Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2026/02/16 7:7 a.m.•15 views

Advisory ROSA-SA-2026-3134

Software: flac 1.3.2 OS: ROSA Virtualization 2.1 unaffected versions = flac-1.3.2-9.rv3.1 affected versions flac-1.3.2-9.rv3.1 CVE-ID: CVE-2020-22219 BDU-ID: 2023-06152 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the bitwritergrow in function of the FLAC audio codec is related to an operation...

7.8CVSS6.2AI score0.00742EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/12/02 1:21 p.m.•15 views

Advisory ROSA-SA-2025-3108

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-c-1.51.0-10.rv3 CVE-ID: CVE-2021-46143 BDU-ID: 2022-01052 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the doProlog function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of t...

9.8CVSS8.5AI score0.04955EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•15 views

Advisory ROSA-SA-2025-3103

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: rsync-3.1.3-20.rv3 CVE-ID: CVE-2022-37434 BDU-ID: 2022-05325 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory...

9.8CVSS7.9AI score0.16004EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/11/09 1:37 p.m.•15 views

Advisory ROSA-SA-2025-3047

Software: libwebp 1.0.0 OS: ROSA Virtualization 3.1 unaffected versions = libwebp-1.0.0.0-10.0.1.rv31 affected versions libwebp-1.0.0.0-10.0.1.rv31 CVE-ID: CVE-2018-25009 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is related to...

9.8CVSS9.1AI score0.99735EPSS
Exploits9
Rosalinux
Rosalinux
•added 2025/10/27 6:19 a.m.•15 views

Advisory ROSA-SA-2025-3036

Software: postgresql13 13.21 OS: rosa-server79 unaffected versions = postgresql13-13.21-1PGDG.res7 affected versions postgresql13-13.21-1PGDG.res7 CVE-ID: CVE-2023-5869 BDU-ID: 2023-07840 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the arrayappend, arrayprepend, arraysubscripthandler functions o...

8.8CVSS8.9AI score0.89914EPSS
Exploits11
Rosalinux
Rosalinux
•added 2025/05/26 6:33 a.m.•15 views

Advisory ROSA-SA-2025-2866

Software: bind 9.11.4 OS: rosa-server79 packageevrstring: bind-9.11.4-26.0.2.P2.res7.16 CVE-ID: CVE-2024-11187 BDU-ID: 2025-01459 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNS BIND server is related to asymmetric resource consumption. Exploitation of the vulnerability allows an attacker...

7.5CVSS6.9AI score0.15465EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•15 views

Advisory ROSA-SA-2025-2837

Software: bubblewrap 0.4.0 OS: ROSA Virtualization 2.1 packageevrstring: bubblewrap-0.4.0-2.rv3 CVE-ID: CVE-2024-42472 BDU-ID: 2024-06671 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Flatpak application and environment management tool is related to improper neutralization of special output...

10CVSS9.5AI score0.01283EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•15 views

Advisory ROSA-SA-2025-2818

Software: rsync 3.1.3 OS: ROSA Virtualization 3.0 packageevrstring: rsync-3.1.3-21.rv30 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync file transfer and synchronization utilit...

7.5CVSS7.5AI score0.04653EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•15 views

Advisory ROSA-SA-2025-2796

Software: emacs 26.1 OS: ROSA Virtualization 3.0 packageevrstring: emacs-26.1-13.rv30 CVE-ID: CVE-2024-30203 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In Emacs, a vulnerability in Gnus allows embedded MIME content to be treated as trusted. CVE-STATUS: The vulnerability has been resolved CVE-REV: T...

9.8CVSS9.8AI score0.0256EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:37 p.m.•15 views

Advisory ROSA-SA-2025-2663

Software: sysstat 12.7.2 OS: ROSA-CHROME packageevrstring: sysstat-12.7.2 CVE-ID: CVE-2023-33204 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in sysstat allows an attacker to perform multiplication with integer overflow due to an incomplete fix for vulnerability CVE-2022-39377...

7.8CVSS8.3AI score0.01096EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:38 p.m.•15 views

Advisory ROSA-SA-2025-2634

Software: OpenImageIO 2.2.20.0 OS: ROSA-CHROME packageevrstring: OpenImageIO-2.2.20.0-6 CVE-ID: CVE-2023-36183 BDU-ID: 2023-07656 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the readimg function of the OpenImageIO image processing library involves buffer copying without input validation...

7.8CVSS7.2AI score0.00425EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 10:13 a.m.•15 views

Advisory ROSA-SA-2025-2575

software: x11-server 1.20.14 OS: ROSA-CHROME packageevrstring: x11-server-1.20.14-11 CVE-ID: CVE-2024-9632 BDU-ID: 2024-09084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic...

9.8CVSS9.3AI score0.02106EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•15 views

Advisory ROSA-SA-2025-2564

Software: thunderbird 115.9.0 OS: rosa-server79 packageevrstring: thunderbird-115.9.0-1.0.1.res7 CVE-ID: CVE-2023-44488 BDU-ID: 2023-06350 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libvpx multimedia library is related to incorrect handling of exceptional states when processing certain...

7.5CVSS9AI score0.01936EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/11/26 9:16 a.m.•15 views

Advisory ROSA-SA-2024-2528

Software: libspf2 1.2.11 OS: rosa-server79 packageevrstring: libspf2-1.2.11-11.20210922git4915c308.res7 CVE-ID: CVE-2021-20314 BDU-ID: 2021-04420 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SPF protocol library libspf2 is related to an operation exceeding buffer boundaries in memory...

9.8CVSS8.5AI score0.51474EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 4:35 p.m.•15 views

Advisory ROSA-SA-2021-1815

Software: cryptsetup 2.0.3 OS: Cobalt 7.9 CVE-ID: CVE-2016-4484 CVE-Crit: MEDIUM CVE-DESC: Debian initrd script for cryptsetup package 2: 1.7.3-2 and earlier allows physically nearby attackers to gain access to the shell through multiple login attempts with an incorrect password. CVE-STATUS:...

7.2CVSS7.4AI score0.00709EPSS
Exploits5
Rosalinux
Rosalinux
•added 2026/06/01 12:35 p.m.•14 views

Advisory ROSA-SA-2026-3311

Component: avahi 0.8 OS: ROSA-CHROME Unaffected versions: = avahi-0.8-12.git35bb1b.11 Affected versions: avahi-0.8-12.git35bb1b.11 CVE-ID: CVE-2026-34933 BDU-ID: None CVE-Crit: Medium CVE-DESC.: The vulnerability in Avahi allows an unprivileged local user to cause an emergency termination of...

5.5CVSS5.8AI score0.00203EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 11:10 a.m.•14 views

Advisory ROSA-SA-2026-3303

Component: libpano13 2.9.20 OS: ROSA-CHROME Unaffected versions: = libpano13-2.9.20-4 Affected versions: libpano13-2.9.20-4 CVE-ID: CVE-2021-33293 BDU-ID: None CVE-Crit: CRITICAL CVE-DESCRIPTION: A vulnerability exists in Panorama Tools libpano13 v2.9.20, specifically in the panoParserFindOLine...

9.1CVSS5.8AI score0.02067EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 11:7 a.m.•14 views

Advisory ROSA-SA-2026-3301

Component: libconfuse 3.3 Operating System: ROSA-CHROME Unaffected versions: = libconfuse-3.3-3 Affected versions: libconfuse-3.3-3 CVE-ID: CVE-2022-40320 BDU-ID: 2022-05795 CVE-Crit: LOW CVE-DESC.: The vulnerability in the cfgtildeexpand function of the configuration file parser library libConfu...

8.8CVSS5.9AI score0.0112EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/19 2:32 p.m.•14 views

Advisory ROSA-SA-2026-3284

Software: tigervnc 1.13.1 OS: ROSA-CHROME unaffected versions = tigervnc-1.13.1-2 affected versions tigervnc-1.13.1-2 CVE-ID: CVE-2026-34352 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An invalid permissions vulnerability in the Image.cxx component of x0vncserver in TigerVNC allows other users to view...

9.8CVSS5.7AI score0.00247EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/19 2:27 p.m.•14 views

Advisory ROSA-SA-2026-3283

Software: libvncserver 0.9.13 OS: ROSA-CHROME unaffected versions = libvncserver-0.9.13-3 affected versions libvncserver-0.9.13-3 CVE-ID: CVE-2026-32853 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A read outside the heap buffer vulnerability in the UltraZip encoding handler in LibVNCServer allows a...

8.1CVSS5.7AI score0.00437EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/19 2:14 p.m.•14 views

Advisory ROSA-SA-2026-3278

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-7 affected versions curl-8.7.1-7 CVE-ID: CVE-2026-3784 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in curl involves incorrectly reusing an existing HTTP proxy connection CONNECT when making requests with different...

6.5CVSS7AI score0.00333EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/05/19 1:40 p.m.•14 views

Advisory ROSA-SA-2026-3273

software: libtiff 4.1.0 OS: ROSA-CHROME unaffected versions = libtiff-4.1.0-10 affected versions libtiff-4.1.0-10 CVE-ID: CVE-2025-61143 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing vulnerability in libtiff before version 4.7.1 via the tifopen.c component allows to cause ...

9.8CVSS5.8AI score0.00253EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•14 views

Advisory ROSA-SA-2026-3199

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 unaffected versions = rsync-3.1.3-23.rv3 affected versions rsync-3.1.3-23.rv3 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync...

9.8CVSS6.5AI score0.04653EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•14 views

Advisory ROSA-SA-2026-3202

Software: tcpdump 4.9.3 OS: ROSA Virtualization 2.1 unaffected versions = tcpdump-4.9.3-5.rv3 affected versions tcpdump-4.9.3-5.rv3 CVE-ID: CVE-2021-41043 BDU-ID: 2025-16161 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the extractslice function of the network traffic analysis software tcpdump i...

5.5CVSS7.1AI score0.0087EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:7 a.m.•14 views

Advisory ROSA-SA-2026-3135

Software: git 2.43.5 OS: ROSA Virtualization 2.1 unaffected versions = git-2.43.5-3.rv3 affected versions git-2.43.5-3.rv3 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path na...

9CVSS7.5AI score0.51883EPSS
Exploits37
Rosalinux
Rosalinux
•added 2025/06/23 8:0 a.m.•14 views

Advisory ROSA-SA-2025-2902

Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-62.rv30 CVE-ID: CVE-2024-38472 BDU-ID: 2024-05354 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache HTTP Server web server is related to insufficient validation of incoming requests. Exploitation of the...

9.1CVSS7.6AI score0.6795EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/06/09 8:53 a.m.•14 views

Advisory ROSA-SA-2025-2882

Software: libtasn1 4.13 OS: ROSA Virtualization 2.1 packageevrstring: libtasn1-4.13-5.rv3 CVE-ID: CVE-2024-12133 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in libtasn1 causes the system to slow down or crash due to inefficient processing of certain certificate data. As a result, an...

5.3CVSS6AI score0.0107EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/05/26 6:35 a.m.•14 views

Advisory ROSA-SA-2025-2874

Software: java-1.8.0-openjdk 1.8.0.442.b06 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.442.b06-1.0.3.res7 CVE-ID: CVE-2025-21587 BDU-ID: 2025-05070 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and...

7.4CVSS5.5AI score0.00784EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/05/26 6:35 a.m.•14 views

Advisory ROSA-SA-2025-2870

Software: xorg-x11-server 1.20.4 OS: rosa-server79 packageevrstring: xorg-x11-server-1.20.4-29.0.1.res7 CVE-ID: CVE-2025-26594 BDU-ID: 2025-04129 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Wayland protocol implementation for X.Org XWayland, an implementation of the X Window System X.Org...

7.8CVSS8.4AI score0.00485EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•14 views

Advisory ROSA-SA-2025-2844

Software: gtk3 3.22.30 OS: ROSA Virtualization 2.1 packageevrstring: gtk3-3.22.30-12.rv3 CVE-ID: CVE-2024-6655 BDU-ID: 2024-06447 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GTK graphical user interface creation library GIMP Toolkit is related to mismanagement of code generation...

7CVSS7AI score0.00464EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•14 views

Advisory ROSA-SA-2025-2833

Software: binutils 2.30 OS: ROSA Virtualization 2.1 packageevrstring: binutils-2.30-125.0.1.rv3 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.5AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•14 views

Advisory ROSA-SA-2025-2821

Software: perl-HTTP-Tiny 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-HTTP-Tiny-0.074-3.rv30 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authenticati...

8.1CVSS8.5AI score0.01742EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•14 views

Advisory ROSA-SA-2025-2715

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1.1k-12.0.1 CVE-ID: CVE-2022-1292 BDU-ID: 2022-03181 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSSL library's crehash script implementation is related to failure to take measures to neutralize shell...

10CVSS8.1AI score0.96275EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•14 views

Advisory ROSA-SA-2025-2712

Software: lz4 1.8.3 OS: ROSA Virtualization 3.0 packageevrstring: lz4-1.8.3-3.0.1 CVE-ID: CVE-2021-3520 BDU-ID: 2021-05259 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the memmove function of the LZ4 lossless data compression algorithm is related to an operation exceeding the allowable data buffe...

9.8CVSS7.3AI score0.0319EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/15 10:9 p.m.•14 views

Advisory ROSA-SA-2025-2689

Software: scipy 1.0.0 OS: ROSA Virtualization 3.0 packageevrstring: scipy-1.0.0-21.0.2 CVE-ID: CVE-2023-29824 BDU-ID: 2024-07432 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PyFindObjects function of the PyFindObjects library for the open source Python programming language scipy is relat...

9.8CVSS9.5AI score0.01334EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 7:43 p.m.•14 views

Advisory ROSA-SA-2025-2666

software: postgresql 15.4 WASP: ROSA-CHROME packageevrstring: postgresql-15.4 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...

8.8CVSS6.8AI score0.04322EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•14 views

Advisory ROSA-SA-2025-2561

Software: tuned 2.11.0 OS: rosa-server79 packageevrstring: tuned-2.11.0-12.0.1.res7 CVE-ID: CVE-2024-52337 BDU-ID: 2024-10906 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the instancecreate method of the tuned system device monitoring and adaptive tuning program is related to insufficient input...

5.5CVSS6.7AI score0.00298EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•14 views

Advisory ROSA-SA-2025-2559

Software: krb5 1.15.1 OS: rosa-server79 packageevrstring: krb5-1.15.1-55.0.7.res7 CVE-ID: CVE-2024-3596 BDU-ID: 2024-05180 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RADIUS authentication protocol implementation is related to bypassing the authentication procedure through capture-replay o...

9CVSS7.8AI score0.14859EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/11/26 11:45 a.m.•14 views

Advisory ROSA-SA-2024-2535

software: cacti 1.2.25 AXIS: ROSA-CHROME packageevrstring: cacti-1.2.25-2 CVE-ID: CVE-2023-46490 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A SQL injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in managers.php. CVE-STATU...

6.5CVSS7.5AI score0.01412EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/29 8:33 a.m.•14 views

Advisory ROSA-SA-2024-2512

Software: python3-setuptools 39.2.0 OS: rosa-server79 packageevrstring: python3-setuptools-39.2.0-10.0.3.res7 CVE-ID: CVE-2024-37891 BDU-ID: 2023-02445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python Packaging Authority package installation tools is related to insufficient input...

6.5CVSS9.3AI score0.01141EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/10/03 9:18 p.m.•14 views

Advisory ROSA-SA-2024-2493

Software: libndp 1.2 OS: rosa-server79 packageevrstring: libndp-1.2-10.res7 CVE-ID: CVE-2024-5564 BDU-ID: 2024-04337 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a...

8.1CVSS8.2AI score0.01165EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:21 p.m.•14 views

Advisory ROSA-SA-2021-2004

Software: zlib 1.2.7 OS: Cobalt 7.9 CVE-ID: CVE-2013-0296 CVE-Crit: HIGH CVE-DESC: race condition in pigz before 2.2.5 uses permissions derived from umask when compressing a file before setting that file's permissions to match those of the source file, which may allow local users to bypass implie...

4.4CVSS6.2AI score0.00343EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:14 p.m.•14 views

Advisory ROSA-SA-2021-1871

Software: libgsf 1.14.26 OS: Cobalt 7.9 CVE-ID: CVE-2016-9888 CVE-Crit: MEDIUM CVE-DESC: A bug in the tardirectoryforfile function gsf-infile-tar.c in the GNOME structured file library before 1.14.41 can be used to trigger null pointer dereferencing and then crash through a created TAR file...

5.5CVSS6.9AI score0.0133EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:38 p.m.•14 views

Advisory ROSA-SA-2021-1825

Software: dracut 033 OS: Cobalt 7.9 CVE-ID: CVE-2016-8637 CVE-Crit: HIGH CVE-DESC: A local information disclosure issue was discovered in dracut before 045 when generating initramfs images with read-only permissions for everyone when using 'Early cpio', such as when enabling microcode updates. A...

7.8CVSS6.3AI score0.00309EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 8:46 a.m.•13 views

Advisory ROSA-SA-2026-3299

Package: iputils 20221126 OS: ROSA-CHROME Unaffected versions: = iputils-20221126-2 Affected versions: iputils-20221126-2 CVE-ID: CVE-2025-47268 BDU-ID: 2025-11086 CVE-Crit: Medium CVE-DESC.: The vulnerability in the ICMP Echo Reply ping utility tool is related to a numerical overflow. Exploiting...

6.5CVSS5.9AI score0.01455EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 7:53 a.m.•13 views

Advisory ROSA-SA-2026-3296

CVE-ID: CVE-2020-10809 BDU-ID: 2024-07119 CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in the Decompress function in the decompress.c file. This vulnerability is related to writing beyond the memory bounds. Exploitation of this vulnerability could allow an attacker to cause a service failure...

9.8CVSS6.5AI score0.0151EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/05/19 2:34 p.m.•13 views

Advisory ROSA-SA-2026-3285

software: vim 9.2.0321 WASP: ROSA-CHROME unaffected versions = vim-9.2.0321-1 affected versions vim-9.2.0321-1 CVE-ID: CVE-2026-33412 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A command injection vulnerability in the Vim text editor allows an attacker to execute arbitrary shell commands via a...

7.3CVSS6AI score0.00834EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/19 1:32 p.m.•13 views

Advisory ROSA-SA-2026-3272

software: harfbuzz 7.0.1 OS: ROSA-CHROME unaffected versions = harfbuzz-7.0.1-3 affected versions harfbuzz-7.0.1-3 CVE-ID: CVE-2026-22693 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing vulnerability in HarfBuzz is related to a lack of validation of the hbmalloc return value...

5.3CVSS5.7AI score0.00377EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/19 1:29 p.m.•13 views

Advisory ROSA-SA-2026-3271

Software: open-vm-tools 12.5.2 OS: ROSA-CHROME unaffected versions = open-vm-tools-12.5.2-1 affected versions open-vm-tools-12.5.2-1 CVE-ID: CVE-2025-22247 BDU-ID: 2025-05681 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the VMware Tools suite of utilities is related to incorrectly identifying a...

6.1CVSS6.5AI score0.00255EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/08 12:24 p.m.•13 views

Advisory ROSA-SA-2026-3265

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-9 affected versions kernel-6.12-6.12.74-9 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the Linux kernel's xfrm subsystem ESP allows data decryption over non-packet skb...

8.8CVSS6AI score0.93235EPSS
Exploits31
Total number of security vulnerabilities1374