Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2025/01/28 1:43 p.m.•28 views

Advisory ROSA-SA-2025-2621

software: xerces-j2 2.12.0 WASP: ROSA-CHROME packageevrstring: xerces-j2-2.12.0-4 CVE-ID: CVE-2022-23437 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache Xerces Java XercesJ XML parser causes it to hang in an infinite loop when processing specially crafted XML documents...

7.1CVSS6.9AI score0.0444EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 12:50 p.m.•28 views

Advisory ROSA-SA-2025-2618

software: libid3tag 0.15.1b WASP: ROSA-CHROME packageevrstring: libid3tag-0.15.1b-24 CVE-ID: CVE-2017-11550 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in libid3tag allows remote attackers to cause a denial of service via a special mp3 file. CVE-STATUS: The vulnerability has been...

5.5CVSS6.8AI score0.01453EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 10:54 a.m.•28 views

Advisory ROSA-SA-2025-2603

software: dbus 1.12.20 WASP: ROSA-CHROME packageevrstring: dbus-1.12.20-8 CVE-ID: CVE-2022-42010 BDU-ID: 2022-06389 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug assemblies caused by a syntactical...

6.5CVSS7AI score0.01417EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/01/27 2:1 p.m.•28 views

Advisory ROSA-SA-2025-2600

software: qt5-qtnetworkauth 5.15.10 WASP: ROSA-CHROME packageevrstring: qt5-qtnetworkauth-5.15.10-2 CVE-ID: CVE-2024-36048 BDU-ID: None CVE-Crit: DATA LOSS. CVE-DESC.: Vulnerability in Qt Network Authorization allows guessing values due to using only time for PRNG initialization. CVE-STATUS: The...

9.8CVSS7.1AI score0.0097EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•28 views

Advisory ROSA-SA-2025-2563

Software: firefox 128.4.0 OS: rosa-server79 packageevrstring: firefox-128.4.0-1.0.1.res7 CVE-ID: CVE-2023-44488 BDU-ID: 2023-06350 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special form...

9.8CVSS8AI score0.01936EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/03 10:31 p.m.•28 views

Advisory ROSA-SA-2024-2504

Software: iperf3 3.5 OS: ROSA Virtualization 2.1 packageevrstring: iperf3-3.5-10.rv3 CVE-ID: CVE-2023-38403 BDU-ID: 2023-03980 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Iperf3 network bandwidth measurement tool is related to integer overflow during field length processing. Exploitation of...

7.5CVSS7.3AI score0.01703EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/08/06 9:47 a.m.•28 views

Advisory ROSA-SA-2024-2465

Software: uuid 1.6.2 OS: ROSA Virtualization 2.1 packageevrstring: uuid-1.6.2 CVE-ID: CVE-2013-4184 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Perl Data::UUID module from CPAN is vulnerable to symbolic link attacks CVE-STATUS: Not Relevant CVE-REV:...

5.5CVSS7.2AI score0.00504EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/07/23 11:22 a.m.•28 views

Advisory ROSA-SA-2024-2455

software: avahi 0.8 WASP: ROSA-CHROME packageevrstring: avahi-0.8-12.git35bb1b.2 CVE-ID: CVE-2021-26720 BDU-ID: 2022-05969 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the avahi-daemon-check-dns.sh component of the Avahi local area network service discovery system involves the execution of a scri...

7.8CVSS7.5AI score0.00395EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/07/09 1:0 p.m.•28 views

Advisory ROSA-SA-2024-2449

Software: postgresql 12.1 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.1 CVE-ID: CVE-2020-1720 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability has been discovered in PostgreSQL "ALTER ... DEPENDS ON EXTENSION" where subcommands did not perform authorization checks. An...

6.5CVSS7.8AI score0.0142EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/03/19 12:36 p.m.•28 views

Advisory ROSA-SA-2024-2375

Software: resteasy 3.0.26 OS: ROSA Virtualization 2.1 packageevrstring: resteasy-c-3.0.26-6.0.1.rv3 CVE-ID: CVE-2020-10688 BDU-ID: 2024-01096 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RESTEasy software tool is related to the failure to take measures to protect the structure of a web page...

7.5CVSS6.1AI score0.02023EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/01/23 12:24 p.m.•28 views

Advisory ROSA-SA-2024-2327

Software: libnbd 1.6.0 OS: ROSA Virtualization 2.1 packageevrstring: libnbd-1.6.0-5.rv3.src.rpm CVE-ID: CVE-2022-0485 BDU-ID: 2022-01701 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libnbd library's nbdcopy tool is related to an exception handling flaw. Exploitation of the vulnerability could...

4.8CVSS6.7AI score0.00788EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/11/07 9:44 a.m.•28 views

Advisory ROSA-SA-2023-2288

software: libreoffice 7.6.2 OS: ROSA-CHROME packageevrstring: libreoffice-7.6.2-4.src.rpm CVE-ID: CVE-2023-1183 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: An error has been detected in the Libreoffice package. An attacker could create an odb containing a "database/script" file using the SCRIPT...

5.5CVSS6.6AI score0.64635EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/22 5:44 a.m.•28 views

Advisory ROSA-SA-2023-2265

Software: openjpeg 1.5.2 OS: ROSA-CHROME packageevrstring: openjpeg-1.5.2-7.src.rpm CVE-ID: CVE-2016-3182 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The coloresycctorgb function in bin/common/color.c in OpenJPEG before version 2.1.1 allows attackers to cause a denial of service memory corruption vi...

5.5CVSS6.6AI score0.01524EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/08/08 8:57 a.m.•28 views

Advisory ROSA-SA-2023-2213

Software: java-11-openjdk 11.0.19.0.7 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.19.0.7-1.res7 CVE-ID: CVE-2023-21930 BDU-ID: 2023-02179 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the JSSE component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition...

7.4CVSS6.8AI score0.02474EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/08/01 1:4 p.m.•28 views

Advisory ROSA-SA-2023-2204

Software: pcre2 10.32 OS: ROSA Virtualization 2.1 packageevrstring: pcre2-10.32-3.rv3.src.rpm CVE-ID: CVE-2022-1586 BDU-ID: 2022-03770 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the compilexclassmatchingpath function of the PCRE2 library is related to reading data beyond buffer boundaries in...

9.1CVSS6.8AI score0.03193EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:35 p.m.•28 views

Advisory ROSA-SA-2021-1933

Software: numpy 1.7.1 OS: Cobalt 7.9 CVE-ID: CVE-2017-12852 CVE-Crit: HIGH CVE-DESC: There is no input validation for the numpy.pad function in Numpy 1.13.1 and earlier. An empty list or ndarray will remain in an infinite loop, which may allow attackers to launch a DoS attack. CVE-STATUS: default...

7.5CVSS7AI score0.02681EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:22 p.m.•28 views

Advisory ROSA-SA-2021-1903

Software: libwmf 0.2.8.4 OS: Cobalt 7.9 CVE-ID: CVE-2016-9011 CVE-Crit: MEDIUM CVE-DESC: The wmfmalloc function in api.c in libwmf 0.2.8.4 allows remote attackers to cause a denial of service application crash via a crafted wmf file, causing a memory allocation failure. CVE-STATUS: default CVE-RE...

5.5CVSS6.9AI score0.02612EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•28 views

Advisory ROSA-SA-2021-1875

Software: libjpeg-turbo 1.2.90 OS: Cobalt 7.9 CVE-ID: CVE-2014-9092 CVE-Crit: MEDIUM CVE-DESC: libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service crash via a crafted JPEG file associated with an Exif token. CVE-STATUS: default CVE-REV: default...

6.5CVSS6.9AI score0.03235EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:34 p.m.•28 views

Advisory ROSA-SA-2021-1810

Software: cairo 1.15.12 OS: Cobalt 7.9 CVE-ID: CVE-2018-18064 CVE-Crit: MEDIUM CVE-DESC: cairo before version 1.15.14 has an off-stack write while processing a generated document with WebKitGTK + due to interaction between cairo-rectangular-scan-converter.c generate and renderrows functions and...

6.5CVSS7AI score0.0148EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/11/10 6:27 a.m.•27 views

Advisory ROSA-SA-2025-3078

Software: openssh 8.0p1 OS: ROSA Virtualization 3.1 CVE-ID: CVE-2019-16905 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the OpenSSH cryptographic security tool is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to execute...

7.8CVSS10AI score0.05326EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/06/23 7:37 a.m.•27 views

Advisory ROSA-SA-2025-2899

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-51.rv3.5 CVE-ID: CVE-2006-20001 BDU-ID: 2023-01105 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the moddav module of the Apache HTTP Server web server is related to an operation exceeding buffer boundaries...

9.1CVSS10AI score0.81466EPSS
Exploits13
Rosalinux
Rosalinux
•added 2025/05/26 6:34 a.m.•27 views

Advisory ROSA-SA-2025-2868

Software: libxml2 2.9.1 OS: rosa-server79 packageevrstring: libxml2-2.9.1-6.0.1.res7.6 CVE-ID: CVE-2024-56171 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in libxml2: use-after-free in xmlschemas.c. CVE-STATUS: Vulnerability resolved. CVE-REV: To close the vulnerability, run the command:...

9.8CVSS7.8AI score0.01136EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/30 8:30 a.m.•27 views

Advisory ROSA-SA-2025-2858

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

7.5CVSS7.8AI score0.62906EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/03/01 9:41 p.m.•27 views

Advisory ROSA-SA-2025-2750

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-33.rv3 CVE-ID: CVE-2018-15209 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in LibTIFF allows remote attackers to cause a denial of service or execute arbitrary code via a specially crafted TIFF file...

8.8CVSS7.2AI score0.03969EPSS
Exploits8
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•27 views

Advisory ROSA-SA-2025-2708

Software: libtiff 4.0.9 OS: ROSA Virtualization 3.0 packageevrstring: libtiff-4.0.9 CVE-ID: CVE-2018-18557 BDU-ID: 2019-00884 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the JBIGDecode function "tifjbig.c" of the LibTIFF library for viewing, editing, and converting TIFF files involves bugs th...

8.8CVSS9AI score0.1496EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•27 views

Advisory ROSA-SA-2025-2701

Software: gzip 1.9 OS: ROSA Virtualization 3.0 packageevrstring: gzip-1.9 CVE-ID: CVE-2022-1271 BDU-ID: 2022-02113 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gzip library is related to errors in file name handling. Exploitation of the vulnerability could allow an attacker acting remotely to...

8.8CVSS7.3AI score0.04271EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/15 10:9 p.m.•27 views

Advisory ROSA-SA-2025-2688

Software: perl 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-0.074-2 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authentication procedure. Exploitatio...

8.1CVSS7.4AI score0.01742EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:30 p.m.•27 views

Advisory ROSA-SA-2025-2658

software: tidy 5.7.28 WASP: ROSA-CHROME packageevrstring: tidy-5.7.28-2 CVE-ID: CVE-2021-33391 BDU-ID: None CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in HTML Tidy's HTACG allows an attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c. CVE-STATUS: The...

9.8CVSS7.6AI score0.01128EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/29 9:52 a.m.•27 views

Advisory ROSA-SA-2024-2517

software: hostapd 2.9 WASP: ROSA-CHROME packageevrstring: hostapd-2.9-3 CVE-ID: CVE-2019-16275 BDU-ID: 2019-04775 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wi-Fi WPA Supplicant secure access component is related to a flaw in the input validation mechanism. Exploitation of the...

6.5CVSS6.7AI score0.01669EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/09/09 8:46 a.m.•27 views

Advisory ROSA-SA-2024-2476

software: ldns 1.8.3 OS: ROSA-CHROME packageevrstring: ldns-1.8.3-1 CVE-ID: CVE-2020-19861 BDU-ID: 2022-05917 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the ldnsnsec3saltdata function of the DNS LDNS library is related to reading outside the allowed data buffer boundaries. Exploitation of the...

7.5CVSS6.9AI score0.01493EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/08/06 9:46 a.m.•27 views

Advisory ROSA-SA-2024-2464

Software: util-linux 2.32.1 OS: ROSA Virtualization 2.1 packageevrstring: util-linux-2.32.1 CVE-ID: CVE-2022-0563 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A compilation vulnerability with Readline support has been discovered in the util-linux utilities chfn and chsh. The Readline library uses the...

5.5CVSS7AI score0.0043EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/05/02 9:15 a.m.•27 views

Advisory ROSA-SA-2024-2413

software: mariadb 10.5.23 AXIS: ROSA-CHROME packageevrstring: mariadb-10.5.23-1 CVE-ID: CVE-2022-47015 BDU-ID: 2023-03856 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the spiderdbmbase::printwarnings function of the MariaDB DBMS is related to pointer dereferencing errors. Exploitation of the...

6.5CVSS7AI score0.01486EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/01/23 12:33 p.m.•27 views

Advisory ROSA-SA-2024-2330

software: epiphany 42.2 WASP: ROSA-CHROME packageevrstring: epiphany-42.2-4.src.rpm CVE-ID: CVE-2023-26081 BDU-ID: 2023-01753 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Epiphany web browser is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.7AI score0.01228EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/10 9:47 a.m.•27 views

Advisory ROSA-SA-2023-2243

Software: avahi 0.7 OS: ROSA Virtualization 2.1 packageevrstring: avahi-0.7-19.0.1.rv3 CVE-ID: CVE-2021-3468 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A bug was discovered in avahi in versions 0.6 through 0.8. The event used to signal the termination of a client connection in the avahi Unix socket...

5.5CVSS6.7AI score0.00453EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:22 p.m.•27 views

Advisory ROSA-SA-2021-2005

Software: zsh 5.0.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-10070 CVE-Crit: HIGH CVE-DESC: zsh before 5.0.7 allows the initial values of integer variables imported from the environment to be evaluated instead of treating them as literal numbers. This may allow local privilege escalation under some specif...

9.8CVSS8.8AI score0.02592EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:3 p.m.•27 views

Advisory ROSA-SA-2021-1958

Software: pywbem 0.7.0 OS: Cobalt 7.9 CVE-ID: CVE-2013-6418 CVE-Crit: HIGH CVE-DESC: PyWBEM 0.7 and earlier versions use a separate connection to validate X.509 certificates, which allows "attacker-in-the-middle" attackers to trick a peer node with an arbitrary certificate. CVE-STATUS: default...

5.8CVSS6.5AI score0.01772EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:39 p.m.•27 views

Advisory ROSA-SA-2021-1941

Software: orc 0.4.26 OS: Cobalt 7.9 CVE-ID: CVE-2018-8015 CVE-Crit: HIGH CVE-DESC: In Apache ORC 1.0.0-1.4.3, a corrupted ORC file can trigger an infinitely recursive function call in a C ++ or Java parser. The consequence of this error is likely to be a denial of service for software that uses t...

7.5CVSS7.5AI score0.0346EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:23 p.m.•27 views

Advisory ROSA-SA-2021-1904

Software: libxkbcommon 0.7.1 OS: Cobalt 7.9 CVE-ID: CVE-2018-15858 CVE-Crit: MEDIUM CVE-DESC: Unchecked use of NULL pointer when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp / keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash dereference NULL pointer...

5.5CVSS6.7AI score0.00431EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:17 p.m.•27 views

Advisory ROSA-SA-2021-1895

Software: libtasn1 4.10 OS: Cobalt 7.9 CVE-ID: CVE-2017-10790 CVE-Crit: HIGH CVE-DESC: The asn1checkidentifier function in GNU Libtasn1 - 4.12 causes the dereferencing of a NULL pointer and a failure to read the created input, which triggers the assignment of a NULL value in the asn1node structur...

7.5CVSS6.8AI score0.0499EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:14 p.m.•27 views

Advisory ROSA-SA-2021-1870

Software: libgcrypt 1.5.3 OS: Cobalt 7.9 CVE-ID: CVE-2014-5270 CVE-Crit: CRITICAL CVE-DESC: Libgcrypt before 1.5.4, used in GnuPG and other products, incorrectly performs ciphertext normalization and ciphertext randomization, making it easier for physically proximate attackers to conduct key...

7.5CVSS6.5AI score0.03885EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:39 p.m.•27 views

Advisory ROSA-SA-2021-1827

Software: elinks 0.12 OS: Cobalt 7.9 CVE-ID: CVE-2012-6709 CVE-Crit: MEDIUM CVE-DESC: ELinks 0.12 and Twibright Links 2.3 lack SSL certificate validation. CVE-STATUS: Default CVE-REV: Default...

5.9CVSS7.1AI score0.00579EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 7:14 a.m.•26 views

Advisory ROSA-SA-2026-3145

Software: git 2.43.5 OS: ROSA Virtualization 3.1 unaffected versions = git-2.43.5-3.rv31 affected versions git-2.43.5-3.rv31 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path...

9CVSS7.6AI score0.51883EPSS
Exploits37
Rosalinux
Rosalinux
•added 2025/11/10 6:21 a.m.•26 views

Advisory ROSA-SA-2025-3073

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 unaffected versions = libxml2-2.9.7-21.0.1.rv30.3 affected versions libxml2-2.9.7-21.0.1.1.rv30.3 CVE-ID: CVE-2025-6021 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...

9.1CVSS8.9AI score0.22791EPSS
Exploits12
Rosalinux
Rosalinux
•added 2025/05/26 6:35 a.m.•26 views

Advisory ROSA-SA-2025-2873

Software: python3-base 3.6.8 OS: rosa-server79 packageevrstring: python3-base-3.6.8-21.0.3.res7 CVE-ID: CVE-2021-3177 BDU-ID: 2021-01781 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PyCArgrepr ctypes/callproc.c function of the Python programming language interpreter is related to buffer...

9.8CVSS8.2AI score0.1885EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•26 views

Advisory ROSA-SA-2025-2846

Software: iperf3 3.5 OS: ROSA Virtualization 2.1 packageevrstring: iperf3-3.5-11.rv3 CVE-ID: CVE-2024-53580 BDU-ID: 2024-11145 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Iperf3 network bandwidth measurement tool is related to improper handling of test parameters passed to the server in json...

7.5CVSS7.4AI score0.00919EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:22 p.m.•26 views

Advisory ROSA-SA-2025-2788

Software: postgresql 9.2.24 OS: rosa-server79 packageevrstring: postgresql-9.2.24-9.0.4.res7 CVE-ID: CVE-2023-5869 BDU-ID: 2023-07840 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the arrayappend, arrayprepend, arraysubscripthandler functions of the PostgreSQL database management system is related...

8.8CVSS9.2AI score0.04422EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/08 9:17 p.m.•26 views

Advisory ROSA-SA-2025-2759

Software: squid 3.5.20 OS: rosa-server79 packageevrstring: squid-3.5.20-17.0.5.res7.13 CVE-ID: CVE-2023-46846 BDU-ID: 2023-08063 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Squid proxy server chunked decoder is related to the server interpreting fragmented encoding syntax. Exploitation of...

9.3CVSS9.2AI score0.05298EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 6:50 p.m.•26 views

Advisory ROSA-SA-2025-2639

software: faad2 2.11.1 OS: ROSA-CHROME packageevrstring: faad2-2.11.1-1 CVE-ID: CVE-2023-38858 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Buffer overflow vulnerability in infaad2 allows a remote attacker to execute arbitrary code via the mp4info function. CVE-STATUS: The vulnerability has been...

6.5CVSS8.1AI score0.00898EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/28 6:32 p.m.•26 views

Advisory ROSA-SA-2025-2631

software: libheif 1.12.0 WASP: ROSA-CHROME packageevrstring: libheif-1.12.0-4 CVE-ID: CVE-2021-36410 BDU-ID: 2023-01688 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the putepelhvfallback function of the fallback-motion.cc component of the h.265 Libde265 video codec implementation is related to...

6.5CVSS9.5AI score0.01321EPSS
Exploits15
Rosalinux
Rosalinux
•added 2024/12/10 11:44 a.m.•26 views

Advisory ROSA-SA-2024-2539

software: zabbix5.0 5.0.40 WASP: ROSA-CHROME packageevrstring: zabbix5.0-5.0.40-1 CVE-ID: CVE-2023-32721 BDU-ID: 2023-06803 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Zabbix Universal Monitoring System interface is related to insufficient input validation when processing the URL field of th...

9.1CVSS7.8AI score0.04036EPSS
Exploits1
Total number of security vulnerabilities1374