Lucene search
K

15 matches found

Rosalinux
Rosalinux
added 2024/11/12 9:28 a.m.17 views

Advisory ROSA-SA-2024-2521

Software: device-mapper-multipath 0.4.9 OS: rosa-server79 packageevrstring: device-mapper-multipath-0.4.9-136 CVE-ID: CVE-2022-41974 BDU-ID: 2022-06669 CVE-Crit: HIGH CVE-DESC.: A vulnerability in multipath-tools multipath-tools driver management software is related to privilege management errors...

7.8CVSS7.8AI score0.00606EPSS
Exploits4
Rosalinux
Rosalinux
added 2024/10/29 9:52 a.m.24 views

Advisory ROSA-SA-2024-2517

software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-3 CVE-ID: CVE-2019-16275 BDU-ID: 2019-04775 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wi-Fi WPA Supplicant secure access component is related to a flaw in the input validation mechanism. Exploitation of the...

6.5CVSS6.7AI score0.01669EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/07/31 9:7 a.m.20 views

Advisory ROSA-SA-2024-2458

Software: sudo 1.8.29 OS: ROSA Virtualization 2.1 packageevrstring: sudo-1.8.29 CVE-ID: CVE-2022-43995 BDU-ID: 2022-06664 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the implementation of the crypt function of the Sudo system administration program is related to the ability to read outside of...

7.1CVSS6.7AI score0.00271EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/05/28 8:24 a.m.36 views

Advisory ROSA-SA-2024-2425

software: aspell 0.60.8 WASP: ROSA-CHROME packageevrstring: aspell-0.60.8-3 CVE-ID: CVE-2019-25051 BDU-ID: None CVE-Crit: N/A CVE-DESC.: objstack in GNU Aspell has a heap buffer overflow in acommon::ObjStack::duptop CVE-STATUS: Fixed CVE-REV: To close, execute command: sudo dnf update aspell...

7.8CVSS7.5AI score0.00549EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/04/23 12:23 p.m.61 views

Advisory ROSA-SA-2024-2409

Software: xz 5.2.2 OS: rosa-server79 packageevrstring: xz-5.2.2.2-2 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts...

10CVSS9.6AI score0.85974EPSS
Exploits40
Rosalinux
Rosalinux
added 2024/04/11 7:39 a.m.36 views

Advisory ROSA-SA-2024-2396

Software: sudo 1.8.29 OS: ROSA Virtualization 2.1 packageevrstring: sudo-1.8.29-8.rv3.1 CVE-ID: CVE-2023-22809 BDU-ID: 2023-00210 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the sudoedit function of the Sudo system administration program is related to errors in the handling of additional...

7.8CVSS7.2AI score0.55367EPSS
Exploits20
Rosalinux
Rosalinux
added 2024/03/26 10:40 a.m.29 views

Advisory ROSA-SA-2024-2378

software: pcre2 10.36 WASP: ROSA-CHROME packageevrstring: pcre2-10.36-4.src.rpm CVE-ID: CVE-2022-41409 BDU-ID: 2023-05302 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pcre2test command of the PCRE2 regular expression library is related to integer overflow. Exploitation of the vulnerability...

7.5CVSS6.8AI score0.00962EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/02/27 9:22 a.m.45 views

Advisory ROSA-SA-2024-2363

Software: modwsgi 4.6.4 OS: ROSA Virtualization 2.1 packageevrstring: modwsgi-4.6.4-4.rv3.1c CVE-ID: CVE-2022-2255 BDU-ID: 2022-05209 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the modwsgi module of the Apache web server is related to errors in the processing of the X-Client-IP header...

7.5CVSS6.9AI score0.0069EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/01/09 9:53 a.m.37 views

Advisory ROSA-SA-2024-2321

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-4.src.rpm CVE-ID: CVE-2023-28484 BDU-ID: 2023-03298 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlSchemaFixupComplexType xmlschemas.c function of the Libxml2 library is related to null pointer dereferencing...

6.5CVSS6.8AI score0.01086EPSS
Exploits1
Rosalinux
Rosalinux
added 2023/12/26 12:4 p.m.36 views

Advisory ROSA-SA-2023-2319

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-4.src.rpm CVE-ID: CVE-2023-28484 BDU-ID: 2023-03298 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlSchemaFixupComplexType xmlschemas.c function of the Libxml2 library is related to null pointer dereferencing...

6.5CVSS6.8AI score0.01086EPSS
Exploits1
Rosalinux
Rosalinux
added 2023/12/19 8:49 a.m.34 views

Advisory ROSA-SA-2023-2311

software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-2.src.rpm CVE-ID: CVE-2022-23303 BDU-ID: 2022-07363 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the SAE implementation of the Wi-Fi WPA Supplicant secure access client is related to information disclosure via a mismatch...

9.8CVSS6.2AI score0.02944EPSS
Exploits0
Rosalinux
Rosalinux
added 2023/02/14 1:1 p.m.53 views

Advisory ROSA-SA-2023-2113

Software: kernel 3.10.0-1160.83.1.el7 OS: rosa-server79 packageevrstring: kernel-3.10.0-1160.83.1.el7 CVE-ID: CVE-2023-0179 BDU-ID: 2023-00383 CVE-Crit: HIGH CVE-DESC: A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables...

7.8CVSS8AI score0.01944EPSS
Exploits5
Rosalinux
Rosalinux
added 2023/02/07 8:35 a.m.36 views

Advisory ROSA-SA-2023-2096

Software: libXpm 3.5.12 OS: rosa-server79 packageevrstring: libXpm-3.5.12-1 CVE-ID: CVE-2022-4883 BDU-ID: 2023-00388 CVE-Crit: HIGH CVE-DESC: When processing files with .Z or .gz extensions, the library calls external programs to compress and decompress the files, relying on the PATH environment...

8.8CVSS8.8AI score0.01199EPSS
Exploits0
Rosalinux
Rosalinux
added 2022/01/31 2:3 p.m.54 views

Advisory ROSA-SA-2022-2013

Software: polkit 0.112 OS: rosa-server79 packageevrstring: polkit-0.112-26 CVE-ID: CVE-2021-4034 BDU-ID: 2022-00488 CVE-Crit: HIGH CVE-DESC: There is an issue in pkexec that causes it to not check the number of arguments, assuming that it will always be at least 1 and that the second value is equ...

7.8CVSS8.5AI score0.94921EPSS
Exploits151
Rosalinux
Rosalinux
added 2022/01/27 1:18 p.m.60 views

Advisory ROSA-SA-2022-2012

Software: polkit 0.112 OS: rosa-server79 packageevrstring: polkit-0.112-26 CVE-ID: CVE-2021-4034 BDU-ID: 2022-00488 CVE-Crit: HIGH CVE-DESC: There is an issue in pkexec that causes it to not check the number of arguments, assuming that it will always be at least 1 and that the second value is equ...

7.8CVSS8.2AI score0.94921EPSS
Exploits151
Rows per page
Query Builder