.14 views

Advisory ROSA-SA-2025-2683

Software: grub2 2.02 OS: ROSA Virtualization 3.0 packageevrstring: grub2-2.02-148.0.3 CVE-ID: CVE-2022-2601 BDU-ID: 2022-06819 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the grubfontconstructglyph function of the Grub2 operating systems boot loader is related to an operation exceeding buffer...

8.6CVSS8.7AI score0.01284EPSS
Exploits0
OSV
OSV
added 2025/02/13 12:15 p.m.4 views

UBUNTU-CVE-2025-21700

In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...

7.8CVSS6.1AI score0.00218EPSS
Exploits0References38
Microsoft Security Update
Microsoft Security Update
added 2025/02/11 6:0 p.m.19 views

2025-02 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5051974)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

7.1AI score
Exploits0
Citrix
Citrix
added 2025/02/11 12:0 a.m.16 views

Hotfix XS82ECU1082 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1 and is only available to customers on theCustomer Success Servicesprogram. Note: Citrix Hypervisor 8.2 Cumulative Update 1 reaches end of life on Jun 25, 2025. Upgrade toXenServer...

7.1AI score
Exploits0
Rosalinux
Rosalinux
added 2025/01/28 7:53 p.m.18 views

Advisory ROSA-SA-2025-2673

software: curl 8.5.0 WASP: ROSA-CHROME packageevrstring: curl-8.5.0-1 CVE-ID: CVE-2023-46218 BDU-ID: 2024-02420 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the cURL command-line utility is related to the installation of "supercookie files" in Curl, which are then passed back to more sources...

6.5CVSS6AI score0.01685EPSS
Exploits2
Rosalinux
Rosalinux
added 2025/01/28 7:46 p.m.8 views

Advisory ROSA-SA-2025-2669

software: python3 3.8.13 WASP: ROSA-CHROME packageevrstring: python3-3.8.13 CVE-ID: CVE-2015-20107 BDU-ID: 2022-03962 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the mailcap module of the Python programming language interpreter is related to insufficient validation of arguments passed to a...

8CVSS7.7AI score0.07017EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/01/28 7:41 p.m.28 views

Advisory ROSA-SA-2025-2665

software: postgresql 12.16 WASP: ROSA-CHROME packageevrstring: postgresql-12.16 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...

7.1CVSS6.6AI score0.02775EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/01/28 7:38 p.m.10 views

Advisory ROSA-SA-2025-2664

software: openvswitch 2.17.8 OS: ROSA-CHROME packageevrstring: openvswitch-2.17.8 CVE-ID: CVE-2023-5366 BDU-ID: 2024-03244 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Open vSwitch OvS software tiered switch is related to insufficient data authentication. Exploitation of the vulnerability...

7.1CVSS7.5AI score0.00389EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/01/28 6:49 p.m.23 views

Advisory ROSA-SA-2025-2638

software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-2 CVE-ID: CVE-2022-45142 BDU-ID: 2023-02156 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Kerberos5 heimdal protocol implementation is related to incorrect validation of the integrity check value. Exploitation of the...

7.5CVSS7.4AI score0.00491EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/01/28 12:41 p.m.15 views

Advisory ROSA-SA-2025-2615

Software: wireshark 4.0.12 OS: ROSA-CHROME packageevrstring: wireshark-4.0.12-1 CVE-ID: CVE-2023-6174 BDU-ID: 2023-08355 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH dissector of the Wireshark computer network traffic analyzer is related to insufficient cleaning of special elements in the...

6.5CVSS6.6AI score0.00752EPSS
Exploits0
Rows per page
Query Builder