Lucene search
K

282 matches found

Rosalinux
Rosalinux
added 2026/02/16 7:27 a.m.9 views

Advisory ROSA-SA-2026-3148

Software: libpng 1.6.34 OS: ROSA Virtualization 3.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv31 affected versions libpng-1.6.34-9.0.1.1.rv31 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrect...

7.1CVSS6.9AI score0.00352EPSS
Exploits6
Rosalinux
Rosalinux
added 2026/02/16 7:14 a.m.25 views

Advisory ROSA-SA-2026-3145

Software: git 2.43.5 OS: ROSA Virtualization 3.1 unaffected versions = git-2.43.5-3.rv31 affected versions git-2.43.5-3.rv31 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path...

9CVSS7.6AI score0.52164EPSS
Exploits37
Rosalinux
Rosalinux
added 2026/02/16 7:14 a.m.10 views

Advisory ROSA-SA-2026-3143

Software: curl 7.61.1 OS: ROSA Virtualization 3.1 unaffected versions = curl-7.61.1-34.0.2.rv31.9 affected versions curl-7.61.1-34.0.2.rv31.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

7.5CVSS5.8AI score0.01301EPSS
Exploits1
Rosalinux
Rosalinux
added 2026/01/26 1:16 p.m.10 views

Advisory ROSA-SA-2026-3128

software: gnutls 3.8.10 OS: ROSA-CHROME unaffected versions = gnutls-3.8.10-1 affected versions gnutls-3.8.10-1 CVE-ID: CVE-2025-32988 BDU-ID: 2025-11076 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the asn1deletestructure function of the GnuTLS transport layer security library involves a memory...

8.2CVSS5.8AI score0.01185EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/01/26 12:14 p.m.6 views

Advisory ROSA-SA-2026-3118

software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-9 affected versions ghostscript-9.56.1-9 CVE-ID: CVE-2025-59798 BDU-ID: 2025-11520 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the pdfwritecmap function of the Ghostscript document processing, conversion, and...

5.5CVSS6.2AI score0.00188EPSS
Exploits0
Amazon
Amazon
added 2025/11/05 12:0 a.m.10 views

Low: runc

Issue Overview: No CVE associated with this advisory Affected Packages: runc Issue Correction: Run dnf update runc --releasever 2023.9.20251105 or dnf update --advisory ALAS2023-2025-1263 --releasever 2023.9.20251105 to update your system. More information on how to update your system can be foun...

8.4CVSS6.8AI score0.0067EPSS
Exploits4
Rosalinux
Rosalinux
added 2025/10/14 2:33 p.m.8 views

Advisory ROSA-SA-2025-3031

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-10 affected versions libxml2-2.9.14-10 CVE-ID: CVE-2025-9714 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability: uncontrolled recursion in evalXPath of libxml2 library before 2.9.14, allowing a local attacker to cau...

6.2CVSS7AI score0.00144EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.8 views

Important: open-vm-tools

Issue Overview: VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability ...

7.8CVSS7.1AI score0.0788EPSS
Exploits3
Rosalinux
Rosalinux
added 2025/09/29 2:30 p.m.6 views

Advisory ROSA-SA-2025-3025

software: yarn 1.22.22 WASP: ROSA-CHROME unaffected versions = yarn-1.22.22.22-3 affected versions yarn-1.22.22.22-3 CVE-ID: CVE-2025-9308 BDU-ID: None CVE-Crit: LOW CVE-DESC.: Vulnerability in Yarn before version 1.22.22 in setOptions function of src/util/request-manager.js file. Possible attack...

5.5CVSS6.7AI score0.00188EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/09/29 1:42 p.m.7 views

Advisory ROSA-SA-2025-3018

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-2 affected versions libssh-0.9.8-2 CVE-ID: CVE-2025-5372 BDU-ID: 2025-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libssh library's sshkdf function is related to incorrect code generation control. Exploitation o...

8.8CVSS7.3AI score0.00407EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/09/29 1:39 p.m.9 views

Advisory ROSA-SA-2025-3017

software: chromium-browser-stable 140.0.7339.185 WASP: ROSA-CHROME unaffected versions = chromium-browser-stable-140.0.7339.185-1 affected versions chromium-browser-stable-140.0.7339.185-1 CVE-ID: CVE-2025-10585 BDU-ID: 2025-11457 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the V8 component of...

9.8CVSS7.1AI score0.05419EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/09/29 1:39 p.m.6 views

Advisory ROSA-SA-2025-3016

software: rust1.89 1.89.0 WASP: ROSA-CHROME unaffected versions = rust1.89-1.89.0-1 affected versions rust1.89-1.89.0-1 CVE-ID: CVE-2025-10585 BDU-ID: 2025-11457 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the V8 component of Google Chrome and Microsoft Edge browsers is related to data type...

9.8CVSS7.1AI score0.05419EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/09/29 9:14 a.m.8 views

Advisory ROSA-SA-2025-3009

software: sos 4.10.0 WASP: ROSA-CHROME unaffected versions = sos-4.10.0-1 affected versions sos-4.10.0-1 CVE-ID: CVE-2022-2806 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability: ovirt-log-collector/sosreport collects RHV admin password in plaintext. CVE-STATUS: The vulnerability has been...

5.5CVSS7.2AI score0.00233EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/09/29 9:11 a.m.9 views

Advisory ROSA-SA-2025-3008

software: mono 6.12.0 WASP: ROSA-CHROME unaffected versions = mono-6.12.0-206.1 affected versions mono-6.12.0-206.1 CVE-ID: CVE-2021-24112 BDU-ID: 2021-00929 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the .NET Core software platform is related to insufficient input validation. Exploitation of t...

9.8CVSS7.4AI score0.0327EPSS
Exploits0
Amazon
Amazon
added 2025/09/15 12:0 a.m.3 views

Medium: glibc

Issue Overview: The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffe...

5.9CVSS7AI score0.00158EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/09/11 10:24 a.m.7 views

Advisory ROSA-SA-2025-3004

software: flatpak 1.14.10 WASP: ROSA-CHROME unaffected versions = flatpak-1.14.10-1 affected versions flatpak-1.14.10-1 CVE-ID: CVE-2024-32462 BDU-ID: 2024-03113 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management too...

8.4CVSS8.4AI score0.00512EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/09/11 10:8 a.m.6 views

Advisory ROSA-SA-2025-2997

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-4 affected versions curl-8.7.1-4 CVE-ID: CVE-2024-11053 BDU-ID: 2024-11106 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of servic...

6.5CVSS6.9AI score0.01378EPSS
Exploits3
Rosalinux
Rosalinux
added 2025/09/11 10:2 a.m.7 views

Advisory ROSA-SA-2025-2994

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-13 affected versions tomcat-9.0.37-13 CVE-ID: CVE-2025-52520 BDU-ID: 2025-08953 CVE-Crit: MEDIUM CVE-DESC.: Apache Tomcat application server vulnerability is related to integer overflow. Exploitation of the vulnerabilit...

7.5CVSS8AI score0.0196EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/09/09 10:29 a.m.6 views

Advisory ROSA-SA-2025-2975

Software: libarchive 3.6.2 OS: ROSA-CHROME unaffected versions = libarchive-3.6.2-6 affected versions libarchive-3.6.2-6 CVE-ID: CVE-2025-5914 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability has been discovered in libarchive archivereadformatrarseekdata related to an integer overflow that...

7.8CVSS7.5AI score0.00326EPSS
Exploits2
Rosalinux
Rosalinux
added 2025/09/09 9:34 a.m.6 views

Advisory ROSA-SA-2025-2963

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 3.0 unaffected versions = xmlrpc-c-1.51.0-11.0.1.rv30 affected versions xmlrpc-c-1.51.0-11.0.1.rv30 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a...

7.5CVSS8.5AI score0.01569EPSS
Exploits0
Rows per page
Query Builder