Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2024/10/03 10:33 p.m.•26 views

Advisory ROSA-SA-2024-2505

SOFTWARE: 389-ds-base 1.4.3.8 OS: ROSA Virtualization 2.1 packageevrstring: 389-ds-base-1.4.3.8-5.0.2.rv3 CVE-ID: CVE-2020-35518 BDU-ID: 2023-02645 CVE-Crit: MEDIUM CVE-DESC.: A 389 Directory Server authentication vulnerability involves information disclosure when verifying the existence of a...

5.3CVSS6.8AI score0.01538EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/07/23 11:31 a.m.•26 views

Advisory ROSA-SA-2024-2456

Software: selinux-policy 3.14.3 OS: ROSA Virtualization 2.1 packageevrstring: selinux-policy-3.14.3 CVE-ID: CVE-2020-24612 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A problem was detected in the selinux-policy package because the .config/Yubico directory is not handled correctly. Consequently, whe...

6.7CVSS7.3AI score0.00317EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/05/28 8:18 a.m.•26 views

Advisory ROSA-SA-2024-2424

Software: libsolv 0.7.11 OS: ROSA Virtualization 2.1 packageevrstring: libsolv-0.7.11 CVE-ID: CVE-2021-44568 BDU-ID: 2023-05482 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the resolvedependencies function of the libsolv library is related to writing beyond buffer boundaries in memory. Exploitati...

6.5CVSS6.8AI score0.01794EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/04/11 7:13 a.m.•26 views

Advisory ROSA-SA-2024-2392

Software: python-pillow 2.0.0-25 OS: rosa-server79 packageevrstring: python-pillow-2.0.0.0-25.gitd1c6db8.res7 CVE-ID: CVE-2023-44271 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem has been detected in Pillow. It is a denial of service that uncontrollably allocates memory to process a given task...

7.5CVSS8.3AI score0.01038EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/02/20 9:19 a.m.•26 views

Advisory ROSA-SA-2024-2350

Software: LibRaw 0.19.4 OS: rosa-server79 packageevrstring: LibRaw-0.19.4-2.res7 CVE-ID: CVE-2021-32142 BDU-ID: 2023-03833 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LibRawbufferdatastream::gets function of the src/librawdatastream.cpp component of the LibRaw image processing library is...

7.8CVSS7.1AI score0.00424EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/02/14 10:35 a.m.•26 views

Advisory ROSA-SA-2024-2342

software: ostree 2022.7 WASP: ROSA-CHROME packageevrstring: ostree-2022.7-1.src.rpm CVE-ID: CVE-2022-47085 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: The issue detected in ostree allows attackers to cause a denial of service or other unspecified consequences using the printpanic function in...

7.5CVSS7.3AI score0.00744EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/01/23 12:14 p.m.•26 views

Advisory ROSA-SA-2024-2324

Software: xorg-x11-server 1.20.4 OS: rosa-server79 packageevrstring: xorg-x11-server-1.20.4-25.res7 CVE-ID: CVE-2023-6377 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An error has been detected in xorg-server. Requesting or modifying XKB button actions, such as switching from touchpad to mouse, can...

7.8CVSS8.1AI score0.01631EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/11/14 1:31 p.m.•26 views

Advisory ROSA-SA-2023-2294

software: emacs 28.1 WASP: ROSA-CHROME packageevrstring: emacs-28.1-4.src.rpm CVE-ID: CVE-2023-27985 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: emacsclient-mail.desktop in Emacs 28.1-28.2 is vulnerable to injecting shell commands via the generated mailto: URI. This is due to an inconsistency with the...

7.8CVSS7.7AI score0.01088EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/22 5:30 a.m.•26 views

Advisory ROSA-SA-2023-2263

software: ncurses 6.2 WASP: ROSA-CHROME packageevrstring: ncurses-6.2-6.src.rpm CVE-ID: CVE-2022-29458 BDU-ID: 2023-00296 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the convertstrings function of the convertstrings component of the tinfo/readentry.c component of the Ncurses terminal I/O contr...

7.1CVSS7.1AI score0.01341EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/10 9:49 a.m.•26 views

Advisory ROSA-SA-2023-2244

Software: babel 2.5.1 OS: ROSA Virtualization 2.1 packageevrstring: babel-2.5.1-7.rv3 CVE-ID: CVE-2021-42771 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary local .dat files containing serialized Python objects via directory traversal,...

7.8CVSS7.2AI score0.00716EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/09/19 9:33 a.m.•26 views

Advisory ROSA-SA-2023-2238

software: less 608 WASP: ROSA-CHROME packageevrstring: less-608-2.src.rpm CVE-ID: CVE-2022-46663 BDU-ID: 2023-00696 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Less UNIX-like UNIX text terminal utility is related to incorrect filtering of embedded ANSI sequences when processing the -R...

7.5CVSS6.9AI score0.01412EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/07/25 10:20 a.m.•26 views

Advisory ROSA-SA-2023-2199

Software: aspell 0.60.6.1 OS: ROSA Virtualization 2.1 packageevrstring: aspell-0.60.6.1.1-21.rv3.1.src.rpm CVE-ID: CVE-2019-17544 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer that is reloaded in acommon::unescape in common/getdata.cpp...

9.1CVSS7.1AI score0.03259EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/07/18 11:33 a.m.•26 views

Advisory ROSA-SA-2023-2195

software: salt 3004.2 WASP: ROSA-CHROME packageevrstring: salt-3004.2-1.src.rpm CVE-ID: CVE-2022-22967 BDU-ID: 2022-03745 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PAM auth function of the Salt configuration management and remote operations execution system is related to the lack of a vali...

8.8CVSS7.6AI score0.01878EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:8 p.m.•26 views

Advisory ROSA-SA-2021-1974

Software: vdagent spices 0.14.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-15108 CVE-Crit: HIGH CVE-DESC: spices vdagent up to 0.17.0 in a way that does not avoid saving the directory before going to the shell, allowing an attacker with access to the session running the agent to inject arbitrary commands to...

7.8CVSS6.3AI score0.0049EPSS
Exploits4
Rosalinux
Rosalinux
•added 2021/07/02 5:35 p.m.•26 views

Advisory ROSA-SA-2021-1934

Software: oddjob 0.31.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-10737 CVE-Crit: MEDIUM CVE-DESC: A race condition was discovered in the mkhomedir tool provided with the oddjob package in versions prior to 0.34.5 and 0.34.6, whereby during the creation of the home directory, mkhomedir copies the / etc /...

6.3CVSS6.7AI score0.00293EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:29 p.m.•26 views

Advisory ROSA-SA-2021-1921

Software: modauthmellon 0.14.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-3878 CVE-Crit: HIGH CVE-DESC: A vulnerability was discovered in modauthmellon before v0.14.2. If Apache is configured as a reverse proxy server and modauthmellon is configured to allow only authenticated users with the require...

8.1CVSS6.8AI score0.02969EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:26 p.m.•26 views

Advisory ROSA-SA-2021-1912

Software: lz4 1.8.3 OS: Cobalt 7.9 CVE-ID: CVE-2019-17543 CVE-Crit: HIGH CVE-DESC: LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize affecting applications that call LZ4compressfast with large input. This issue can also cause data corruption. NOTE: the...

8.1CVSS7.4AI score0.09116EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:16 p.m.•26 views

Advisory ROSA-SA-2021-1886

Software: librepo 1.8.1 OS: Cobalt 7.9 CVE-ID: CVE-2020-14352 CVE-Crit: HIGH CVE-DESC: A bug was discovered in librepo in versions prior to 1.12.1. A directory traversal vulnerability was discovered where paths in remote repository metadata could not be cleared. An attacker controlling a remote...

8.5CVSS6.8AI score0.02526EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:7 p.m.•26 views

Advisory ROSA-SA-2021-1858

Software: keepalived 1.3.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-19115 CVE-Crit: CRITICAL CVE-DESC: keepalived before 2.0.7 has a heap-based buffer overflow when analyzing HTTP status codes leading to DoS or possibly unspecified other impacts, because extractstatuscode in lib / html.c does not check th...

9.8CVSS8AI score0.03746EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:37 p.m.•26 views

Advisory ROSA-SA-2021-1821

Software: dcraw 9.19 OS: Cobalt 7.9 CVE-ID: CVE-2018-19565 CVE-Crit: HIGH CVE-DESC: Buffer re-reading in cropmaskedpixels in dcraw before 9.28 could have been used by attackers who could provide malicious files to crash the application that binds the dcraw code or leak private information...

7.1CVSS7.4AI score0.01075EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:34 p.m.•26 views

Advisory ROSA-SA-2021-1812

Software: cifs-utils 6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-2830 CVE-Crit: MEDIUM CVE-DESC: stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, used in pamcifscreds, allows remote attackers to have undefined impact via unknown vectors. CVE-STATUS: default CVE-REV: defau...

10CVSS7.5AI score0.05142EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:31 p.m.•26 views

Advisory ROSA-SA-2021-1805

Software: ant 1.9.4 OS: Cobalt 7.9 CVE-ID: CVE-2020-1945 CVE-Crit: MEDIUM CVE-DESC: Apache Ant 1.1 through 1.9.14 and 1.10.0 through 1.10.7 uses the default temporary directory defined by the Java system property java.io.tmpdir for several tasks, and thus may leak sensitive information. The fixcr...

6.3CVSS6.8AI score0.01808EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/08 6:25 p.m.•25 views

Advisory ROSA-SA-2026-3266

software: kernel-6.6 6.6.126 WASP: ROSA-CHROME unaffected versions = kernel-6.6-6.6.6.126-3 affected versions kernel-6.6-6.6.6.126-3 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the xfrm subsystem ESP of the Linux kernel allows data decryption over non-packe...

8.8CVSS6AI score0.93235EPSS
Exploits31
Rosalinux
Rosalinux
•added 2025/11/10 6:23 a.m.•25 views

Advisory ROSA-SA-2025-3076

Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 unaffected versions = openssh-8.0p1-26.0.2.2.rv30 affected versions openssh-8.0p1-26.0.2.2.rv30 CVE-ID: CVE-2020-15778 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the toremote scp.c function of the OpenSSH cryptographic security tool...

7.8CVSS7.1AI score0.93305EPSS
Exploits25
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•25 views

Advisory ROSA-SA-2025-2839

Software: dnsmasq 2.79 OS: ROSA Virtualization 2.1 packageevrstring: dnsmasq-2.79-33.0.1.rv3 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory...

8.3CVSS8.2AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/08 9:17 p.m.•25 views

Advisory ROSA-SA-2025-2757

Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.2.res7 CVE-ID: CVE-2024-12085 BDU-ID: 2025-00376 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding buffer boundaries ...

7.5CVSS8.1AI score0.08655EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•25 views

Advisory ROSA-SA-2025-2743

Software: postgresql14 14.13 OS: ROSA Virtualization 3.0 packageevrstring: postgresql14-14.13-2PGDG.0.1.rv30 CVE-ID: CVE-2023-2454 BDU-ID: 2023-03247 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Schema Handler component of the PostgreSQL database management system is related to access...

8.8CVSS7.9AI score0.04322EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 6:56 p.m.•25 views

Advisory ROSA-SA-2025-2641

Software: qemu 7.2.7 OS: ROSA-CHROME packageevrstring: qemu-7.2.7-1 CVE-ID: CVE-2023-3301 BDU-ID: 2024-04418 CVE-Crit: LOW CVE-DESC.: A vulnerability in the virtio-net interface of the QEMU hardware emulator is related to the asynchronous nature of the shutdown allowing a race scenario...

7.8CVSS8.8AI score0.01891EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:49 p.m.•25 views

Advisory ROSA-SA-2025-2638

software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-2 CVE-ID: CVE-2022-45142 BDU-ID: 2023-02156 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Kerberos5 heimdal protocol implementation is related to incorrect validation of the integrity check value. Exploitation of the...

7.5CVSS7.4AI score0.00491EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 1:41 p.m.•25 views

Advisory ROSA-SA-2025-2620

software: lua 5.3.6 WASP: ROSA-CHROME packageevrstring: lua-5.3.6-1 CVE-ID: CVE-2020-15945 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Lua: Vulnerability segmentation fault due to incorrect update of oldpc value during function control return. CVE-STATUS: Vulnerability resolved CVE-REV: To close the...

5.5CVSS6.8AI score0.00533EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 11:31 a.m.•25 views

Advisory ROSA-SA-2025-2609

software: shadow-utils 4.10 WASP: ROSA-CHROME packageevrstring: shadow-utils-4.10-7 CVE-ID: CVE-2023-4641 BDU-ID: 2024-02776 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the shadow-utils package involves requesting a password twice and failing to clear the memory buffer. Exploitation of the...

5.5CVSS7.2AI score0.00257EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 11:8 a.m.•25 views

Advisory ROSA-SA-2025-2606

software: grub2 2.06 WASP: ROSA-CHROME packageevrstring: grub2-2.06-22 CVE-ID: CVE-2023-4692 BDU-ID: 2023-06822 CVE-Crit: LOW CVE-DESC.: A vulnerability in the fs/ntfs.c component of the Grub2 operating systems loader is related to a buffer overflow in dynamic memory. Exploitation of the...

7.8CVSS8.2AI score0.00536EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/13 9:39 a.m.•25 views

Advisory ROSA-SA-2025-2551

Software: openssh 7.4p1 OS: rosa-server79 packageevrstring: openssh-7.4p1-23.0.6.res7 CVE-ID: CVE-2018-20685 BDU-ID: 2019-00773 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the OpenSSH cryptographic security tool is caused by errors in the validation of the scp.c directory name in the scp clien...

6.8CVSS7.2AI score0.58204EPSS
Exploits9
Rosalinux
Rosalinux
•added 2024/12/02 8:8 a.m.•25 views

Advisory ROSA-SA-2024-2536

software: re2c 3.1 AXIS: ROSA-CHROME packageevrstring: re2c-3.1-1 CVE-ID: CVE-2022-23901 BDU-ID: None CVE-Crit: CRITICAL. CVE-DESC.: The re2c 2.2 stack overflow is due to infinite recursion issues in src/dfa/deadrules.cc. CVE-STATUS: Fixed CVE-REV: To close, run the command: sudo dnf update re2c...

9.8CVSS7.3AI score0.01563EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/11/26 9:38 a.m.•25 views

Advisory ROSA-SA-2024-2529

Software: libtommath 0.42.0 OS: rosa-server79 packageevrstring: libtommath-0.42.0-6.res7 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to integer overflow. Exploitation of the vulnerability coul...

9.8CVSS7.3AI score0.01254EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 9:16 p.m.•25 views

Advisory ROSA-SA-2024-2492

Software: krb5 1.15.1 OS: rosa-server79 packageevrstring: krb5-1.15.1-55.res7 CVE-ID: CVE-2022-42898 BDU-ID: 2022-06933 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the PAC Privileged Attribute Certificate parameters of the krb5parsepac function of the Heimdal and MIT Kerberos packets of the...

8.8CVSS8.8AI score0.06419EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/03 8:27 p.m.•25 views

Advisory ROSA-SA-2024-2480

Software: java-1.8.0-openjdk 1.8.0.412.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.412.b08-1.res7 CVE-ID: CVE-2024-20918 BDU-ID: 2024-00485 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Hotspot component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM...

7.4CVSS5.3AI score0.01361EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/07/09 12:31 p.m.•25 views

Advisory ROSA-SA-2024-2445

software: xrdp 0.9.23.1 OS: ROSA-CHROME packageevrstring: xrdp-0.9.23.1-1 CVE-ID: CVE-2023-40184 BDU-ID: 2023-07659 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the authstartsession function of the XRDP server is related to the bypassing of session restrictions. Exploitation of the vulnerabilit...

6.5CVSS7.1AI score0.00728EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/11/14 1:49 p.m.•25 views

Advisory ROSA-SA-2023-2295

software: tang 11 WASP: ROSA-CHROME packageevrstring: tang-11-4.src.rpm CVE-ID: CVE-2023-1672 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is a race condition in the Tang server functions for key generation and key rotation. This flaw results in a small time interval during which Tang private...

5.3CVSS7.3AI score0.00568EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/11/07 10:1 a.m.•25 views

Advisory ROSA-SA-2023-2291

Software: gdb 8.2 OS: ROSA Virtualization 2.1 packageevrstring: gdb-8.2-19.rv3.src.rpm CVE-ID: CVE-2019-1010180 BDU-ID: 2019-03222 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdb module of the GDB debugger is related to an operation exceeding buffer boundaries in memory. Exploitation of the...

7.8CVSS7.9AI score0.02628EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/24 1:57 p.m.•25 views

Advisory ROSA-SA-2023-2278

Software: libssh2 1.8.0 OS: rosa-server79 packageevrstring: libssh2-1.8.0-4.res7.1.x8664.rpm CVE-ID: CVE-2020-22218 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An issue was discovered in the libssh2packetadd function in libssh2 1.10.0 that allows attackers to access external memory. CVE-STATUS: Fixed...

7.5CVSS6.8AI score0.00914EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/09/05 12:17 p.m.•25 views

Advisory ROSA-SA-2023-2231

SOFTWARE: 389-ds-base 1.4.3.8 OS: ROSA Virtualization 2.1 packageevrstring: 389-ds-base-1.4.3.8.src.rpm CVE-ID: CVE-2021-3652 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: An error has been detected in 389-ds-base. If the asterisk is imported as password hashes either accidentally or maliciously, then...

6.5CVSS7AI score0.01428EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/07/25 10:14 a.m.•25 views

Advisory ROSA-SA-2023-2197

software: suricata 6.0.12 WASP: ROSA-CHROME packageevrstring: suricata-6.0.12-1.src.rpm CVE-ID: CVE-2021-37592 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a TCP/IP stack created that can send a specific sequence of...

9.8CVSS7AI score0.01824EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/07/18 11:36 a.m.•25 views

Advisory ROSA-SA-2023-2196

Software: bookkeeper 4.3.2 OS: ROSA-CHROME packageevrstring: bookkeeper-4.3.2-7.src.rpm CVE-ID: CVE-2022-32531 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: The Apache Bookkeeper Java client before 4.14.6, and also 4.15.0 does not close the connection to the accounting server when TLS hostname validatio...

5.9CVSS6.8AI score0.01021EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:29 p.m.•25 views

Advisory ROSA-SA-2021-1920

Software: minicom 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2017-7467 CVE-Crit: CRITICAL CVE-DESC: A buffer overflow error was detected in the way minicom pre-2.7.1 handled VT100 escape sequences. A malicious terminal device could potentially exploit this vulnerability to crash minicom or execute arbitrar...

9.8CVSS8.1AI score0.02735EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•25 views

Advisory ROSA-SA-2021-1880

Software: libnotify 0.7.7 OS: Cobalt 7.9 CVE-ID: CVE-2013-7381 CVE-Crit: CRITICAL CVE-DESC: libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands using undefined characters when libnotify.notify is called. CVE-STATUS: default CVE-REV: default...

9.8CVSS8.2AI score0.02685EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•25 views

Advisory ROSA-SA-2021-1877

Software: libmad 0.15.1b OS: Cobalt 7.9 CVE-ID: CVE-2018-7263 CVE-Crit: CRITICAL CVE-DESC: The maddecoderrun function in decoder.c in Underbit libmad before 0.15.1b allows remote attackers to cause a denial of service SIGABRT due to double release or corruption or possibly have unspecified other...

9.8CVSS7.8AI score0.02475EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•25 views

Advisory ROSA-SA-2021-1876

Software: liblouis 2.5.2 OS: Cobalt 7.9 CVE-ID: CVE-2018-17294 CVE-Crit: MEDIUM CVE-DESC: The matchCurrentInput function inside loutranslateString.c in Liblouis before version 3.7 does not check the length of the input string, allowing attackers to cause a denial of service application failure du...

6.5CVSS6.8AI score0.02716EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:11 p.m.•25 views

Advisory ROSA-SA-2021-1864

Software: libcaca 0.99 OS: Cobalt 7.9 CVE-ID: CVE-2018-20544 CVE-Crit: MEDIUM CVE-DESC: floating-point exception in caca / dither.c function cacaditherbitmap in libcaca 0.99.beta19. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2018-20545 CVE-Crit: HIGH CVE-DESC: There is an invalid WRITE memo...

8.8CVSS7.6AI score0.02389EPSS
Exploits7
Rosalinux
Rosalinux
•added 2021/07/02 5:10 p.m.•25 views

Advisory ROSA-SA-2021-1863

Software: libass 0.13.4 OS: Cobalt 7.9 CVE-ID: CVE-2020-24994 CVE-Crit: HIGH CVE-DESC: Stack overflow in the parsetag function in libass / assparse.c in libass before version 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. CVE-STATUS: defau...

8.8CVSS8.2AI score0.02628EPSS
Exploits0
Total number of security vulnerabilities1374