Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2025/03/08 9:19 p.m.•17 views

Advisory ROSA-SA-2025-2765

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-6.rv3 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the html template tool jinja is related to a failure to neutralize special...

7.8CVSS8.1AI score0.005EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:41 p.m.•17 views

Advisory ROSA-SA-2025-2751

Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-18.rv3.2 CVE-ID: CVE-2023-39615 BDU-ID: 2023-05968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlsax2startelement function of the libxml2 library is caused by a buffer overflow. Exploitation of the...

8.1CVSS8.2AI score0.01364EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•17 views

Advisory ROSA-SA-2025-2704

Software: libarchive 3.3.2003 OS: ROSA Virtualization 3.0 packageevrstring: libarchive-3.3.2003 CVE-ID: CVE-2022-36227 BDU-ID: 2022-07496 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the calloc function of the libarchive archiving library is related to pointer dereferencing errors...

9.8CVSS8AI score0.04575EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•17 views

Advisory ROSA-SA-2025-2710

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 packageevrstring: libxml2-2.9.7-18.0.1 CVE-ID: CVE-2021-3518 BDU-ID: 2021-05283 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the xinclude.c component of the Libxml2 library is related to memory usage after it has been freed. Exploitation of th...

8.8CVSS7.4AI score0.0828EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:5 p.m.•17 views

Advisory ROSA-SA-2025-2643

software: dcmtk 3.6.6 OS: ROSA-CHROME packageevrstring: dcmtk-3.6.6 CVE-ID: CVE-2022-2119 BDU-ID: 2023-03840 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the DICOM DCMTK format library is related to flaws in the directory path name restriction. Exploitation of the vulnerability allows an...

9.8CVSS7AI score0.02913EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 12:26 p.m.•17 views

Advisory ROSA-SA-2025-2594

software: freerdp 2.11.7 OS: ROSA-CHROME packageevrstring: freerdp-2.11.7-1 CVE-ID: CVE-2024-22211 BDU-ID: 2024-00706 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the freerdpbitmapplanarcontextreset function of the FreeRDP RDP client is related to an integer overflow when processing the...

9.8CVSS6.9AI score0.01085EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 10:38 a.m.•17 views

Advisory ROSA-SA-2025-2580

software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-2 CVE-ID: CVE-2023-40660 BDU-ID: 2024-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSC smart card software toolkit and libraries is related to the fact that token/card authentication by one process can perform...

6.6CVSS7.4AI score0.01174EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 8:23 a.m.•17 views

Advisory ROSA-SA-2025-2572

software: squid 5.10 OS: ROSA-CHROME packageevrstring: squid-5.10-1 CVE-ID: CVE-2024-45802 BDU-ID: 2024-08860 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to input processing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cau...

7.5CVSS7.3AI score0.47227EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 8:3 a.m.•17 views

Advisory ROSA-SA-2025-2570

software: php 7.4.33 WASP: ROSA-CHROME packageevrstring: php-7.4.33-11 CVE-ID: CVE-2022-4900 BDU-ID: 2023-02666 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the phpcliserverstartupworkers sapi/cli/phpcliserver.c function of the PHP programming language interpreter is related to an operation...

6.2CVSS6.9AI score0.00367EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•17 views

Advisory ROSA-SA-2025-2560

Software: squid 3.5.20 OS: rosa-server79 packageevrstring: squid-3.5.20-17.0.5.res7.10 CVE-ID: CVE-2024-45802 BDU-ID: 2024-08860 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to input processing errors. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.6AI score0.47227EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 9:39 a.m.•17 views

Advisory ROSA-SA-2025-2549

Software: ghostscript 9.25 OS: rosa-server79 packageevrstring: ghostscript-9.25-5.0.3.res7 CVE-ID: CVE-2018-19478 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Artifex Ghostscript allows an attacker to run a lengthy calculation when processing a PDF file. CVE-STATUS: The vulnerabili...

5.5CVSS6.5AI score0.01888EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/12/02 8:19 a.m.•17 views

Advisory ROSA-SA-2024-2537

Software: openjpeg2 2.4.0 OS: ROSA-CHROME packageevrstring: openjpeg2-2.4.0-3 CVE-ID: CVE-2022-1122 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The opj2decompress program in openjpeg2 has discovered a flaw in the way it handles an input directory with a large number of files. When the program fails ...

5.5CVSS7.1AI score0.0156EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/11/12 9:3 a.m.•17 views

Advisory ROSA-SA-2024-2518

software: memcached 1.6.22 OS: ROSA-CHROME packageevrstring: memcached-1.6.22-1 CVE-ID: CVE-2023-46852 BDU-ID: 2023-08094 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the proxyruncoroutine function protoproxy.c of the memcached data caching software tool is related to an operation exceeding buffe...

7.5CVSS6.8AI score0.00778EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/06/03 8:12 a.m.•17 views

Advisory ROSA-SA-2024-2427

software: cups 2.3.3op2 OS: ROSA-CHROME packageevrstring: cups-2.3.3op2-10 CVE-ID: CVE-2023-32324 BDU-ID: 2023-03873 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the formatlogline function of the CUPS print server is related to writing beyond buffer boundaries. Exploitation of the vulnerability...

7.5CVSS6.3AI score0.01461EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•17 views

Advisory ROSA-SA-2021-1878

Software: libmicrohttpd 0.9.33 OS: Cobalt 7.9 CVE-ID: CVE-2021-3466 CVE-Crit: CRITICAL CVE-DESC: A bug was found in libmicrohttpd in versions before 0.9.71. The lack of bounds checking in the postprocessurlencoded function causes a buffer overflow, allowing a remote attacker to write arbitrary da...

10CVSS7.4AI score0.08739EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:44 p.m.•17 views

Advisory ROSA-SA-2021-1840

Software: gegl 0.2.0 OS: Cobalt 7.9 CVE-ID: CVE-2018-10111 CVE-Crit: HIGH CVE-DESC: An issue was discovered in GEGL before version 0.3.32. The renderrectangle function in process / gegl-processor.c has unlimited memory allocation, which causes a denial of service application crash if the allocati...

8.8CVSS8.1AI score0.01928EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/06/01 12:39 p.m.•16 views

Advisory ROSA-SA-2026-3313

Component: xz 5.2.9 OS: ROSA-CHROME Unaffected versions: = xz-5.2.9-2 Affected versions: xz-5.2.9-2 CVE-ID: CVE-2026-34743 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The buffer overflow vulnerability in XZ Utils allows an attacker to cause memory corruption by using the lzmaindexdecoder...

6.3CVSS6AI score0.00351EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/20 7:5 a.m.•16 views

Advisory ROSA-SA-2026-3291

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-4 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
•added 2026/05/19 2:32 p.m.•16 views

Advisory ROSA-SA-2026-3284

Software: tigervnc 1.13.1 OS: ROSA-CHROME unaffected versions = tigervnc-1.13.1-2 affected versions tigervnc-1.13.1-2 CVE-ID: CVE-2026-34352 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An invalid permissions vulnerability in the Image.cxx component of x0vncserver in TigerVNC allows other users to view...

9.8CVSS5.7AI score0.00247EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/06/09 8:53 a.m.•16 views

Advisory ROSA-SA-2025-2876

Software: expat 2.2.5 OS: ROSA Virtualization 2.1 packageevrstring: expat-2.2.5-17.0.1.rv3 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a stack-based buffer overflow. Exploitation of the vulnerability cou...

7.5CVSS8.3AI score0.01569EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/05/26 6:34 a.m.•16 views

Advisory ROSA-SA-2025-2869

Software: libxslt 1.1.28 OS: rosa-server79 packageevrstring: libxslt-1.1.28-6.0.1.1.res7 CVE-ID: CVE-2024-55549 BDU-ID: 2025-03641 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the xsltGetInheritedNsList function of the libxslt library is related to memory usage after it has been freed...

7.8CVSS7.6AI score0.00324EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/05/19 4:10 p.m.•16 views

Advisory ROSA-SA-2025-2861

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 packageevrstring: kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2019-13631 BDU-ID: 2019-03626 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parsehidreportdescriptor function of the Linux operating system kernel is related to writing outside buffer...

10CVSS8.7AI score0.07619EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•16 views

Advisory ROSA-SA-2025-2848

Software: libsndfile 1.0.28 OS: ROSA Virtualization 2.1 packageevrstring: libsndfile-1.0.28-16.rv3 CVE-ID: CVE-2022-33065 BDU-ID: 2025-03968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the aureadheader function of the src/au.c component of the Libsndfile audio file reading and writing library...

7.8CVSS8.2AI score0.00351EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/17 9:44 p.m.•16 views

Advisory ROSA-SA-2025-2781

Software: cairo 1.15.12 OS: ROSA Virtualization 2.1 packageevrstring: cairo-1.15.12-6.rv3 CVE-ID: CVE-2020-35492 BDU-ID: 2021-03445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the image-compositor.c component of the Cairo vector graphics library is related to a data stack buffer overflow...

7.8CVSS7.3AI score0.01112EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/17 9:44 p.m.•16 views

Advisory ROSA-SA-2025-2777

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-c-1.51.0-10.rv3 CVE-ID: CVE-2021-46143 BDU-ID: 2022-01052 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the doProlog function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of t...

9.8CVSS8AI score0.04955EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•16 views

Advisory ROSA-SA-2025-2724

Software: gnutls 3.6.16 OS: ROSA Virtualization 3.0 packageevrstring: gnutls-3.6.16-8.0.1.rv30.1 CVE-ID: CVE-2021-4209 BDU-ID: 2022-01898 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the implementation of the wrapnettlehashfast function of the GnuTLS cryptographic library is related to pointer...

6.5CVSS6.6AI score0.01383EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•16 views

Advisory ROSA-SA-2025-2713

Software: openblas 2000.3.15 OS: ROSA Virtualization 3.0 packageevrstring: openblas-2000.3.15 CVE-ID: CVE-2021-4048 BDU-ID: 2021-05061 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Microsoft Visio vector graphics, diagram and flowchart editor is related to memory usage after memory has be...

9.1CVSS7.3AI score0.0262EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•16 views

Advisory ROSA-SA-2025-2703

Software: jbig2dec 0.16 OS: ROSA Virtualization 3.0 packageevrstring: jbig2dec-0.16 CVE-ID: CVE-2020-12268 BDU-ID: 2022-05687 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the jbig2imagecompose function of the jbig2imagecompose component of the jbig2image.c decoder of the JBIG2 Jbig2dec image...

9.8CVSS7AI score0.02622EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/02/15 10:22 p.m.•16 views

Advisory ROSA-SA-2025-2691

Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation ...

8.3CVSS8AI score0.70754EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:19 p.m.•16 views

Advisory ROSA-SA-2025-2648

software: ghostscript 9.54.0 OS: ROSA-CHROME packageevrstring: ghostscript-9.54.0 CVE-ID: CVE-2023-43115 BDU-ID: 2023-06329 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the gdevijs.c component of the Ghostscript document processing software suite is related to incorrect code generation...

8.8CVSS8.9AI score0.0468EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 6:44 p.m.•16 views

Advisory ROSA-SA-2025-2636

software: audiofile 0.3.6 OS: ROSA-CHROME packageevrstring: audiofile-0.3.6 CVE-ID: CVE-2015-7747 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer overflow vulnerability in audiofile allows an attacker to cause a denial of service or execute arbitrary code through a specially crafted audio file...

8.8CVSS7.2AI score0.08802EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/28 12:43 p.m.•16 views

Advisory ROSA-SA-2025-2616

software: opusfile 0.12 WASP: ROSA-CHROME packageevrstring: opusfile-0.12-3 CVE-ID: CVE-2022-47021 BDU-ID: 2023-00624 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the opgetdata and opopen1 opusfile.c functions in the xiph of the opusfile stream decoder library is related to null pointer...

7.8CVSS6.7AI score0.00395EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/12/26 10:30 a.m.•16 views

Advisory ROSA-SA-2024-2546

software: tinyxml 2.6.2 OS: ROSA-CHROME packageevrstring: tinyxml-2.6.2-8 CVE-ID: CVE-2021-42260 BDU-ID: 2022-06895 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the TiXmlParsingData::Stamp function of the tinyxmlParser.cpp component of the TinyXML XML parser is related to the execution of a loop...

7.5CVSS7.4AI score0.03055EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/12/10 11:51 a.m.•16 views

Advisory ROSA-SA-2024-2541

software: tcl 8.6.13 WASP: ROSA-CHROME packageevrstring: tcl-8.6.13-1 CVE-ID: CVE-2021-35331 BDU-ID: 2022-01774 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the nmakehlp.c component of the Tcl programming language is related to insufficient format string handling. Exploitation of the...

7.8CVSS6.9AI score0.01639EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/12/05 11:11 a.m.•16 views

Advisory ROSA-SA-2024-2538

software: libgsf 1.14.53 WASP: ROSA-CHROME packageevrstring: libgsf-1.14.53-1 CVE-ID: CVE-2024-42415 BDU-ID: 2024-08625 CVE-Crit: HIGH CVE-DESC.: A vulnerability in The GNOME Project's structured file library libgsf involves a dynamic memory-based integer overflow when processing the sector...

8.4CVSS7.6AI score0.00458EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/22 6:25 a.m.•16 views

Advisory ROSA-SA-2023-2275

software: irssi 1.4.2 OS: ROSA-CHROME packageevrstring: irssi-1.4.2-2.src.rpm CVE-ID: CVE-2023-29132 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Irssi 1.3.x and 1.4.x before 1.4.4 has post-release usage due to the use of an obsolete special builder reference. This occurs when printing an unformatted...

5.3CVSS6.9AI score0.00808EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/09/12 12:13 p.m.•16 views

Advisory ROSA-SA-2023-2236

software: nuitka 1.5 WASP: ROSA-CHROME packageevrstring: nuitka-1.5-3.src.rpm CVE-ID: CVE-2022-2054 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Deploy code to the GitHub nuitka/nuitka repository to version 0.9. CVE-STATUS: Fixed CVE-REV: To close, run the command: sudo dnf update nuitka...

8.4CVSS7.3AI score0.00526EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/02/13 5:13 p.m.•16 views

Advisory ROSA-SA-2023-2107

kernel 123 rosa-server79 test00 software: kernel 123xxxxxxxxxzzzzzzzzzzzz CVE-Crit: packageevrstring: test00 CVE-ID: test CVE-Crit: Not Current...

2AI score
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:15 p.m.•16 views

Advisory ROSA-SA-2021-1883

Software: libplist 1.12 OS: Cobalt 7.9 CVE-ID: CVE-2017-6435 CVE-Crit: MEDIUM CVE-DESC: The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a created plist file. CVE-STATUS: default CVE-REV: default CVE-I...

9.1CVSS8.7AI score0.03799EPSS
Exploits6
Rosalinux
Rosalinux
•added 2026/06/01 12:33 p.m.•15 views

Advisory ROSA-SA-2026-3310

CVE-ID: CVE-2021-33454 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: Vulnerability related to the pointer manipulation in yasm version 1.3.0, within the function yasmexprgetintnum in libyasm/expr.c. CVE-STATUS: The vulnerability has been fixed. CVE-REVIEW: To address this vulnerability, execute...

5.5CVSS6AI score0.00324EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/06/01 11:23 a.m.•15 views

Advisory ROSA-SA-2026-3305

CVE-ID: CVE-2016-10506 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: Vulnerabilities involving division by zero in functions opjpinextcprl, opjpinextpcrl, and opjpinextrpcl in the pi.c file of OpenJPEG allow a malicious attacker to cause a service failure abrupt termination of the application...

6.5CVSS5.8AI score0.0347EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/06/01 8:41 a.m.•15 views

Advisory ROSA-SA-2026-3298

Software: wget 1.21.3 Operating System: ROSA-CHROME Unaffected versions: = wget-1.21.3-2 Affected versions: wget-1.21.3-2 CVE-ID: CVE-2024-38428 BDU-ID: 2024-04683 CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability in the userinfo URI of the GNU Wget download manager is related to insecure...

9.1CVSS5.8AI score0.00666EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/26 11:46 a.m.•15 views

Advisory ROSA-SA-2026-3295

Component: kernel-ml 5.15.208 OS: rosa-server79 Unaffected versions: = kernel-ml-5.15.208-1.0.1.res7 Affected versions: kernel-ml-5.15.208-1.0.1.res7 CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of Linux kernels. A...

7.8CVSS6AI score0.03663EPSS
Exploits11
Rosalinux
Rosalinux
•added 2026/05/19 2:22 p.m.•15 views

Advisory ROSA-SA-2026-3282

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-5 affected versions libssh-0.9.8-5 CVE-ID: CVE-2026-0965 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in libssh is related to the ability to open arbitrary files during configuration parsing. A local attacker could...

3.3CVSS6.4AI score0.00158EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/19 2:0 p.m.•15 views

Advisory ROSA-SA-2026-3274

software: vim 9.2.0173 WASP: ROSA-CHROME unaffected versions = vim-9.2.0173-1 affected versions vim-9.2.0173-1 CVE-ID: CVE-2026-28417 BDU-ID: 2026-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the vim text editor is related to failure to take measures to neutralize special elements...

7.8CVSS7.1AI score0.01162EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/19 1:25 p.m.•15 views

Advisory ROSA-SA-2026-3270

software: nginx 1.30.1 OS: ROSA-CHROME unaffected versions = nginx-1.30.1-1 affected versions nginx-1.30.1-1 CVE-ID: CVE-2026-42926 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX Open Source allows an attacker to inject frame headers and data into the upstream when proxying...

9.2CVSS6.6AI score0.61469EPSS
Exploits41
Rosalinux
Rosalinux
•added 2026/05/08 11:3 a.m.•15 views

Advisory ROSA-SA-2026-3264

Software: kernel 4.18.0 OS: ROSA Virtualization 3.1 unaffected versions = kernel-4.18.0-553.123.1.el810 affected versions lock, allowing a local attacker to cause a denial of service or execute arbitrary code when frequently switching a thread simultaneously with opening/closing a related...

9.8CVSS7AI score0.96267EPSS
Exploits231
Rosalinux
Rosalinux
•added 2026/03/22 6:39 p.m.•15 views

Advisory ROSA-SA-2026-3223

software: cups-filters 2.0.1 OS: ROSA-CHROME unaffected versions = cups-filters-2.0.1-1 affected versions cups-filters-2.0.1-1 CVE-ID: CVE-2025-64524 BDU-ID: 2026-03142 CVE-Crit: LOW CVE-DESC.: A vulnerability in the CUPS Filters print package is related to an operation exceeding buffer boundarie...

5.5CVSS5.8AI score0.00185EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•15 views

Advisory ROSA-SA-2026-3201

Software: sysstat 11.7.3 OS: ROSA Virtualization 2.1 unaffected versions = sysstat-11.7.3-13.rv3 affected versions sysstat-11.7.3-13.rv3 CVE-ID: CVE-2023-33204 BDU-ID: 2025-00980 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the common.c component of the sysstat system performance measurement and...

7.8CVSS6.9AI score0.01533EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•15 views

Advisory ROSA-SA-2026-3183

Software: sysstat 11.7.3 OS: ROSA Virtualization 3.0 unaffected versions = sysstat-11.7.3-13.rv30 affected versions sysstat-11.7.3-13.rv30 CVE-ID: CVE-2019-16167 BDU-ID: 2022-06244 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remapstruct function of the sacommon.c component of the Sysstat...

7.8CVSS7.2AI score0.01533EPSS
Exploits2
Total number of security vulnerabilities1374