Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2025/01/28 1:51 p.m.•30 views

Advisory ROSA-SA-2025-2624

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-6 CVE-ID: CVE-2024-25062 BDU-ID: 2024-01415 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlValidatePopElement function of the XML Reader Interface component of the Libxml2 library is related to memory usage after it is...

7.5CVSS6.9AI score0.01364EPSS
Exploits3
Rosalinux
Rosalinux
•added 2024/11/26 9:41 a.m.•30 views

Advisory ROSA-SA-2024-2530

Software: python3-werkzeug 1.0.1 OS: rosa-server79 packageevrstring: python3-werkzeug-1.0.1-2.res7 CVE-ID: CVE-2023-25577 BDU-ID: 2023-02343 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the...

7.5CVSS6.9AI score0.0142EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 9:5 a.m.•30 views

Advisory ROSA-SA-2024-2525

Software: nghttp2 1.33.0 OS: rosa-server79 packageevrstring: nghttp2-1.33.0-1.3.res7 CVE-ID: CVE-2023-44487 BDU-ID: 2023-06559 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already established...

7.5CVSS7.9AI score0.99999EPSS
Exploits19
Rosalinux
Rosalinux
•added 2024/10/29 8:27 a.m.•30 views

Advisory ROSA-SA-2024-2509

Software: freeradius 3.0.13 OS: rosa-server79 packageevrstring: freeradius-3.0.13-15.0.1.res7 CVE-ID: CVE-2024-3596 BDU-ID: 2024-05180 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the RADIUS authentication protocol implementation is related to bypassing the authentication procedure through...

9CVSS7.7AI score0.14859EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/07/09 12:46 p.m.•30 views

Advisory ROSA-SA-2024-2448

Software: pcre2 10.32 OS: ROSA Virtualization 2.1 packageevrstring: pcre2-10.32 CVE-ID: CVE-2022-1587 BDU-ID: 2023-02635 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pcre2jitcompile.c function of the PCRE2 regular expression library is related to reading outside of the allowed data buffer...

9.1CVSS7.1AI score0.02574EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/06/17 8:56 a.m.•30 views

Advisory ROSA-SA-2024-2431

Software: lua 5.3.4 OS: ROSA Virtualization 2.1 packageevrstring: lua-5.3.4 CVE-ID: CVE-2021-43519 BDU-ID: None CVE-Crit: N/A CVE-DESC.: Stack overflow in luaresume of the ldo.c file in Lua Interpreter allows attackers to perform a denial of service via a script file created. CVE-STATUS: Not...

5.5CVSS7AI score0.01136EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/06/03 9:0 a.m.•30 views

Advisory ROSA-SA-2024-2430

Software: libvirt 6.0.0 OS: ROSA Virtualization 2.1 packageevrstring: libvirt-6.0.0-28.module+el8.3.0+7827+5e65edd7.src.rpm CVE-ID: CVE-2021-3631 BDU-ID: 2024-02428 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libvirt virtualization management library is related to the creation of SELinux M...

6.5CVSS6.5AI score0.01217EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/04/02 7:3 a.m.•30 views

Advisory ROSA-SA-2024-2387

Software: slapi-nis 0.56.6 OS: ROSA Virtualization 2.1 packageevrstring: slapi-nis-0.56.6-2.rv3 CVE-ID: CVE-2021-3480 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dereferencing a null pointer during DN binding analysis could allow an unauthenticated attacker to cause the 389-ds-base directory server to...

7.5CVSS7AI score0.01701EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/03/26 11:28 a.m.•30 views

Advisory ROSA-SA-2024-2380

Software: rpm 4.14.3 OS: ROSA Virtualization 2.1 packageevrstring: rpm-4.14.3-26.rv3 CVE-ID: CVE-2021-3521 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is a flaw in RPM's proprietary functionality. OpenPGP connections are bound to the primary key via a "binding signature". RPM does not verify t...

4.7CVSS6.7AI score0.00302EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/12/19 12:25 p.m.•30 views

Advisory ROSA-SA-2023-2315

Software: java-1.8.0-openjdk 1.8.0.392.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.392.b08-2.res7 CVE-ID: CVE-2020-14583 BDU-ID: 2020-03866 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Libraries component of the Oracle Java SE and Oracle Java SE Embedded software platform...

8.3CVSS9.1AI score0.0435EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/21 1:15 p.m.•30 views

Advisory ROSA-SA-2023-2249

software: xrdp 0.9.22.1 OS: ROSA-CHROME packageevrstring: xrdp-0.9.22.1-1.src.rpm CVE-ID: CVE-2022-23468 BDU-ID: 2022-07312 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the xrdploginwndcreate function of the XRDP server involves buffer copying without checking the size of the input data...

9.8CVSS10AI score0.00892EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/08/15 9:41 a.m.•30 views

Advisory ROSA-SA-2023-2217

Software: libmicrohttpd 0.9.76 OS: ROSA-CHROME packageevrstring: libmicrohttpd-0.9.76-1.src.rpm CVE-ID: CVE-2023-27371 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: GNU libmicrohttpd before version 0.9.76 allowed remote DoS denial of service due to improper multipart/form-data boundary parsing in the...

5.9CVSS6.9AI score0.01243EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 6:21 p.m.•30 views

Advisory ROSA-SA-2021-2001

Software: xdg-utils 1.1.0 OS: Cobalt 7.9 CVE-ID: CVE-2014-9622 CVE-Crit: HIGH CVE-DESC: Eval injection vulnerability in xdg-utils 1.1.0 RC1 in the absence of a supported desktop environment allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. CVE-STATUS:...

8.8CVSS9.1AI score0.03256EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 6:12 p.m.•30 views

Advisory ROSA-SA-2021-1981

Software: sysstat 10.1.5 OS: Cobalt 7.9 CVE-ID: CVE-2019-16167 CVE-Crit: MEDIUM CVE-DESC: sysstat before 12.1.6 has memory corruption due to an integer overflow in remapstruct in sacommon.c. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2019-19725 CVE-Crit: CRITICAL CVE-DESC: sysstat before...

9.8CVSS8.1AI score0.02582EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 5:33 p.m.•30 views

Advisory ROSA-SA-2021-1931

Software: nmap 6.40 OS: Cobalt 7.9 CVE-ID: CVE-2018-15173 CVE-Crit: HIGH CVE-DESC: Nmap through 7.70, when the -sV parameter is used, allows remote attackers to cause a denial of service stack consumption and application failure via a TCP-based service created. CVE-STATUS: default CVE-REV: defaul...

7.5CVSS7AI score0.06081EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:16 p.m.•30 views

Advisory ROSA-SA-2021-1889

Software: libseccomp 2.3.1 OS: Cobalt 7.9 CVE-ID: CVE-2019-9893 CVE-Crit: CRITICAL CVE-DESC: libseccomp before 2.4.0 incorrectly generated argument comparisons of 64-bit system calls using arithmetic operators LT, GT, LE, GE, which could lead to seccomp filter bypass and potential privilege...

9.8CVSS7AI score0.03041EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:16 p.m.•30 views

Advisory ROSA-SA-2021-1887

Software: libreswan 3.25 OS: Cobalt 7.9 CVE-ID: CVE-2019-10155 CVE-Crit: LOW CVE-DESC: The Libreswan project has discovered a vulnerability in the handling of IKEv1 information exchange packets that are encrypted and integrity protected using the established IKE SA encryption and integrity keys,...

7.5CVSS6.7AI score0.02748EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•30 views

Advisory ROSA-SA-2021-1882

Software: libpcap 1.5.3 OS: Cobalt 7.9 CVE-ID: CVE-2019-15165 CVE-Crit: MEDIUM CVE-DESC: sf-pcapng.c in libpcap before 1.9.1 incorrectly checks the length of the PHB header before allocating memory. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2019-15161 CVE-Crit: MEDIUM CVE-DESC: rpcapd /...

7.5CVSS6.9AI score0.04436EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:35 p.m.•30 views

Advisory ROSA-SA-2021-1816

Software: cups 1.6.3 OS: Cobalt 7.9 CVE-ID: CVE-2013-6891 CVE-Crit: HIGH CVE-DESC: lppasswd in CUPS before 1.7.1 when run with setuid privileges allows local users to read parts of arbitrary files via modified HOME environment variable and symbolic link attack using .cups / client.conf. CVE-STATU...

5.9CVSS6.9AI score0.02255EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/10/14 2:33 p.m.•29 views

Advisory ROSA-SA-2025-3034

software: opencv 4.10.0 AXIS: ROSA-CHROME affected versions: None CVE-ID: CVE-2025-53644 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in OpenCV 4.10.0 and 4.11.0 is the use of an uninitialized pointer when processing JPEGs, which can lead to arbitrary memory writes. CVE-STATUS: Not...

9.8CVSS7.1AI score0.00371EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•29 views

Advisory ROSA-SA-2025-2840

Software: expat 2.2.5 OS: ROSA Virtualization 2.1 packageevrstring: expat-2.2.5-16.0.1.rv3 CVE-ID: CVE-2021-45960 BDU-ID: 2022-01003 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the storeAtts function of the Expat library involves uncontrolled resource consumption. Exploitation of the vulnerabili...

9.8CVSS9.9AI score0.35867EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•29 views

Advisory ROSA-SA-2025-2830

Software: golang 1.19.13 OS: ROSA Virtualization 3.0 packageevrstring: golang-1.19.13-2.rv30 CVE-ID: CVE-2023-29402 BDU-ID: 2023-03201 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Cgo module of the Go programming language is related to incorrect code generation control when handling directory...

9.8CVSS9AI score0.99999EPSS
Exploits19
Rosalinux
Rosalinux
•added 2025/02/11 3:34 p.m.•29 views

Advisory ROSA-SA-2025-2679

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 packageevrstring: curl-7.61.1-33.0.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent PUT an...

9.8CVSS9.4AI score0.04325EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:32 p.m.•29 views

Advisory ROSA-SA-2025-2630

software: libde265 1.0.14 OS: ROSA-CHROME packageevrstring: libde265-1.0.14-1 CVE-ID: CVE-2021-36410 BDU-ID: 2023-01688 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the putepelhvfallback function of the fallback-motion.cc component of the h.265 Libde265 video codec implementation is related to...

6.5CVSS7.4AI score0.01321EPSS
Exploits15
Rosalinux
Rosalinux
•added 2024/12/17 8:5 a.m.•29 views

Advisory ROSA-SA-2024-2543

software: trousers 0.3.14 WASP: ROSA-CHROME packageevrstring: trousers-0.3.14-5 CVE-ID: CVE-2020-24332 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in TrouSerS: Vulnerability to create system.data files when running the tcsd daemon with root privileges. CVE-STATUS: The vulnerability has...

5.5CVSS6.8AI score0.00553EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/09/09 8:42 a.m.•29 views

Advisory ROSA-SA-2024-2475

Software: ipmitool 1.8.18 OS: ROSA-CHROME packageevrstring: ipmitool-1.8.18-22 CVE-ID: CVE-2020-5208 BDU-ID: 2020-04640 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the readfruareasection lib/ipmifru.c function of the ipmitool IPMI-enabled device management and configuration utility is related to...

8.8CVSS7.6AI score0.0329EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/09/03 12:11 p.m.•29 views

Advisory ROSA-SA-2024-2474

software: libraw 0.20.2 OS: ROSA-CHROME packageevrstring: libraw-0.20.2-4 CVE-ID: CVE-2020-22628 BDU-ID: 2023-05897 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the LibRaw::stretch function of the LibRaw image processing library is related to an operation exceeding buffer boundaries in memory...

6.5CVSS7.6AI score0.00681EPSS
Exploits4
Rosalinux
Rosalinux
•added 2024/05/02 9:11 a.m.•29 views

Advisory ROSA-SA-2024-2412

software: libxpm 3.5.17 OS: ROSA-CHROME packageevrstring: libxpm-3.5.17-1 CVE-ID: CVE-2023-43788 BDU-ID: 2023-06887 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XpmCreateXpmImageFromBuffer function of the X Pixmap Image File XPM libXpm library is related to reading data beyond buffer...

5.5CVSS7.5AI score0.00365EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/04/11 7:10 a.m.•29 views

Advisory ROSA-SA-2024-2391

Software: ImageMagick 6.9.10.68 OS: rosa-server79 packageevrstring: ImageMagick-6.9.10.68-7.res7 CVE-ID: CVE-2021-40211 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem was detected in ImageMagick via division by zero in the ReadEnhMetaFile function of the coders/emf.c file. CVE-STATUS: Fixed...

7.5CVSS6.8AI score0.00795EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/03/12 12:48 p.m.•29 views

Advisory ROSA-SA-2024-2372

Software: openldap 2.4.46 OS: ROSA Virtualization 2.1 packageevrstring: openldap-2.4.46-10.el8.src.rpm CVE-ID: CVE-2020-15719 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: libldap in some third-party OpenLDAP packages has a certificate validation error when the third-party package asserts support for...

4.2CVSS7.3AI score0.02417EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/01/23 12:26 p.m.•29 views

Advisory ROSA-SA-2024-2328

Software: libpng 1.6.34 OS: ROSA Virtualization 2.1 packageevrstring: libpng-1.6.34-5.0.1.rv3.src.rpm CVE-ID: CVE-2019-7317 BDU-ID: 2019-03330 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the pngimagefree function png.c of the PNG libpng bitmap graphics library involves the pngimagefreefunction...

5.3CVSS7AI score0.09393EPSS
Exploits3
Rosalinux
Rosalinux
•added 2023/12/19 8:40 a.m.•29 views

Advisory ROSA-SA-2023-2309

Software: libcap 2.26 OS: ROSA Virtualization 2.1 packageevrstring: libcap-2.26-5.0.1.rv3.src.rpm CVE-ID: CVE-2023-2603 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: This issue occurs in libcapstrdup and can cause an integer overflow if the input string is close to 4 GB. CVE-STATUS: Fixed CVE-REV: To...

7.8CVSS7.2AI score0.00574EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/11/14 1:27 p.m.•29 views

Advisory ROSA-SA-2023-2293

Software: glibc 2.28 OS: ROSA Virtualization 2.1 packageevrstring: glibc-2.28-225.rv3.src.rpm CVE-ID: CVE-2021-3999 BDU-ID: 2022-01635 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the getcwd function of the glibc system library is associated with a single offset error. Exploitation of the...

7.8CVSS8.2AI score0.0072EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/22 6:34 a.m.•29 views

Advisory ROSA-SA-2023-2277

software: ffmpeg 4.4.3 OS: ROSA-CHROME packageevrstring: ffmpeg-4.4.3-2.src.rpm CVE-ID: CVE-2022-3109 BDU-ID: 2023-04787 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the vp3decodeframe function of the libavcodec/vp3.c component of the FFmpeg multimedia library is related to a lack of validation o...

8.1CVSS7.4AI score0.0347EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/09/05 9:29 a.m.•29 views

Advisory ROSA-SA-2023-2226

software: yara 4.3.1 AXIS: ROSA-CHROME packageevrstring: yara-4.3.1-1.src.rpm CVE-ID: CVE-2021-3402 BDU-ID: 2021-04875 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the YARA malware research and detection software is related to integer overflow. Exploitation of the vulnerability could allow an...

9.1CVSS7AI score0.02219EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/06/27 9:1 a.m.•29 views

Advisory ROSA-SA-2023-2175

Software: apr-util 1.5.2-6 OS: rosa-server79 packageevrstring: apr-util-1.5.2-6.res7.1 CVE-ID: CVE-2022-25147 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Inte Overflow or Wraparound vulnerability in Apache Portable Runtime Utility APR-util aprbase64 functions allows an attacker to write data outside...

6.5CVSS7.1AI score0.01417EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:7 p.m.•29 views

Advisory ROSA-SA-2021-1969

Software: sendmail 8.14.7 OS: Cobalt 7.9 CVE-ID: CVE-2014-3956 CVE-Crit: CRITICAL CVE-DESC: The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order and therefore misses setting expected FDCLOEXEC flags, which allows local users to access unintended file...

1.9CVSS6.1AI score0.0063EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:58 p.m.•29 views

Advisory ROSA-SA-2021-1952

Software: policycoreutils 2.5 OS: Cobalt 7.9 CVE-ID: CVE-2014-3215 CVE-Crit: CRITICAL CVE-DESC: seunshare in policycoreutils 2.2.5 belongs to the root user with permissions 4755 and executes programs in a way that changes the relationship between the setuid system call and the stored set-user-ID...

6.9CVSS7.4AI score0.00357EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:39 p.m.•29 views

Advisory ROSA-SA-2021-1944

Software: p7zip 16.02 OS: Cobalt 7.9 CVE-ID: CVE-2018-5996 CVE-Crit: HIGH CVE-DESC: Insufficient exception handling in NCompress method :: NRar3 :: CDecoder :: Code of 7-Zip before 18.00 and p7zip can cause multiple memory corruptions in PPMd code, allowing remote attackers to cause a denial of...

7.8CVSS8.3AI score0.02851EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:30 p.m.•29 views

Advisory ROSA-SA-2021-1924

Software: mpfr 3.1.1 OS: Cobalt 7.9 CVE-ID: CVE-2014-9474 CVE-Crit: CRITICAL CVE-DESC: Buffer overflow in mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-sensitive attackers to have undefined impact via vectors associated with incorrect documentation for mpnsetstr. CVE-STATUS:...

9.8CVSS7.3AI score0.0429EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:18 p.m.•29 views

Advisory ROSA-SA-2021-1897

Software: libtirpc 0.2.4 OS: Cobalt 7.9 CVE-ID: CVE-2018-14621 CVE-Crit: HIGH CVE-DESC: An infinite loop vulnerability was discovered in libtirpc before version 1.0.2-rc2. If a port uses polling rather than selection, exhaustion of file descriptors will cause the server to enter an infinite loop,...

7.8CVSS7AI score0.03861EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:16 p.m.•29 views

Advisory ROSA-SA-2021-1891

Software: libsolv 0.6.34 OS: Cobalt 7.9 CVE-ID: CVE-2019-20387 CVE-Crit: HIGH CVE-DESC: repodataschema2id in repodata.c in libsolv before version 0.7.6 has an excessive heap-based buffer read due to the last schema being less than the length of the input schema. CVE-STATUS: default CVE-REV: defau...

7.5CVSS7.3AI score0.02338EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•29 views

Advisory ROSA-SA-2021-1881

Software: libntlm 1.3 OS: Cobalt 7.9 CVE-ID: CVE-2019-17455 CVE-Crit: CRITICAL. CVE-DESC: Libntlm before 1.5 relies on fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge and tSmbNtlmAuthResponse for read and write operations, as demonstrated by stack-based buffer overflow in...

9.8CVSS7.6AI score0.03107EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•29 views

Advisory ROSA-SA-2021-1879

Software: libmwaw 0.3.5 OS: Cobalt 7.9 CVE-ID: CVE-2017-9433 CVE-Crit: CRITICAL CVE-DESC: The libmwaw document release project prior to 08.04.2017 had an out-of-range entry caused by a heap-based buffer overflow associated with the MsWrd1Parser :: readFootnoteCorrespondance function in lib /...

9.8CVSS7.4AI score0.02276EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:8 p.m.•29 views

Advisory ROSA-SA-2021-1861

Software: less 458 OS: Cobalt 7.9 CVE-ID: CVE-2014-9488 CVE-Crit: CRITICAL. CVE-DESC: The isutf8wellformed function in GNU less to 475 allows remote attackers to have undefined impact using garbled UTF-8 characters, causing reads outside the valid range. CVE-STATUS: default CVE-REV: default...

10CVSS7AI score0.04017EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:44 p.m.•29 views

Advisory ROSA-SA-2021-1838

Software: gcc 4.8.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-12886 CVE-Crit: HIGH CVE-DESC: stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate sequences of instructions when targeting ARM targets that...

8.1CVSS7.2AI score0.03207EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:37 p.m.•29 views

Advisory ROSA-SA-2021-1822

Software: dhcp 4.2.5 OS: Cobalt 7.9 CVE-ID: CVE-2013-2494 CVE-Crit: HIGH CVE-DESC: libdns in ISC DHCP 4.2.x through 4.2.5-P1 allows remote name servers to cause a denial of service memory consumption using vectors that include a regular expression, as demonstrated by a memory scarcity attack on a...

7.5CVSS7.2AI score0.7645EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/20 7:5 a.m.•28 views

Advisory ROSA-SA-2026-3290

software: kernel-5.15 5.15.193 WASP: ROSA-CHROME unaffected versions = kernel-5.15-5.15.193-6 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•28 views

Advisory ROSA-SA-2025-2795

Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-33.0.1.rv30 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic...

7.5CVSS7.8AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/01 9:41 p.m.•28 views

Advisory ROSA-SA-2025-2748

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-34.0.2.rv3.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent...

9.8CVSS8.1AI score0.36081EPSS
Exploits7
Total number of security vulnerabilities1374