Lucene search
K

65 matches found

Rosalinux
Rosalinux
added 2026/05/08 10:57 a.m.9 views

Advisory ROSA-SA-2026-3261

Software: kernel 4.18.0 OS: ROSA Virtualization 2.1 unaffected versions = kernel-4.18.0-553.123.1.el810 affected versions lock, allowing a local attacker to cause a denial of service or execute arbitrary code when frequently switching a thread simultaneously with opening/closing a related subt...

9.8CVSS7AI score0.96267EPSS
Exploits229
Rosalinux
Rosalinux
added 2025/12/02 1:21 p.m.5 views

Advisory ROSA-SA-2025-3106

Software: c-ares 1.13.0 OS: ROSA Virtualization 2.1 packageevrstring: c-ares-1.13.0-11.rv3 CVE-ID: CVE-2020-22217 BDU-ID: 2023-05898 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the aresparsesoareply function of the C-ares asynchronous DNS query library is related to an operation exceeding...

6.4CVSS9AI score0.00838EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/12/02 1:20 p.m.5 views

Advisory ROSA-SA-2025-3099

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...

5.9CVSS7.7AI score0.05533EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.11 views

Advisory ROSA-SA-2025-2833

Software: binutils 2.30 OS: ROSA Virtualization 2.1 packageevrstring: binutils-2.30-125.0.1.rv3 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.5AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/03/17 9:44 p.m.10 views

Advisory ROSA-SA-2025-2778

Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to ...

9.8CVSS6.8AI score0.49285EPSS
Exploits2
Rosalinux
Rosalinux
added 2024/11/12 9:24 a.m.17 views

Advisory ROSA-SA-2024-2520

Software: device-mapper-multipath 0.8.4 OS: ROSA Virtualization 2.1 packageevrstring: device-mapper-multipath-0.8.4-22 CVE-ID: CVE-2022-41974 BDU-ID: 2022-06669 CVE-Crit: HIGH CVE-DESC.: A vulnerability in multipath-tools multipath-tools driver management software is related to privilege manageme...

7.8CVSS7.8AI score0.00606EPSS
Exploits4
Rosalinux
Rosalinux
added 2024/10/03 10:37 p.m.23 views

Advisory ROSA-SA-2024-2506

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-5.rv3 CVE-ID: CVE-2020-28493 BDU-ID: 2022-05230 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python programming language interpreter html-template tool jinja2 is related to incorrect resource...

6.1CVSS6.3AI score0.00979EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 10:33 p.m.18 views

Advisory ROSA-SA-2024-2505

SOFTWARE: 389-ds-base 1.4.3.8 OS: ROSA Virtualization 2.1 packageevrstring: 389-ds-base-1.4.3.8-5.0.2.rv3 CVE-ID: CVE-2020-35518 BDU-ID: 2023-02645 CVE-Crit: MEDIUM CVE-DESC.: A 389 Directory Server authentication vulnerability involves information disclosure when verifying the existence of a...

5.3CVSS6.8AI score0.01538EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 10:31 p.m.23 views

Advisory ROSA-SA-2024-2504

Software: iperf3 3.5 OS: ROSA Virtualization 2.1 packageevrstring: iperf3-3.5-10.rv3 CVE-ID: CVE-2023-38403 BDU-ID: 2023-03980 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Iperf3 network bandwidth measurement tool is related to integer overflow during field length processing. Exploitation of...

7.5CVSS7.3AI score0.01703EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 10:28 p.m.18 views

Advisory ROSA-SA-2024-2503

Software: wget 1.19.5 OS: ROSA Virtualization 2.1 packageevrstring: wget-1.19.5-12.rv3 CVE-ID: CVE-2024-38428 BDU-ID: 2024-04683 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the userinfo URI component of the GNU Wget download manager is related to insecure behavior in which data that should hav...

9.1CVSS6.9AI score0.00672EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 10:26 p.m.15 views

Advisory ROSA-SA-2024-2502

Software: libndp 1.7 OS: ROSA Virtualization 2.1 packageevrstring: libndp-1.7-7.rv3 CVE-ID: CVE-2024-5564 BDU-ID: 2024-04337 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could...

8.1CVSS8.2AI score0.01165EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 10:17 p.m.26 views

Advisory ROSA-SA-2024-2499

Software: python-setuptools 39.2.0 OS: ROSA Virtualization 2.1 packageevrstring: python-setuptools-39.2.0-8.rv3 CVE-ID: CVE-2022-40897 BDU-ID: 2023-02445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python Packaging Authority package installation tools is related to insufficient input...

8.8CVSS7.6AI score0.02617EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/10/03 10:9 p.m.22 views

Advisory ROSA-SA-2024-2497

Software: python-urllib3 1.24.2 OS: ROSA Virtualization 2.1 packageevrstring: python-urllib3-1.24.2-8.rv3 CVE-ID: CVE-2020-26137 BDU-ID: 2021-05230 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the urllib3 module method of the Python programming language interpreter is related to insufficient...

8.1CVSS5.5AI score0.02269EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/10/03 9:51 p.m.37 views

Advisory ROSA-SA-2024-2496

Software: cups 2.2.6 OS: ROSA Virtualization 2.1 packageevrstring: cups-2.2.6-60.rv3 CVE-ID: CVE-2023-32324 BDU-ID: 2023-03873 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the formatlogline function of the CUPS print server is related to writing beyond buffer boundaries. Exploitation of the...

7.5CVSS8.1AI score0.02421EPSS
Exploits3
Rosalinux
Rosalinux
added 2024/10/03 9:44 p.m.35 views

Advisory ROSA-SA-2024-2495

Software: libvpx 1.7.0 OS: ROSA Virtualization 2.1 packageevrstring: libvpx-1.7.0-11.rv3 CVE-ID: CVE-2023-44488 BDU-ID: 2023-06350 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special form...

9.1CVSS8.4AI score0.34401EPSS
Exploits4
Rosalinux
Rosalinux
added 2024/07/15 8:46 a.m.33 views

Advisory ROSA-SA-2024-2450

Software: samba 4.12.3 OS: ROSA Virtualization 2.1 packageevrstring: samba-4.12.3 CVE-ID: CVE-2016-2124 BDU-ID: 2021-05993 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability was discovered in the way Samba implemented SMB1 authentication. An attacker could use this vulnerability to extract the public...

9CVSS7.4AI score0.13794EPSS
Exploits2
Rosalinux
Rosalinux
added 2024/07/09 1:0 p.m.16 views

Advisory ROSA-SA-2024-2449

Software: postgresql 12.1 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.1 CVE-ID: CVE-2020-1720 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability has been discovered in PostgreSQL "ALTER ... DEPENDS ON EXTENSION" where subcommands did not perform authorization checks. An...

6.5CVSS7.8AI score0.0142EPSS
Exploits2
Rosalinux
Rosalinux
added 2024/07/09 12:46 p.m.24 views

Advisory ROSA-SA-2024-2448

Software: pcre2 10.32 OS: ROSA Virtualization 2.1 packageevrstring: pcre2-10.32 CVE-ID: CVE-2022-1587 BDU-ID: 2023-02635 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pcre2jitcompile.c function of the PCRE2 regular expression library is related to reading outside of the allowed data buffer...

9.1CVSS7.1AI score0.02413EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/07/01 2:4 p.m.52 views

Advisory ROSA-SA-2024-2439

Software: openldap 2.4.46 OS: ROSA Virtualization 2.1 packageevrstring: openldap-2.4.46 CVE-ID: CVE-2020-25709 BDU-ID: 2022-00231 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the slapd server implementation of the OpenLDAP LDAP protocol is related to a flaw in the use of the assert function...

9.8CVSS7.5AI score0.69899EPSS
Exploits1
Rosalinux
Rosalinux
added 2024/06/17 8:57 a.m.32 views

Advisory ROSA-SA-2024-2432

Software: man-db 2.7.6.1 OS: ROSA Virtualization 2.1 packageevrstring: man-db-2.7.6.1 CVE-ID: CVE-2018-25078 BDU-ID: None CVE-Crit: N/A CVE-DESC.: man-db in Gentoo allows local users with access to the man user account to gain root privileges, because /usr/bin/mandb is executed by the root user,...

7.8CVSS7.8AI score0.00383EPSS
Exploits1
Rows per page
Query Builder