Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2023/02/07 8:27 a.m.•23 views

Advisory ROSA-SA-2023-2095

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0-22 CVE-ID: CVE-2022-4283 BDU-ID: None CVE-Crit: HIGH CVE-DESC: A vulnerability has been discovered in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting i...

8.8CVSS8.8AI score0.02685EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:32 p.m.•23 views

Advisory ROSA-SA-2021-1928

Software: netpbm 10.79.00 OS: Cobalt 7.9 CVE-ID: CVE-2018-8975 CVE-Crit: MEDIUM CVE-DESC: The pmmallocarray2 function in lib / util / mallocvar.c in Netpbm before version 10.81.03 allows remote attackers to cause a denial of service excessive heap-based buffer reads via a crafted image file, as...

5.5CVSS7.1AI score0.01717EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:26 p.m.•23 views

Advisory ROSA-SA-2021-1908

Software: live555 2020.04.12 OS: Cobalt 7.9 CVE-ID: CVE-2021-28899 CVE-Crit: HIGH CVE-DESC: Vulnerability in AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses through 2021 in Networks LIVE555...

7.5CVSS7.1AI score0.01094EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:17 p.m.•23 views

Advisory ROSA-SA-2021-1894

Software: libtar 1.2.11 OS: Cobalt 7.9 CVE-ID: CVE-2013-4420 CVE-Crit: HIGH CVE-DESC: Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files with a . dot in a created tar...

5.8CVSS7.4AI score0.03277EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:16 p.m.•23 views

Advisory ROSA-SA-2021-1888

Software: libsamplerate 0.1.8 OS: Cobalt 7.9 CVE-ID: CVE-2017-7697 CVE-Crit: MEDIUM CVE-DESC: libsamplerate before version 0.1.9 experiences a buffer overflow in the calcoutputsingle function in srcsinc.c via a created audio file. CVE-STATUS: default CVE-REV: default...

5.5CVSS7.5AI score0.00913EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:14 p.m.•23 views

Advisory ROSA-SA-2021-1874

Software: libimobiledevice 1.2.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-5209 CVE-Crit: CRITICAL CVE-DESC: The base64decode function in base64.c in libimobiledevice libplist before 1.12 allows attackers to retrieve sensitive information from process memory or cause a denial of service buffer overflow usi...

9.1CVSS8.7AI score0.03799EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:3 p.m.•23 views

Advisory ROSA-SA-2021-1850

Software: gstreamer 0.10.36 OS: Cobalt 7.9 CVE-ID: CVE-2016-10199 CVE-Crit: HIGH CVE-DESC: The qtdemuxtagaddstrfull function in gst / isomp4 / qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service read out of range and crash using a created...

9.8CVSS9.6AI score0.09267EPSS
Exploits5
Rosalinux
Rosalinux
•added 2021/07/02 4:40 p.m.•23 views

Advisory ROSA-SA-2021-1834

Software: file-roller 3.28.1 OS: Cobalt 7.9 CVE-ID: CVE-2019-16680 CVE-Crit: MEDIUM CVE-DESC: A problem was found in GNOME file-roller before 3.29.91. It bypasses a single path ./../ through the filename contained in a TAR archive, possibly overwriting the file during extraction. CVE-STATUS:...

4.3CVSS7AI score0.02132EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/06/01 8:51 a.m.•22 views

Advisory ROSA-SA-2026-3300

CVE-ID: CVE-2025-11731 BDU-ID: 2026-02739 CVE-Crit: LOW CVE-DESCRIPTION: The vulnerability in the exsltFuncResultComp function of the functions.c component in the Libxslt XML analysis library is related to data type conversion errors. Exploitation of this vulnerability may allow an attacker to...

7.5CVSS7.5AI score0.0363EPSS
Exploits5
Rosalinux
Rosalinux
•added 2026/05/19 2:18 p.m.•22 views

Advisory ROSA-SA-2026-3280

software: etcd 3.6.10 OS: ROSA-CHROME unaffected versions = etcd-3.6.10-1 affected versions etcd-3.6.10-1 CVE-ID: CVE-2026-33343 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in etcd allows an authenticated user with limited RBAC rights to bypass key-level authorization using nested...

6.5CVSS5.7AI score0.0021EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/06 9:35 p.m.•22 views

Advisory ROSA-SA-2026-3257

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-5 affected versions kernel-6.12-6.12.74-5 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD "in-plac...

7.8CVSS6AI score0.96267EPSS
Exploits230
Rosalinux
Rosalinux
•added 2025/11/09 1:7 p.m.•22 views

Advisory ROSA-SA-2025-3043

Software: openssh 8.0p1 OS: ROSA Virtualization 3.1 unaffected versions = openssh-8.0p1-26.0.2.2.rv31 affected versions openssh-8.0p1-26.0.2.2.rv31 CVE-ID: CVE-2020-14145 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSSH cryptographic security tool is related to a lack of service...

9.8CVSS7.7AI score0.93305EPSS
Exploits35
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•22 views

Advisory ROSA-SA-2025-2849

Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-19.rv3 CVE-ID: CVE-2024-56171 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in libxml2: use-after-free in xmlschemas.c. CVE-STATUS: Vulnerability resolved. CVE-REV: To close the vulnerability, run the...

9.8CVSS7.9AI score0.01136EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:22 p.m.•22 views

Advisory ROSA-SA-2025-2790

Software: java-1.8.0-openjdk 1.8.0.432.b06 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.432.b06-1.0.1.res7 CVE-ID: CVE-2024-21208 BDU-ID: 2024-11501 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Diagnostics components of Oracle GraalVM Enterprise Edition virtual machines, Oracle...

4.8CVSS5.8AI score0.01157EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•22 views

Advisory ROSA-SA-2025-2746

Software: python3x-urllib3 1.25.10 OS: ROSA Virtualization 3.0 packageevrstring: python3x-urllib3-1.25.10-5.rv30 CVE-ID: CVE-2021-33503 BDU-ID: 2022-00586 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP client for Python urllib3 is related to uncontrolled resource consumption. Exploitation ...

8.1CVSS8.8AI score0.03273EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•22 views

Advisory ROSA-SA-2025-2739

Software: libvpx 1.7.0 OS: ROSA Virtualization 3.0 packageevrstring: libvpx-1.7.0-11.rv30 CVE-ID: CVE-2023-5217 BDU-ID: 2023-06157 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the VP8 format encoding function of the libvpx library of the Google Chrome browser is related to a buffer overflow ...

9.1CVSS9.2AI score0.49013EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•22 views

Advisory ROSA-SA-2025-2730

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-12.0.2.rv30 CVE-ID: CVE-2024-0727 BDU-ID: 2024-01337 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes, and PKCS12newpass functions ...

5.5CVSS6.5AI score0.03174EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•22 views

Advisory ROSA-SA-2025-2719

Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1 CVE-ID: CVE-2021-3156 BDU-ID: 2021-00364 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parseargs function of the Sudo system administration program is related to a buffer overflow in dynamic memory. Exploitatio...

7.8CVSS8AI score0.99295EPSS
Exploits101
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•22 views

Advisory ROSA-SA-2025-2707

Software: libtasn1 4.13 OS: ROSA Virtualization 3.0 packageevrstring: libtasn1-4.13 CVE-ID: CVE-2021-46848 BDU-ID: 2022-06694 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the asn1encodesimpleder function of the Libtasn1 library is related to a single offset error. Exploitation of the vulnerabilit...

9.1CVSS6.9AI score0.02062EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/29 12:9 p.m.•22 views

Advisory ROSA-SA-2025-2677

software: qt4 4.8.7 OS: ROSA-CHROME packageevrstring: qt4-4.8.7-18 CVE-ID: CVE-2023-32763 BDU-ID: 2023-03802 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the QTextLayout component of the Qt cross-platform software development framework is related to buffer copying without input validation...

7.5CVSS7.7AI score0.01553EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 7:49 p.m.•22 views

Advisory ROSA-SA-2025-2671

software: shapelib 1.5.0 AXIS: ROSA-CHROME packageevrstring: shapelib-1.5.0-2 CVE-ID: CVE-2022-0699 BDU-ID: 2022-06588 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the implementation of the malloc function of the shapelib library is related to double memory freeing. Exploitation of the...

9.8CVSS6.6AI score0.01239EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:19 p.m.•22 views

Advisory ROSA-SA-2025-2628

Software: libvncserver 0.9.13 OS: ROSA-CHROME packageevrstring: libvncserver-0.9.13-2 CVE-ID: CVE-2020-29260 BDU-ID: 2024-06666 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rfbClientCleanup function of the libvncclient component of the libvncclient cross-platform LibVNCServer library is relat...

7.5CVSS6.6AI score0.00947EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 6:2 p.m.•22 views

Advisory ROSA-SA-2025-2626

software: leptonica 1.82.0 WASP: ROSA-CHROME packageevrstring: leptonica-1.82.0-1 CVE-ID: CVE-2020-36277 BDU-ID: 2021-05306 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Leptonica image processing library involves the implementation of an incorrect control flow. Exploitation of the...

7.5CVSS6.8AI score0.02871EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/01/27 10:44 a.m.•22 views

Advisory ROSA-SA-2025-2582

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0-8 CVE-ID: CVE-2024-7006 BDU-ID: 2024-06610 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the LibTIFF library involves null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.7AI score0.01516EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:34 a.m.•22 views

Advisory ROSA-SA-2025-2579

software: suricata 6.0.20 WASP: ROSA-CHROME packageevrstring: suricata-6.0.20-2 CVE-ID: CVE-2024-45796 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Suricata allows an attacker to cause a failure in the reassembly of traffic fragments. CVE-STATUS: The vulnerability has been resolved...

5.3CVSS6.7AI score0.00479EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 8:59 a.m.•22 views

Advisory ROSA-SA-2024-2522

Software: libebml 1.3.9 OS: rosa-server79 packageevrstring: libebml-1.3.9-2.res7 CVE-ID: CVE-2023-52339 BDU-ID: 2024-02535 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the MemIOCallback.cpp file of the C++ libebml library is related to integer overflow. Exploitation of the vulnerability could all...

6.5CVSS6.8AI score0.01087EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/03 10:28 p.m.•22 views

Advisory ROSA-SA-2024-2503

Software: wget 1.19.5 OS: ROSA Virtualization 2.1 packageevrstring: wget-1.19.5-12.rv3 CVE-ID: CVE-2024-38428 BDU-ID: 2024-04683 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the userinfo URI component of the GNU Wget download manager is related to insecure behavior in which data that should hav...

9.1CVSS6.9AI score0.00666EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 10:18 p.m.•22 views

Advisory ROSA-SA-2024-2500

Software: orc 0.4.28 OS: ROSA Virtualization 2.1 packageevrstring: orc-0.4.28-4.rv3 CVE-ID: CVE-2022-40897 BDU-ID: 2023-02445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python Packaging Authority package installation tools is related to insufficient input validation when processing HTML...

5.9CVSS5.9AI score0.02617EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/03 9:6 p.m.•22 views

Advisory ROSA-SA-2024-2488

Software: less 458 OS: rosa-server79 packageevrstring: less-458-10.res7 CVE-ID: CVE-2024-32487 BDU-ID: 2024-03717 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the UNIX-like UNIX text terminal utility Less is related to incorrect handling of quotation marks in the filename.c file. Exploitation of...

8.6CVSS7.6AI score0.00628EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/08/20 11:36 a.m.•22 views

Advisory ROSA-SA-2024-2469

software: pcs 0.10.7 WASP: ROSA-CHROME packageevrstring: pcs-0.10.7-5 CVE-ID: CVE-2022-1049 BDU-ID: 2022-05543 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the corosync/pacemaker PCS program configuration utility is related to flaws in the authentication procedure. Exploitation of the vulnerabili...

8.8CVSS7.7AI score0.01825EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/07/23 11:32 a.m.•22 views

Advisory ROSA-SA-2024-2457

Software: snappy 1.1.8 OS: ROSA Virtualization 2.1 packageevrstring: snappy-1.1.8 CVE-ID: CVE-2023-28115 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the generateFromHtml function of the PHP Snappy library involves the recovery of invalid data from memory. Exploitation of the...

9.8CVSS7.8AI score0.0276EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/05/07 8:18 a.m.•22 views

Advisory ROSA-SA-2024-2416

Software: binutils 2.30 OS: ROSA Virtualization 2.1 packageevrstring: binutils-2.30-108.0.1.rv3.1 CVE-ID: CVE-2021-37322 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: GCC c++filt v2.26 was found to contain a post-release exploitation vulnerability via the cplus-dem.c component. CVE-STATUS: Not Relevant...

7.8CVSS7.4AI score0.00853EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/03/19 12:41 p.m.•22 views

Advisory ROSA-SA-2024-2376

Software: dav1d 1.3.0 AXIS: ROSA-CHROME packageevrstring: dav1d-1.3.0-1.src.rpm CVE-ID: CVE-2023-32570 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: VideoLAN dav1d has a threadtask.c race condition that could cause an application crash associated with dav1ddecodeframeexit. CVE-STATUS: Fixed CVE-REV: T...

5.9CVSS6.9AI score0.00743EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/11/21 12:46 p.m.•22 views

Advisory ROSA-SA-2023-2297

software: puppet 7.25.0 OS: ROSA-CHROME packageevrstring: puppet-7.25.0-1.src.rpm CVE-ID: CVE-2021-27021 BDU-ID: 2022-01884 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PuppetDB database management system is related to the failure to take measures to protect the SQL query structure...

8.8CVSS7.6AI score0.01262EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/22 6:30 a.m.•22 views

Advisory ROSA-SA-2023-2276

software: librsvg 2.52.11 WASP: ROSA-CHROME packageevrstring: librsvg-2.52.11-1.src.rpm CVE-ID: CVE-2023-38633 BDU-ID: 2023-05427 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XML document merge mechanism XInclude of the vector graphics rendering library librsvg is related to an incorrect...

5.5CVSS6.9AI score0.02132EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/06/27 7:38 a.m.•22 views

Advisory ROSA-SA-2023-2173

software: tnef 1.4.15 AXIS: ROSA-CHROME packageevrstring: tnef-1.4.15-3.src.rpm CVE-ID: CVE-2019-18849 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In tnef before 1.4.18, an attacker could write to a victim's .ssh/authorizedkeys file via an email message with a created winmail.dat application/ms-tnef...

5.5CVSS7AI score0.01203EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/04/18 11:49 a.m.•22 views

Advisory ROSA-SA-2023-2154

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: 1.8.0-25 CVE-ID: CVE-2023-1393 BDU-ID: None CVE-Crit: HIGH CVE-DESC: Use-After-Free can result in elevated local privileges. If a client explicitly destroys a linker overlay window also known as COW, Xserver will leave a dangling pointe...

7.8CVSS7.8AI score0.0044EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/02/28 10:19 a.m.•22 views

Advisory ROSA-SA-2023-2126

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0-22 CVE-ID: CVE-2023-0494 BDU-ID: None CVE-Crit: HIGH CVE-DESC: A vulnerability has been discovered in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be used by ProcXkbSetDeviceInfo a...

7.8CVSS8.3AI score0.00899EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:8 p.m.•22 views

Advisory ROSA-SA-2021-1972

Software: soundtouch 1.4.0 OS: Cobalt 7.9 CVE-ID: CVE-2018-1000223 CVE-Crit: HIGH CVE-DESC: soundtouch versions up to and including 2.0.0.0 contain a buffer overflow vulnerability in SoundStretch / WavFile.cpp: WavInFile :: readHeaderBlock that could lead to arbitrary code execution. This attack...

8.8CVSS9.2AI score0.02426EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:30 p.m.•22 views

Advisory ROSA-SA-2021-1922

Software: modauthopenidc 1.8.8 OS: Cobalt 7.9 CVE-ID: CVE-2017-6062 CVE-Crit: HIGH CVE-DESC: The "OpenID Connect Verification Party and OAuth 2.0 Resource Server" module also known as modauthopenidc before version 2.1.5 for Apache HTTP Server does not pass the OIDCCLAIM and OIDCAuthNHeader header...

8.6CVSS6.7AI score0.03633EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:26 p.m.•22 views

Advisory ROSA-SA-2021-1910

Software: lua 5.1.4 OS: Cobalt 7.9 CVE-ID: CVE-2020-15888 CVE-Crit: HIGH CVE-DESC: Lua through 5.4.0 incorrectly handles the interaction between stack resizing and garbage collection, resulting in heap-based buffer overflow, heap-based buffer overflow, or post-release usage. CVE-STATUS: default...

8.8CVSS7.1AI score0.02446EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 5:22 p.m.•22 views

Advisory ROSA-SA-2021-1902

Software: libwebp 0.3.0 OS: Cobalt 7.9 CVE-ID: CVE-2016-9085 CVE-Crit: LOW CVE-DESC: multiple integer overflow in libwebp allows attackers to have undefined impact via unknown vectors. CVE-STATUS: default CVE-REV: default...

3.3CVSS7.3AI score0.00425EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:18 p.m.•22 views

Advisory ROSA-SA-2021-1898

Software: libupnp 1.6.25 OS: Cobalt 7.9 CVE-ID: CVE-2020-13848 CVE-Crit: HIGH CVE-DESC: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service failure with a crafted SSDP message due to dereferencing a NULL pointer in the FindServiceControlURLPath an...

7.5CVSS7AI score0.03469EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:13 p.m.•22 views

Advisory ROSA-SA-2021-1866

Software: libdwarf 20130207 OS: Cobalt 7.9 CVE-ID: CVE-2016-5028 CVE-Crit: MEDIUM CVE-DESC: The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service dereferencing a null pointer via an object file with empty bss-like sections. CVE-STATUS:...

7.5CVSS7.1AI score0.04379EPSS
Exploits17
Rosalinux
Rosalinux
•added 2021/07/02 5:8 p.m.•22 views

Advisory ROSA-SA-2021-1860

Software: ksh 20120801 OS: Cobalt 7.9 CVE-ID: CVE-2019-14868 CVE-Crit: HIGH CVE-DESC: a bug was discovered in ksh version 20120801 in the way certain environment variables are evaluated. An attacker could exploit this vulnerability to override or bypass environment restrictions to execute shell...

7.8CVSS7.4AI score0.01385EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/11/10 6:21 a.m.•21 views

Advisory ROSA-SA-2025-3067

Software: bzip2 1.0.6 OS: ROSA Virtualization 3.0 unaffected versions = bzip2-1.0.6-28.rv30 affected versions bzip2-1.0.6-28.rv30 CVE-ID: CVE-2019-12900 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BZ2decompress decompress.c function of the bzip2 data compression utility is related to...

9.8CVSS9.9AI score0.0812EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/11/10 6:15 a.m.•21 views

Advisory ROSA-SA-2025-3055

Software: cups 2.2.6 OS: ROSA Virtualization 3.1 unaffected versions = cups-2.2.6-63.rv31 affected versions cups-2.2.6-63.rv31 CVE-ID: CVE-2025-58060 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CUPS Common UNIX Printing System is related to flaws in the authentication procedure...

8CVSS7.1AI score0.00964EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/09 10:31 a.m.•21 views

Advisory ROSA-SA-2025-2976

Software: rsync 3.4.1 OS: ROSA-CHROME unaffected versions = rsync-3.4.1-1 affected versions rsync-3.4.1-1 CVE-ID: CVE-2024-12084 BDU-ID: 2025-00378 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation...

9.8CVSS10AI score0.72059EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•21 views

Advisory ROSA-SA-2025-2831

Software: grafana 7.5.15 OS: ROSA Virtualization 3.0 packageevrstring: grafana-7.5.15-5.rv30 CVE-ID: CVE-2023-44487 BDU-ID: 2023-06559 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already...

7.5CVSS8.5AI score0.99999EPSS
Exploits20
Rosalinux
Rosalinux
•added 2025/03/17 9:49 p.m.•21 views

Advisory ROSA-SA-2025-2785

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 3.0 packageevrstring: xmlrpc-c-1.51.0-10.0.1.rv30 CVE-ID: CVE-2023-52425 BDU-ID: 2024-01514 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the XML parser library libexpat is associated with uncontrolled resource consumption. Exploitation of the...

7.5CVSS9.3AI score0.01815EPSS
Exploits1
Total number of security vulnerabilities1374