Advisory ROSA-SA-2025-3004

software: flatpak 1.14.10 WASP: ROSA-CHROME unaffected versions = flatpak-1.14.10-1 affected versions flatpak-1.14.10-1 CVE-ID: CVE-2024-32462 BDU-ID: 2024-03113 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management too...

Advisory ROSA-SA-2025-3001

software: suricata 7.0.11 WASP: ROSA-CHROME unaffected versions = suricata-7.0.11-1 affected versions suricata-7.0.11-1 CVE-ID: CVE-2024-38534 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in Suricata allows system resources to be consumed by certain modbus traffic. CVE-STATUS: The...

Advisory ROSA-SA-2025-2996

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-23 affected versions grub2-2.06-23 CVE-ID: CVE-2024-45777 BDU-ID: 2025-07120 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gettext component of the Grub operating systems loader is related to integer overflow. Exploitation...

Advisory ROSA-SA-2025-2995

software: unbound 1.17.0 OS: ROSA-CHROME unaffected versions = unbound-1.17.0-2 affected versions unbound-1.17.0-2 CVE-ID: CVE-2024-8508 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Unbound when handling responses with very large RRsets could result in a denial of service. CVE-STATUS...

Advisory ROSA-SA-2025-2988

software: salt 3006.3 WASP: ROSA-CHROME unaffected versions = salt-3006.3-2 affected versions salt-3006.3-2 CVE-ID: CVE-2024-38824 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A directory traversal vulnerability in recvfile allows an attacker to write arbitrary files to the master cache directory...

Advisory ROSA-SA-2025-2986

software: spdlog 1.8.5 OS: ROSA-CHROME unaffected versions = spdlog-1.8.5-2 affected versions spdlog-1.8.5-2 CVE-ID: CVE-2025-6140 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in spdlog causes excessive resource consumption when running the scopedpadder function patternformatter-inl.h,...

Advisory ROSA-SA-2025-2982

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-11 affected versions tomcat-9.0.37-11 CVE-ID: CVE-2025-49125 BDU-ID: 2025-09499 CVE-Crit: HIGH CVE-DESC.: Apache Tomcat application server vulnerability related to bypassing the authentication procedure by using an...

Advisory ROSA-SA-2025-2977

software: chromium-browser-stable 138.0.7204.92 WASP: ROSA-CHROME unaffected versions = chromium-browser-stable-138.0.7204.92-1 affected versions chromium-browser-stable-138.0.7204.92-1 CVE-ID: CVE-2025-6554 BDU-ID: 2025-07783 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the JavaScript scrip...

Advisory ROSA-SA-2025-2975

Software: libarchive 3.6.2 OS: ROSA-CHROME unaffected versions = libarchive-3.6.2-6 affected versions libarchive-3.6.2-6 CVE-ID: CVE-2025-5914 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability has been discovered in libarchive archivereadformatrarseekdata related to an integer overflow that...

Advisory ROSA-SA-2025-2974

software: libreswan 4.15 WASP: ROSA-CHROME unaffected versions = libreswan-4.15-1 affected versions libreswan-4.15-1 CVE-ID: CVE-2024-3652 BDU-ID: 2024-04885 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the "IPsec" VPN protocol library libreswan is related to a reachability assertion when...

Advisory ROSA-SA-2025-2973

software: sudo 1.9.17p1 WASP: ROSA-CHROME unaffected versions = sudo-1.9.17p1-1 affected versions sudo-1.9.17p1-1 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the authorization mechanism...

Advisory ROSA-SA-2025-2960

Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 unaffected versions = ghostscript-9.27-17.0.3.rv30 affected versions ghostscript-9.27-17.0.3.rv30 CVE-ID: CVE-2020-16287 BDU-ID: 2021-01163 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the lprnisblack function contrib/lips4/gdevlprn.c of th...

Medium: gstreamer-plugins-bad-free

Issue Overview: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0006.html NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/mergerequests/5362 NOTE: Fixed by:...

Low: kernel6.12

Issue Overview: No CVE associated with this advisory Affected Packages: kernel6.12 Issue Correction: Run dnf update kernel6.12 --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1129 --releasever 2023.8.20250808 to update your system. More information on how to update your system...

Medium: libarchive

Issue Overview: A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory...

CVE-2025-8638 Kenwood DMX958XR Firmware Update Command Injection Vulnerability

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

Important: nvidia-open

Issue Overview: NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or...

Advisory ROSA-SA-2025-2910

software: postgresql 12.22 WASP: ROSA-CHROME unaffected versions = postgresql-12.22-1 affected versions postgresql-12.22-1 CVE-ID: CVE-2023-2455 BDU-ID: 2023-03024 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Schema Handler component of the PostgreSQL database management system is related to...

Important: dotnet8.0

Issue Overview: A remote code execution vulnerability in .NET 8.0 and 9.0. An attacker who can place malicious files in specific locations may trigger unintended code execution when the .NET runtime loads these files. CVE-2025-30399 Affected Packages: dotnet8.0 Issue Correction: Run dnf update...

Medium: amazon-cloudwatch-agent

Issue Overview: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result i...