Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2021/07/02 4:58 p.m.•25 views

Advisory ROSA-SA-2021-1848

Software: gparted 0.33.0 OS: Cobalt 7.9 CVE-ID: CVE-2014-7208 CVE-Crit: HIGH CVE-DESC: GParted before version 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the created file system label. CVE-STATUS: default CVE-REV: default...

7.2CVSS7.7AI score0.01113EPSS
Exploits5
Rosalinux
Rosalinux
•added 2021/07/02 4:56 p.m.•25 views

Advisory ROSA-SA-2021-1845

Software: gnome-keyring 3.28.2 OS: Cobalt 7.9 CVE-ID: CVE-2018-19358 CVE-Crit: HIGH CVE-DESC: The GNOME keyring up to version 3.28.2 allows local users to obtain login credentials through the Secret Service API call and the D-Bus interface if the keyring is unlocked, similar to CVE-2008-7320. On...

7.8CVSS6.8AI score0.00554EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:35 p.m.•25 views

Advisory ROSA-SA-2021-1814

Software: coreutils 8.22 OS: Cobalt 7.9 CVE-ID: CVE-2017-18018 CVE-Crit: MEDIUM CVE-DESC: In GNU Coreutils before 8.29, chown-core.c in chown and chgrp does not prevent replacing a simple file with a symbolic link while using POSIX "-R -L" parameters, allowing local users to change ownership of...

7.1CVSS6.8AI score0.00348EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/20 7:5 a.m.•24 views

Advisory ROSA-SA-2026-3288

software: kernel-6.6 6.6.126 WASP: ROSA-CHROME unaffected versions = kernel-6.6-6.6.6.126-6 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption an...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
•added 2025/04/30 8:25 a.m.•24 views

Advisory ROSA-SA-2025-2857

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

7.5CVSS7.8AI score0.62906EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/04/30 7:45 a.m.•24 views

Advisory ROSA-SA-2025-2853

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2024-5535 BDU-ID: 2024-06988 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSLselectnextproto function of the TLS and SSL OpenSSL protocol toolkit is related to information disclosure...

9.1CVSS7.1AI score0.05582EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•24 views

Advisory ROSA-SA-2025-2827

Software: postgresql 13.20 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-13.20-1.rv30 CVE-ID: CVE-2024-10976 BDU-ID: 2024-09684 CVE-Crit: LOW CVE-DESC.: A vulnerability in the CREATE POLICY row-protected table security policy of the PostgreSQL database management system is related to a...

8.8CVSS9.2AI score0.89914EPSS
Exploits11
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•24 views

Advisory ROSA-SA-2025-2791

Software: bind 9.11.36 OS: ROSA Virtualization 3.0 packageevrstring: bind-9.11.36-16.rv30.4 CVE-ID: CVE-2022-3094 BDU-ID: 2023-00580 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the named component of the DNS BIND server is related to the ability to use memory after it has been freed. Exploitatio...

7.5CVSS7.8AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/17 9:49 p.m.•24 views

Advisory ROSA-SA-2025-2783

Software: libssh 0.9.6 OS: ROSA Virtualization 3.0 packageevrstring: libssh-0.9.6-14.rv30 CVE-ID: CVE-2023-6004 BDU-ID: 2024-00199 CVE-Crit: LOW CVE-DESC.: A vulnerability in the ProxyCommand/ProxyJump component of the libssh library is related to improper code generation controls. Exploitation o...

5.3CVSS6.4AI score0.01421EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•24 views

Advisory ROSA-SA-2025-2732

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 packageevrstring: pam-1.3.1-36.0.1.rv30 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

7.4CVSS5.8AI score0.00791EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•24 views

Advisory ROSA-SA-2025-2705

Software: libjpeg-turbo 1.5.2003 OS: ROSA Virtualization 3.0 packageevrstring: libjpeg-turbo-1.5.2003 CVE-ID: CVE-2020-17541 BDU-ID: 2023-07622 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the Libjpeg-turbo image manipulation library is related to writing beyond buffer boundaries. Exploitatio...

8.8CVSS7AI score0.02728EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/02/24 12:27 p.m.•24 views

Advisory ROSA-SA-2025-2699

Software: perl-HTTP-Tiny 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-HTTP-Tiny-0.074-2 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authentication...

8.1CVSS7.4AI score0.01742EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:26 p.m.•24 views

Advisory ROSA-SA-2025-2655

Software: webkit4 2.44.1 OS: ROSA-CHROME packageevrstring: webkit4-2.44.1-1 CVE-ID: CVE-2023-28198 BDU-ID: 2023-04538 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the macOS operating system WebKit web page display module is associated with a post-release exploit error. Exploitation of the...

9.8CVSS9.5AI score0.01356EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:13 p.m.•24 views

Advisory ROSA-SA-2025-2647

software: fuseiso 20070708 WASP: ROSA-CHROME packageevrstring: fuseiso-20070708-12 CVE-ID: CVE-2015-8836 BDU-ID: 2016-00922 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the isofsrealreadzf isofs.c function of the FuseISO disk image mount software tool is caused by an integer overflow...

7.3CVSS7.9AI score0.02809EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/13 10:5 a.m.•24 views

Advisory ROSA-SA-2025-2555

Software: cups 1.6.3 OS: rosa-server79 packageevrstring: cups-1.6.3-52.res7 CVE-ID: CVE-2023-32360 BDU-ID: 2023-07653 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server is related to flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker...

5.5CVSS7.2AI score0.00347EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 10:15 p.m.•24 views

Advisory ROSA-SA-2024-2498

Software: python-jwcrypto 0.5.0 OS: ROSA Virtualization 2.1 packageevrstring: python-jwcrypto-0.5.0-2.rv3 CVE-ID: CVE-2024-28102 BDU-ID: 2024-01978 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the deserialize JavaScript library function for Jwcrypto is associated with uncontrolled resource...

6.8CVSS6.6AI score0.0098EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/09/03 11:59 a.m.•24 views

Advisory ROSA-SA-2024-2473

software: net-snmp 5.9 WASP: ROSA-CHROME packageevrstring: net-snmp-5.9-3 CVE-ID: CVE-2022-44792 BDU-ID: 2024-06510 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the handleipDefaultTTL function of the Net-SNMP software suite of the Linux operating system is associated with a NULL Pointer...

6.5CVSS7AI score0.5346EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/07/15 10:11 a.m.•24 views

Advisory ROSA-SA-2024-2452

software: redis 7.0.14 OS: ROSA-CHROME packageevrstring: redis-7.0.14-1 CVE-ID: CVE-2023-41053 BDU-ID: 2023-05475 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an...

3.3CVSS4.1AI score0.0034EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/24 2:5 p.m.•24 views

Advisory ROSA-SA-2023-2280

Software: cockpit 264.2 OS: ROSA Virtualization 2.1 packageevrstring: cockpit-264.2-1.0.1.rv3c.src.rpm CVE-ID: CVE-2021-3660 BDU-ID: 2021-04029 CVE-Crit: MEDIUM CVE-DESC.: A manager vulnerability for Cockpit servers is related to errors in the display of the user interface or frames. Exploitation...

7.5CVSS6.5AI score0.01242EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/08/29 12:18 p.m.•24 views

Advisory ROSA-SA-2023-2224

software: mosquitto 2.0.15 WASP: ROSA-CHROME packageevrstring: mosquitto-2.0.15-2.src.rpm CVE-ID: CVE-2021-34431 BDU-ID: 2022-01775 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Mosquitto message broker is related to incorrect processing of a CONNECT packet without will topic, will message i...

7.5CVSS6.7AI score0.0126EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/03/14 2:19 p.m.•24 views

Advisory ROSA-SA-2023-2132

Software: pesign 0.109 OS: rosa-server79 packageevrstring: pesign-0.109-11 CVE-ID: CVE-2022-3560 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC: A flaw has been found in the design. The pesign package provides a systemd service used to run the pesign daemon. This service module runs a script to set ACLs...

5.5CVSS5.8AI score0.00245EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:21 p.m.•24 views

Advisory ROSA-SA-2021-2003

Software: yum-utils 1.1.31 OS: Cobalt 7.9 CVE-ID: CVE-2018-10897 CVE-Crit: HIGH CVE-DESC: A directory traversal issue was discovered in reposync, part of yum-utils, where reposync cannot clear paths in remote repository configuration files. If an attacker controls the repository, they can copy...

9.3CVSS8AI score0.0571EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:10 p.m.•24 views

Advisory ROSA-SA-2021-1978

Software: stunnel 4.56 OS: Cobalt 7.9 CVE-ID: CVE-2014-0016 CVE-Crit: MEDIUM CVE-DESC: stunnel before 5.00 when using fork streaming does not properly update the OpenSSL pseudo-random number generator PRNG state, which causes subsequent children with the same process ID to use the same entropy po...

7.5CVSS7.3AI score0.02155EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:59 p.m.•24 views

Advisory ROSA-SA-2021-1953

Software: poppler 0.26.5 OS: Cobalt 7.9 CVE-ID: CVE-2017-7511 CVE-Crit: MEDIUM CVE-DESC: poppler, since version 0.17.3, was vulnerable to null pointer dereferencing in pdfunite caused by specially crafted documents. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2017-7515 CVE-Crit: MEDIUM...

8.8CVSS7.3AI score0.0274EPSS
Exploits5
Rosalinux
Rosalinux
•added 2021/07/02 5:39 p.m.•24 views

Advisory ROSA-SA-2021-1946

Software: path 2.7.1 OS: Cobalt 7.9 CVE-ID: CVE-2014-9637 CVE-Crit: MEDIUM CVE-DESC: GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation error with a crafted diff file. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2015-1196...

7.8CVSS7.5AI score0.11199EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 5:39 p.m.•24 views

Advisory ROSA-SA-2021-1943

Software: p11-kit 0.23.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-29361 CVE-Crit: HIGH CVE-DESC: A problem was found in p11-kit 0.21.1 to 0.23.21. Multiple integer overflows were found in array allocation in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling...

7.5CVSS7.3AI score0.0335EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:30 p.m.•24 views

Advisory ROSA-SA-2021-1923

Software: modwsgi 3.4 OS: Cobalt 7.9 CVE-ID: CVE-2014-8583 CVE-Crit: CRITICAL CVE-DESC: modwsgi before 4.2.4 for Apache when creating a daemon process group does not handle properly when group privileges cannot be discarded, which could allow attackers to gain privileges via undefined vectors...

6.9CVSS7.2AI score0.00403EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:29 p.m.•24 views

Advisory ROSA-SA-2021-1920

Software: minicom 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2017-7467 CVE-Crit: CRITICAL CVE-DESC: A buffer overflow error was detected in the way minicom pre-2.7.1 handled VT100 escape sequences. A malicious terminal device could potentially exploit this vulnerability to crash minicom or execute arbitrar...

9.8CVSS8.1AI score0.02735EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:37 p.m.•24 views

Advisory ROSA-SA-2021-1819

Software: cvs 1.11.23 OS: Cobalt 7.9 CVE-ID: CVE-2020-2324 CVE-Crit: HIGH CVE-DESC: The Jenkins CVS 2.16 and earlier plug-in does not configure its XML syntactic parser to prevent attacks on XML external objects XXE. CVE-STATUS: default CVE-REV: default...

7.5CVSS7.1AI score0.01342EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 7:14 a.m.•23 views

Advisory ROSA-SA-2026-3142

Software: cups 2.2.6 OS: ROSA Virtualization 3.1 unaffected versions = cups-2.2.6-66.rv31 affected versions cups-2.2.6-66.rv31 CVE-ID: CVE-2025-58364 BDU-ID: 2025-12439 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server libcups library is related to null pointer dereferencing du...

6.7CVSS7.1AI score0.01063EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/11/10 6:21 a.m.•23 views

Advisory ROSA-SA-2025-3066

Software: dhcp 4.4.2 OS: ROSA Virtualization 3.0 unaffected versions = dhcp-4.4.2-19.b1.rv30 affected versions dhcp-4.4.2-19.b1.rv30 CVE-ID: CVE-2021-25217 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A software vulnerability providing the DHCP Dynamic Host Configuration Protocol service to the network is...

7.4CVSS7.1AI score0.06118EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/06/23 7:22 a.m.•23 views

Advisory ROSA-SA-2025-2897

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2019-1547 BDU-ID: 2019-04084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the ecerr.c and eclib.c functions of the OpenSSL library is related to the lack of data encryption measures...

10CVSS9.2AI score0.96275EPSS
Exploits15
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•23 views

Advisory ROSA-SA-2025-2825

Software: python-pip 9.0.3 OS: ROSA Virtualization 3.0 packageevrstring: python-pip-9.0.3-24.rv30 CVE-ID: CVE-2007-4559 BDU-ID: 2022-05975 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extract and extractall functions of the tarfile module of the Python programming language interpreter is...

9.8CVSS7.6AI score0.27095EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•23 views

Advisory ROSA-SA-2025-2702

Software: ipmitool 1.8.18 OS: ROSA Virtualization 3.0 packageevrstring: ipmitool-1.8.18 CVE-ID: CVE-2020-5208 BDU-ID: 2020-03947 CVE-Crit: HIGH CVE-DESC.: An implementation vulnerability in multiple functions readfruarea, readfruareasection, ipmispdprintfru, ipmigetsessioninfo,...

8.8CVSS7.8AI score0.0329EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 7:59 p.m.•23 views

Advisory ROSA-SA-2025-2675

software: libssh2 1.10.0 OS: ROSA-CHROME packageevrstring: libssh2-1.10.0-3 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process...

5.9CVSS7.4AI score0.93305EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/01/28 7:33 p.m.•23 views

Advisory ROSA-SA-2025-2661

software: perl 5.30.3 OS: ROSA-CHROME packageevrstring: perl-5.30.3 CVE-ID: CVE-2023-47100 BDU-ID: 2023-08382 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Sparseunipropstring function of the regcomp.c file of the Perl programming language interpreter is related to an operation exceeding...

9.8AI score
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:29 p.m.•23 views

Advisory ROSA-SA-2025-2657

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0 CVE-ID: CVE-2022-4645 BDU-ID: 2023-05401 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the tiffcrop utility tools/tiffcp.c:948 of the libtiff library involves reading beyond buffer boundaries in memory. Exploitation of the...

6.8CVSS7.1AI score0.0051EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/01/28 7:27 p.m.•23 views

Advisory ROSA-SA-2025-2656

Software: libgit2 1.4.5 OS: ROSA-CHROME packageevrstring: libgit2-1.4.5 CVE-ID: CVE-2024-24575 BDU-ID: 2024-01378 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the src/libgit2/revparse.c component of the C Libgit2 implementation of Git methods is associated with uncontrolled resource consumption...

9.8CVSS9.2AI score0.01546EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:21 p.m.•23 views

Advisory ROSA-SA-2025-2650

Software: webmin 2.105 WASP: ROSA-CHROME packageevrstring: webmin-2.105-1 CVE-ID: CVE-2022-3844 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Webmin allows basic client-side scripting to be run via the xterm/index.cgi function. CVE-STATUS: The vulnerability has been resolved CVE-REV...

6.1CVSS5.7AI score0.00591EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:35 p.m.•23 views

Advisory ROSA-SA-2025-2633

software: mosquitto 2.0.15 WASP: ROSA-CHROME packageevrstring: mosquitto-2.0.15 CVE-ID: CVE-2023-0809 BDU-ID: 2024-04210 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CONNECT component of the Eclipse Mosquitto message broker is related to memory allocation based on an unreliable value of lar...

7.5CVSS7.4AI score0.01116EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 6:13 p.m.•23 views

Advisory ROSA-SA-2025-2627

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0-6 CVE-ID: CVE-2023-3576 BDU-ID: 2023-05973 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the tiffcrop utility of the LibTIFF library is related to an operation exceeding buffer boundaries in memory. Exploitation of the...

6.8CVSS8.8AI score0.01124EPSS
Exploits14
Rosalinux
Rosalinux
•added 2025/01/27 7:47 a.m.•23 views

Advisory ROSA-SA-2025-2567

software: curl 8.7.1 OS: ROSA-CHROME packageevrstring: curl-8.7.1-1 CVE-ID: CVE-2024-0853 BDU-ID: 2024-01014 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TLS protocol implementation of the cURL command line utility is related to erroneous storage of the session ID as a result of a lack of...

5.3CVSS7.1AI score0.01102EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/08/28 8:18 a.m.•23 views

Advisory ROSA-SA-2024-2472

software: zip 3.0 WASP: ROSA-CHROME packageevrstring: zip-3.0-15 CVE-ID: CVE-2018-13410 BDU-ID: 2021-03766 CVE-Crit: HIGH CVE-DESC.: A vulnerability in zip file compression software is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker...

9.8CVSS7AI score0.03977EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/08/20 11:40 a.m.•23 views

Advisory ROSA-SA-2024-2470

software: systemd 249 WASP: ROSA-CHROME packageevrstring: systemd-249-1.gitfab79a.21 CVE-ID: CVE-2022-3821 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: An off-by-one error problem was discovered in Systemd in the formattimespan function time-util.c. An attacker could provide specific values for time...

5.5CVSS7.6AI score0.0865EPSS
Exploits3
Rosalinux
Rosalinux
•added 2024/06/03 8:20 a.m.•23 views

Advisory ROSA-SA-2024-2428

software: djvulibre 3.5.28 WASP: ROSA-CHROME packageevrstring: djvulibre-3.5.28-4 CVE-ID: CVE-2021-3500 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A flaw was discovered in djvulibre. A stack overflow in DJVU::DjVuDocument::getdjvufile via a created djvu file may cause the application to crash and...

7.8CVSS7.5AI score0.00944EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/05/28 8:15 a.m.•23 views

Advisory ROSA-SA-2024-2423

Software: libmpeg2 0.5.1 OS: ROSA Virtualization 2.1 packageevrstring: libmpeg2-0.5.1 CVE-ID: CVE-2022-37416 BDU-ID: None CVE-Crit: N/A CVE-DESC.: Ittiam libmpeg2 uses memcpy with overlapping memory blocks in impeg2mcfullxfullxfullx8x8. CVE-STATUS: Not Relevant CVE-REV:...

6.5CVSS7AI score0.00808EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/12/05 10:41 a.m.•23 views

Advisory ROSA-SA-2023-2303

software: poppler 22.05.0 WASP: ROSA-CHROME packageevrstring: poppler-22.05.0-7.src.rpm CVE-ID: CVE-2023-34872 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Outline.cc for Poppler before version 23.06.0 allows a remote attacker to cause a denial of service DoS crash via a created PD...

5.5CVSS6.8AI score0.00927EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/22 5:23 a.m.•23 views

Advisory ROSA-SA-2023-2261

software: mujs 1.3.3 AXIS: ROSA-CHROME packageevrstring: mujs-1.3.3.3-1.src.rpm CVE-ID: CVE-2016-10141 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS to...

9.8CVSS8AI score0.03645EPSS
Exploits3
Rosalinux
Rosalinux
•added 2023/07/11 11:15 a.m.•23 views

Advisory ROSA-SA-2023-2186

software: pidgin 2.14.12 WASP: ROSA-CHROME packageevrstring: pidgin-2.14.12-1.src.rpm CVE-ID: CVE-2022-26491 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A remote attacker who can spoof DNS responses can redirect the client connection to a malicious server. The client will perform TLS certificate...

5.9CVSS7.3AI score0.02419EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/02/07 8:27 a.m.•23 views

Advisory ROSA-SA-2023-2095

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0-22 CVE-ID: CVE-2022-4283 BDU-ID: None CVE-Crit: HIGH CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting i...

8.8CVSS8.8AI score0.02685EPSS
Exploits0
Total number of security vulnerabilities1374