Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2026/05/19 1:29 p.m.•13 views

Advisory ROSA-SA-2026-3271

Software: open-vm-tools 12.5.2 OS: ROSA-CHROME unaffected versions = open-vm-tools-12.5.2-1 affected versions open-vm-tools-12.5.2-1 CVE-ID: CVE-2025-22247 BDU-ID: 2025-05681 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the VMware Tools suite of utilities is related to incorrectly identifying a...

6.1CVSS6.5AI score0.00255EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/08 12:24 p.m.•13 views

Advisory ROSA-SA-2026-3265

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-9 affected versions kernel-6.12-6.12.74-9 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the Linux kernel's xfrm subsystem ESP allows data decryption over non-packet skb...

8.8CVSS6AI score0.93235EPSS
Exploits31
Rosalinux
Rosalinux
•added 2026/05/08 10:58 a.m.•13 views

Advisory ROSA-SA-2026-3262

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 unaffected versions = kernel-4.18.0-553.123.1.el810 affected versions lock, allowing a local attacker to cause a denial of service or execute arbitrary code when frequently switching a thread simultaneously with opening/closing a related...

9.8CVSS7AI score0.96267EPSS
Exploits231
Rosalinux
Rosalinux
•added 2026/05/08 10:57 a.m.•13 views

Advisory ROSA-SA-2026-3261

Software: kernel 4.18.0 OS: ROSA Virtualization 2.1 unaffected versions = kernel-4.18.0-553.123.1.el810 affected versions lock, allowing a local attacker to cause a denial of service or execute arbitrary code when frequently switching a thread simultaneously with opening/closing a related subt...

9.8CVSS7AI score0.96267EPSS
Exploits231
Rosalinux
Rosalinux
•added 2026/05/06 9:35 p.m.•13 views

Advisory ROSA-SA-2026-3259

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-2 affected versions kernel-5.10-5.10.244-2 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD...

7.8CVSS6AI score0.96267EPSS
Exploits230
Rosalinux
Rosalinux
•added 2026/03/22 8:49 p.m.•13 views

Advisory ROSA-SA-2026-3231

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-5 affected versions curl-8.7.1-5 CVE-ID: CVE-2025-14524 BDU-ID: 2026-02955 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the cURL server communication software tool is related to URL redirection to an untrusted site...

9.8CVSS6.3AI score0.00611EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/03/22 6:31 p.m.•13 views

Advisory ROSA-SA-2026-3217

software: runc 1.3.4 OS: ROSA-CHROME unaffected versions = runc-1.3.4-1 affected versions runc-1.3.4-1 CVE-ID: CVE-2024-45310 BDU-ID: 2024-06891 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Runc isolated container tool is associated with a race condition that allows link tracking. Exploitation...

8.4CVSS6.8AI score0.0067EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/03/22 6:27 p.m.•13 views

Advisory ROSA-SA-2026-3216

software: libpng 1.6.53 WASP: ROSA-CHROME unaffected versions = libpng-1.6.53-1 affected versions libpng-1.6.53-1 CVE-ID: CVE-2025-64505 BDU-ID: 2026-02923 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the pngdoquantize function of the pngrtran.c component of the PNG Libpng bitmap graphics libra...

7.1CVSS7AI score0.0036EPSS
Exploits6
Rosalinux
Rosalinux
•added 2026/03/22 6:23 p.m.•13 views

Advisory ROSA-SA-2026-3214

software: nginx 1.26.3 WASP: ROSA-CHROME unaffected versions = nginx-1.26.3-1 affected versions nginx-1.26.3-1 CVE-ID: CVE-2025-23419 BDU-ID: 2025-03281 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TLS 1.3 protocol implementation of the NGINX Plus and NGINX Open Source web servers is relate...

5.3CVSS6.5AI score0.02646EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•13 views

Advisory ROSA-SA-2026-3203

Software: unbound 1.16.2 OS: ROSA Virtualization 2.1 unaffected versions = unbound-1.16.2-5.9.rv3 affected versions unbound-1.16.2-5.9.rv3 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliable...

8.7CVSS6.5AI score0.00188EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•13 views

Advisory ROSA-SA-2026-3187

Software: jackson-databind 2.10.0 OS: ROSA Virtualization 2.1 unaffected versions = jackson-databind-2.10.0-1.0.2.rv3 affected versions jackson-databind-2.10.0-1.0.2.rv3 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...

7.5CVSS6.5AI score0.17611EPSS
Exploits5
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•13 views

Advisory ROSA-SA-2026-3177

Software: nghttp2 1.57.0 OS: ROSA Virtualization 3.0 unaffected versions = nghttp2-1.57.0-2.0.2.rv30 affected versions nghttp2-1.57.0-2.0.2.rv30 CVE-ID: CVE-2024-28182 BDU-ID: 2024-02691 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the nghttp2 library as part of the HTTP/2 protocol...

5.3CVSS6.6AI score0.8496EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/11/10 6:15 a.m.•13 views

Advisory ROSA-SA-2025-3058

Software: libxslt 1.1.32 OS: ROSA Virtualization 3.1 unaffected versions = libxslt-1.1.32-6.3.rv31 affected versions libxslt-1.1.32-6.3.rv31 CVE-ID: CVE-2023-40403 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libxslt library of the iPadOS, tvOS, iOS, watchOS, macOS operating system is...

6.5CVSS7AI score0.01092EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/11/09 1:37 p.m.•13 views

Advisory ROSA-SA-2025-3044

Software: dhcp 4.4.2 OS: ROSA Virtualization 3.1 unaffected versions = dhcp-4.4.2-19.b1.rv31 affected versions dhcp-4.4.2-19.b1.rv31 CVE-ID: CVE-2021-25217 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A software vulnerability providing the DHCP Dynamic Host Configuration Protocol service to the network is...

7.4CVSS9.2AI score0.06118EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/09 10:17 a.m.•13 views

Advisory ROSA-SA-2025-2970

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-8 affected versions tomcat-9.0.37-8 CVE-ID: CVE-2025-31651 BDU-ID: 2025-05707 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the Apache Tomcat application server is related to a flaw in the output encoding or escaping...

9.8CVSS7.8AI score0.0418EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/06/23 8:16 a.m.•13 views

Advisory ROSA-SA-2025-2903

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-9.rv3 CVE-ID: CVE-2009-1387 BDU-ID: 2015-09404 CVE-Crit: MEDIUM CVE-DESC.: Multiple vulnerabilities in the openssl package up to version 0.9.8l-r2 of the Gentoo Linux operating system, the exploitation of whic...

9.8CVSS9.4AI score0.87816EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•13 views

Advisory ROSA-SA-2025-2807

Software: less 530 OS: ROSA Virtualization 3.0 packageevrstring: less-530-3.rv30 CVE-ID: CVE-2022-48624 BDU-ID: 2024-04438 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the closealtfile filename.c function for UNIX-like Less text terminals is related to the skipping of Shellquote calls for...

7.8CVSS8.9AI score0.01059EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•13 views

Advisory ROSA-SA-2025-2802

Software: grub2 2.02 OS: ROSA Virtualization 3.0 packageevrstring: grub2-2.02-156.0.3.rv30 CVE-ID: CVE-2023-4692 BDU-ID: 2023-06822 CVE-Crit: LOW CVE-DESC.: A vulnerability in the fs/ntfs.c component of the Grub2 operating systems boot loader is related to a buffer overflow in dynamic memory...

7.8CVSS10AI score0.00536EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•13 views

Advisory ROSA-SA-2025-2806

Software: krb5 1.18.2 OS: ROSA Virtualization 3.0 packageevrstring: krb5-1.18.2-31.0.1.rv30 CVE-ID: CVE-2024-37370 BDU-ID: 2024-07016 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the Kerberos network authentication protocol is associated with a change to the public Extra Cou...

9.1CVSS7.8AI score0.14859EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/08 9:19 p.m.•13 views

Advisory ROSA-SA-2025-2763

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: rsync-3.1.3-20.rv3 CVE-ID: CVE-2022-37434 BDU-ID: 2022-05325 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory...

9.8CVSS9.4AI score0.16004EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/03/08 9:17 p.m.•13 views

Advisory ROSA-SA-2025-2762

Software: python-jinja2 2.7.2 OS: rosa-server79 packageevrstring: python-jinja2-2.7.2-4.0.1.res7 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the jinja html templating tool is related to the failure to neutralize special element...

7.8CVSS8.1AI score0.0051EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•13 views

Advisory ROSA-SA-2025-2711

Software: libxslt 1.1.32 OS: ROSA Virtualization 3.0 packageevrstring: libxslt-1.1.32 CVE-ID: CVE-2019-11068 BDU-ID: 2019-04263 CVE-Crit: CRITICAL. CVE-DESC.: An XSLT C vulnerability in the libxslt library is related to access control flaws. Exploitation of the vulnerability could allow an attack...

9.8CVSS7AI score0.05089EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:49 p.m.•13 views

Advisory ROSA-SA-2025-2670

software: runc 1.1.7 OS: ROSA-CHROME packageevrstring: runc-1.1.7 CVE-ID: CVE-2024-21626 BDU-ID: 2024-00973 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Runc isolated container launch tool is related to a flaw in the controlled area delimitations of the system. Exploitation of the vulnerabili...

8.6CVSS8.9AI score0.18087EPSS
Exploits18
Rosalinux
Rosalinux
•added 2025/01/28 7:23 p.m.•13 views

Advisory ROSA-SA-2025-2651

software: libde265 1.0.14 OS: ROSA-CHROME packageevrstring: libde265-1.0.14 CVE-ID: CVE-2023-4965 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in phpipam allows a remote attacker to perform an open redirect via the Header Handler component. CVE-STATUS: The vulnerability has been resolved...

8.8CVSS7.3AI score0.00874EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/01/28 11:14 a.m.•13 views

Advisory ROSA-SA-2025-2608

software: pam 1.5.1 OS: ROSA-CHROME packageevrstring: pam-1.5.1-5 CVE-ID: CVE-2024-22365 BDU-ID: 2024-00829 CVE-Crit: LOW CVE-DESC.: A vulnerability in the protectdir pamnamespace.so function of the Linux-PAM authentication module is related to incorrect resource sweep or release. Exploitation of...

5.5CVSS7.1AI score0.00459EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 12:36 p.m.•13 views

Advisory ROSA-SA-2025-2595

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-5 CVE-ID: CVE-2024-23638 BDU-ID: 2024-00895 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker...

8.6CVSS8.4AI score0.6005EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/13 9:39 a.m.•13 views

Advisory ROSA-SA-2025-2553

Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.1.res7 CVE-ID: CVE-2017-16548 BDU-ID: 2021-01395 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the receivexattr function in xattrs.c of the Rsync file transfer and synchronization utility is related to the lack of a check f...

9.8CVSS7.5AI score0.06337EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 9:8 a.m.•13 views

Advisory ROSA-SA-2024-2527

Software: clamav 0.103.11 OS: rosa-server79 packageevrstring: clamav-0.103.11-1.res7 CVE-ID: CVE-2023-20197 BDU-ID: 2023-04766 CVE-Crit: HIGH CVE-DESC.: A vulnerability in ClamAV's file system image parser for Hierarchical File System Plus HFS+ is related to incorrect resource scrubbing or freein...

7.5CVSS6.8AI score0.00883EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 8:44 p.m.•13 views

Advisory ROSA-SA-2024-2483

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0-33.res7 CVE-ID: CVE-2024-31080 BDU-ID: 2024-03132 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the ProcXIGetSelectedEvents function of the X Window System Xorg-server is related to an operation exceeding buffer boundaries...

7.8CVSS7.9AI score0.01843EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:13 p.m.•13 views

Advisory ROSA-SA-2021-1868

Software: libesmtp 1.0.6 OS: Cobalt 7.9 CVE-ID: CVE-2019-19977 CVE-Crit: CRITICAL CVE-DESC: libESMTP before 1.0.6 incorrectly handles domain copying to a fixed-size buffer in ntlmbuildtype2 in ntlm / ntlmstruct.c, as demonstrated by a stack-based buffer overflow. CVE-STATUS: default CVE-REV: defa...

9.8CVSS7AI score0.03056EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 12:37 p.m.•12 views

Advisory ROSA-SA-2026-3312

Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...

9.8CVSS6AI score0.00337EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 12:30 p.m.•12 views

Advisory ROSA-SA-2026-3309

CVE-ID: CVE-2014-9636 BDU-ID: None CVE-Crit: MEDIAN CVE-DESC.: The vulnerability in unzip 6.0 allows a remote attacker to cause a service failure reading or writing beyond the buffer and crashing the process through a specially created ZIP archive with an incorrect Extra-field size. CVE-STATUS: T...

6.8CVSS6.2AI score0.11779EPSS
Exploits3
Rosalinux
Rosalinux
•added 2026/06/01 11:12 a.m.•12 views

Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

7.5CVSS5.8AI score0.00477EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/20 7:5 a.m.•12 views

Advisory ROSA-SA-2026-3287

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-13 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption a...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
•added 2026/05/10 10:56 p.m.•12 views

Advisory ROSA-SA-2026-3268

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-3 affected versions kernel-5.10-5.10.244-3 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Linux kernel xfrm subsystem ESP allows data decryption over non-packet skb...

8.8CVSS6AI score0.93235EPSS
Exploits31
Rosalinux
Rosalinux
•added 2026/03/22 9:33 p.m.•12 views

Advisory ROSA-SA-2026-3251

software: glibc 2.33 AXIS: ROSA-CHROME unaffected versions = glibc-2.33-11.git5f08d1.5 affected versions glibc-2.33-11.git5f08d1.5 CVE-ID: CVE-2026-0915 BDU-ID: 2026-02104 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getnetbyaddr and getnetbyaddrr functions of the GNU C Library system library...

8.4CVSS5.9AI score0.00564EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 9:30 p.m.•12 views

Advisory ROSA-SA-2026-3249

software: vim 9.1.2148 WASP: ROSA-CHROME unaffected versions = vim-9.1.2148-1 affected versions vim-9.1.2148-1 CVE-ID: CVE-2026-25749 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Heap overflow in Vim before version 9.1.2132 when processing the 'helpfile' option. In gettagfname src/tag.c, the value of...

6.6CVSS6AI score0.00213EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 6:39 p.m.•12 views

Advisory ROSA-SA-2026-3224

software: tpm2-tools 5.5.1 OS: ROSA-CHROME unaffected versions = tpm2-tools-5.5.1-1 affected versions tpm2-tools-5.5.1-1 CVE-ID: CVE-2024-29039 BDU-ID: 2025-16174 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the tpm2 checkquote component of the Trusted Platform Module tpm2-tools repository fo...

9CVSS6.4AI score0.00984EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•12 views

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02805EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•12 views

Advisory ROSA-SA-2026-3195

Software: lz4 1.8.3 OS: ROSA Virtualization 2.1 unaffected versions = lz4-1.8.3-5.rv3 affected versions lz4-1.8.3-5.rv3 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer boundaries...

9.8CVSS7.3AI score0.09116EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3186

Software: vim 8.0.1763 OS: ROSA Virtualization 3.0 unaffected versions = vim-8.0.1763-21.0.1.1.rv30 affected versions vim-8.0.1763-21.0.0.1.rv30 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of t...

4.1CVSS6.3AI score0.00731EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3184

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 unaffected versions = tcpdump-4.9.3-5.rv30 affected versions tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2020-8037 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PPP decoder in tcpdump allows an attacker to cause a large memory allocation...

7.5CVSS7.1AI score0.03071EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3172

Software: libssh 0.9.6 OS: ROSA Virtualization 3.0 unaffected versions = libssh-0.9.6-16.rv30 affected versions libssh-0.9.6-16.rv30 CVE-ID: CVE-2025-5372 BDU-ID: 2025-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libssh library's sshkdf function is related to incorrect code generation...

8.8CVSS6.7AI score0.00407EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3168

Software: libpng 1.6.34 OS: ROSA Virtualization 3.0 unaffected versions = libpng-1.6.34-9.0.1.1.rv30 affected versions libpng-1.6.34-9.0.1.rv30 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

7.1CVSS7.9AI score0.09393EPSS
Exploits7
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•12 views

Advisory ROSA-SA-2026-3157

Software: nghttp2 1.57.0 OS: ROSA Virtualization 3.1 unaffected versions = nghttp2-1.57.0-2.0.2.rv31 affected versions nghttp2-1.57.0-2.0.2.rv31 CVE-ID: CVE-2024-28182 BDU-ID: 2024-02691 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the nghttp2 library as part of the HTTP/2 protocol implementati...

5.3CVSS6.9AI score0.8496EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•12 views

Advisory ROSA-SA-2026-3164

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.1 unaffected versions = tcpdump-4.9.3-5.rv31 affected versions tcpdump-4.9.3-5.rv31 CVE-ID: CVE-2020-8037 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PPP decoder in tcpdump allows an attacker to cause a large memory allocation...

7.5CVSS7AI score0.03071EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/01/26 8:27 a.m.•12 views

Advisory ROSA-SA-2026-3113

software: squid 5.9 WASP: ROSA-CHROME unaffected versions = squid-5.9-3 affected versions squid-5.9-3 CVE-ID: CVE-2023-49285 BDU-ID: 2023-08581 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to an operation exceeding buffer boundaries in memory. Exploitation of the...

8.6CVSS6AI score0.88818EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•12 views

Advisory ROSA-SA-2025-3098

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 packageevrstring: opensc-0.20.0-8.rv3 CVE-ID: CVE-2023-2977 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in OpenSC causes a buffer overflow in the pkcs15 cardoshaveverifyrcpackage function, allowing an attacker to cause a processing...

7.1CVSS7.8AI score0.01174EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/11/10 6:21 a.m.•12 views

Advisory ROSA-SA-2025-3071

Software: libarchive 3.3.3 OS: ROSA Virtualization 3.0 unaffected versions = libarchive-3.3.3.3-6.0.1.rv30 affected versions libarchive-3.3.3.3-6.0.1.rv30 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

7.8CVSS7.2AI score0.04056EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/11/10 6:14 a.m.•12 views

Advisory ROSA-SA-2025-3053

Software: libarchive 3.3.3 OS: ROSA Virtualization 3.1 unaffected versions = libarchive-3.3.3.3-6.0.1.rv31 affected versions libarchive-3.3.3.3-6.0.1.rv31 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

7.8CVSS7.2AI score0.04056EPSS
Exploits2
Total number of security vulnerabilities1374