Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2026/05/08 10:57 a.m.•13 views

Advisory ROSA-SA-2026-3261

Software: kernel 4.18.0 OS: ROSA Virtualization 2.1 unaffected versions = kernel-4.18.0-553.123.1.el810 affected versions lock, allowing a local attacker to cause a denial of service or execute arbitrary code when frequently switching a thread simultaneously with opening/closing a related subt...

9.8CVSS7AI score0.96267EPSS
Exploits231
Rosalinux
Rosalinux
•added 2026/05/06 9:35 p.m.•13 views

Advisory ROSA-SA-2026-3259

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-2 affected versions kernel-5.10-5.10.244-2 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD...

7.8CVSS6AI score0.96267EPSS
Exploits230
Rosalinux
Rosalinux
•added 2026/03/22 8:49 p.m.•13 views

Advisory ROSA-SA-2026-3231

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-5 affected versions curl-8.7.1-5 CVE-ID: CVE-2025-14524 BDU-ID: 2026-02955 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the cURL server communication software tool is related to URL redirection to an untrusted site...

9.8CVSS6.3AI score0.00611EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/03/22 6:31 p.m.•13 views

Advisory ROSA-SA-2026-3217

software: runc 1.3.4 OS: ROSA-CHROME unaffected versions = runc-1.3.4-1 affected versions runc-1.3.4-1 CVE-ID: CVE-2024-45310 BDU-ID: 2024-06891 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Runc isolated container tool is associated with a race condition that allows link tracking. Exploitation...

8.4CVSS6.8AI score0.0067EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/03/22 6:27 p.m.•13 views

Advisory ROSA-SA-2026-3216

software: libpng 1.6.53 WASP: ROSA-CHROME unaffected versions = libpng-1.6.53-1 affected versions libpng-1.6.53-1 CVE-ID: CVE-2025-64505 BDU-ID: 2026-02923 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the pngdoquantize function of the pngrtran.c component of the PNG Libpng bitmap graphics libra...

7.1CVSS7AI score0.0036EPSS
Exploits6
Rosalinux
Rosalinux
•added 2026/03/22 6:23 p.m.•13 views

Advisory ROSA-SA-2026-3214

software: nginx 1.26.3 WASP: ROSA-CHROME unaffected versions = nginx-1.26.3-1 affected versions nginx-1.26.3-1 CVE-ID: CVE-2025-23419 BDU-ID: 2025-03281 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TLS 1.3 protocol implementation of the NGINX Plus and NGINX Open Source web servers is relate...

5.3CVSS6.5AI score0.02646EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•13 views

Advisory ROSA-SA-2026-3187

Software: jackson-databind 2.10.0 OS: ROSA Virtualization 2.1 unaffected versions = jackson-databind-2.10.0-1.0.2.rv3 affected versions jackson-databind-2.10.0-1.0.2.rv3 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...

7.5CVSS6.5AI score0.17611EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•13 views

Advisory ROSA-SA-2025-3102

Software: unbound 1.16.2 OS: ROSA Virtualization 2.1 packageevrstring: unbound-1.16.2-5.8.rv3 CVE-ID: CVE-2022-3204 BDU-ID: 2023-03846 CVE-Crit: HIGH CVE-DESC.: Unbound's DNS server vulnerability involves uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acti...

8CVSS8.5AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/11/09 1:37 p.m.•13 views

Advisory ROSA-SA-2025-3044

Software: dhcp 4.4.2 OS: ROSA Virtualization 3.1 unaffected versions = dhcp-4.4.2-19.b1.rv31 affected versions dhcp-4.4.2-19.b1.rv31 CVE-ID: CVE-2021-25217 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A software vulnerability providing the DHCP Dynamic Host Configuration Protocol service to the network is...

7.4CVSS9.2AI score0.06118EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/09 10:17 a.m.•13 views

Advisory ROSA-SA-2025-2970

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-8 affected versions tomcat-9.0.37-8 CVE-ID: CVE-2025-31651 BDU-ID: 2025-05707 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the Apache Tomcat application server is related to a flaw in the output encoding or escaping...

9.8CVSS7.8AI score0.0418EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/06/23 8:16 a.m.•13 views

Advisory ROSA-SA-2025-2903

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-9.rv3 CVE-ID: CVE-2009-1387 BDU-ID: 2015-09404 CVE-Crit: MEDIUM CVE-DESC.: Multiple vulnerabilities in the openssl package up to version 0.9.8l-r2 of the Gentoo Linux operating system, the exploitation of whic...

9.8CVSS9.4AI score0.87816EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•13 views

Advisory ROSA-SA-2025-2844

Software: gtk3 3.22.30 OS: ROSA Virtualization 2.1 packageevrstring: gtk3-3.22.30-12.rv3 CVE-ID: CVE-2024-6655 BDU-ID: 2024-06447 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GTK graphical user interface creation library GIMP Toolkit is related to mismanagement of code generation...

7CVSS7AI score0.00464EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•13 views

Advisory ROSA-SA-2025-2807

Software: less 530 OS: ROSA Virtualization 3.0 packageevrstring: less-530-3.rv30 CVE-ID: CVE-2022-48624 BDU-ID: 2024-04438 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the closealtfile filename.c function for UNIX-like Less text terminals is related to the skipping of Shellquote calls for...

7.8CVSS8.9AI score0.01059EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•13 views

Advisory ROSA-SA-2025-2802

Software: grub2 2.02 OS: ROSA Virtualization 3.0 packageevrstring: grub2-2.02-156.0.3.rv30 CVE-ID: CVE-2023-4692 BDU-ID: 2023-06822 CVE-Crit: LOW CVE-DESC.: A vulnerability in the fs/ntfs.c component of the Grub2 operating systems boot loader is related to a buffer overflow in dynamic memory...

7.8CVSS10AI score0.00536EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•13 views

Advisory ROSA-SA-2025-2806

Software: krb5 1.18.2 OS: ROSA Virtualization 3.0 packageevrstring: krb5-1.18.2-31.0.1.rv30 CVE-ID: CVE-2024-37370 BDU-ID: 2024-07016 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the Kerberos network authentication protocol is associated with a change to the public Extra Cou...

9.1CVSS7.8AI score0.14859EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/08 9:19 p.m.•13 views

Advisory ROSA-SA-2025-2763

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: rsync-3.1.3-20.rv3 CVE-ID: CVE-2022-37434 BDU-ID: 2022-05325 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory...

9.8CVSS9.4AI score0.16004EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/03/08 9:17 p.m.•13 views

Advisory ROSA-SA-2025-2762

Software: python-jinja2 2.7.2 OS: rosa-server79 packageevrstring: python-jinja2-2.7.2-4.0.1.res7 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the jinja html templating tool is related to the failure to neutralize special element...

7.8CVSS8.1AI score0.005EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•13 views

Advisory ROSA-SA-2025-2711

Software: libxslt 1.1.32 OS: ROSA Virtualization 3.0 packageevrstring: libxslt-1.1.32 CVE-ID: CVE-2019-11068 BDU-ID: 2019-04263 CVE-Crit: CRITICAL. CVE-DESC.: An XSLT C vulnerability in the libxslt library is related to access control flaws. Exploitation of the vulnerability could allow an attack...

9.8CVSS7AI score0.05089EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:49 p.m.•13 views

Advisory ROSA-SA-2025-2670

software: runc 1.1.7 OS: ROSA-CHROME packageevrstring: runc-1.1.7 CVE-ID: CVE-2024-21626 BDU-ID: 2024-00973 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Runc isolated container launch tool is related to a flaw in the controlled area delimitations of the system. Exploitation of the vulnerabili...

8.6CVSS8.9AI score0.18087EPSS
Exploits18
Rosalinux
Rosalinux
•added 2025/01/28 7:23 p.m.•13 views

Advisory ROSA-SA-2025-2651

software: libde265 1.0.14 OS: ROSA-CHROME packageevrstring: libde265-1.0.14 CVE-ID: CVE-2023-4965 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in phpipam allows a remote attacker to perform an open redirect via the Header Handler component. CVE-STATUS: The vulnerability has been resolved...

8.8CVSS7.3AI score0.00874EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/01/28 11:14 a.m.•13 views

Advisory ROSA-SA-2025-2608

software: pam 1.5.1 OS: ROSA-CHROME packageevrstring: pam-1.5.1-5 CVE-ID: CVE-2024-22365 BDU-ID: 2024-00829 CVE-Crit: LOW CVE-DESC.: A vulnerability in the protectdir pamnamespace.so function of the Linux-PAM authentication module is related to incorrect resource sweep or release. Exploitation of...

5.5CVSS7.1AI score0.00459EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 12:36 p.m.•13 views

Advisory ROSA-SA-2025-2595

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-5 CVE-ID: CVE-2024-23638 BDU-ID: 2024-00895 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker...

8.6CVSS8.4AI score0.6005EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/13 9:39 a.m.•13 views

Advisory ROSA-SA-2025-2553

Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.1.res7 CVE-ID: CVE-2017-16548 BDU-ID: 2021-01395 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the receivexattr function in xattrs.c of the Rsync file transfer and synchronization utility is related to the lack of a check f...

9.8CVSS7.5AI score0.06337EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 8:44 p.m.•13 views

Advisory ROSA-SA-2024-2483

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0-33.res7 CVE-ID: CVE-2024-31080 BDU-ID: 2024-03132 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the ProcXIGetSelectedEvents function of the X Window System Xorg-server is related to an operation exceeding buffer boundaries...

7.8CVSS7.9AI score0.01843EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:13 p.m.•13 views

Advisory ROSA-SA-2021-1868

Software: libesmtp 1.0.6 OS: Cobalt 7.9 CVE-ID: CVE-2019-19977 CVE-Crit: CRITICAL CVE-DESC: libESMTP before 1.0.6 incorrectly handles domain copying to a fixed-size buffer in ntlmbuildtype2 in ntlm / ntlmstruct.c, as demonstrated by a stack-based buffer overflow. CVE-STATUS: default CVE-REV: defa...

9.8CVSS7AI score0.03056EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 12:37 p.m.•12 views

Advisory ROSA-SA-2026-3312

Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...

9.8CVSS6AI score0.00337EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/06/01 12:30 p.m.•12 views

Advisory ROSA-SA-2026-3309

CVE-ID: CVE-2014-9636 BDU-ID: None CVE-Crit: MEDIAN CVE-DESC.: The vulnerability in unzip 6.0 allows a remote attacker to cause a service failure reading or writing beyond the buffer and crashing the process through a specially created ZIP archive with an incorrect Extra-field size. CVE-STATUS: T...

6.8CVSS6.2AI score0.11562EPSS
Exploits3
Rosalinux
Rosalinux
•added 2026/06/01 11:12 a.m.•12 views

Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

7.5CVSS5.8AI score0.00477EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/20 7:5 a.m.•12 views

Advisory ROSA-SA-2026-3287

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-13 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption a...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
•added 2026/05/10 10:56 p.m.•12 views

Advisory ROSA-SA-2026-3268

software: kernel-5.10 5.10.244 WASP: ROSA-CHROME unaffected versions = kernel-5.10-5.10.244-3 affected versions kernel-5.10-5.10.244-3 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Linux kernel xfrm subsystem ESP allows data decryption over non-packet skb...

8.8CVSS6AI score0.93235EPSS
Exploits31
Rosalinux
Rosalinux
•added 2026/03/22 9:30 p.m.•12 views

Advisory ROSA-SA-2026-3249

software: vim 9.1.2148 WASP: ROSA-CHROME unaffected versions = vim-9.1.2148-1 affected versions vim-9.1.2148-1 CVE-ID: CVE-2026-25749 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Heap overflow in Vim before version 9.1.2132 when processing the 'helpfile' option. In gettagfname src/tag.c, the value of...

6.6CVSS6AI score0.00213EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•12 views

Advisory ROSA-SA-2026-3203

Software: unbound 1.16.2 OS: ROSA Virtualization 2.1 unaffected versions = unbound-1.16.2-5.9.rv3 affected versions unbound-1.16.2-5.9.rv3 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliable...

8.7CVSS6.5AI score0.00188EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•12 views

Advisory ROSA-SA-2026-3195

Software: lz4 1.8.3 OS: ROSA Virtualization 2.1 unaffected versions = lz4-1.8.3-5.rv3 affected versions lz4-1.8.3-5.rv3 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer boundaries...

9.8CVSS7.3AI score0.09116EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3186

Software: vim 8.0.1763 OS: ROSA Virtualization 3.0 unaffected versions = vim-8.0.1763-21.0.1.1.rv30 affected versions vim-8.0.1763-21.0.0.1.rv30 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of t...

4.1CVSS6.3AI score0.00731EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3184

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 unaffected versions = tcpdump-4.9.3-5.rv30 affected versions tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2020-8037 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PPP decoder in tcpdump allows an attacker to cause a large memory allocation...

7.5CVSS7.1AI score0.03071EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3172

Software: libssh 0.9.6 OS: ROSA Virtualization 3.0 unaffected versions = libssh-0.9.6-16.rv30 affected versions libssh-0.9.6-16.rv30 CVE-ID: CVE-2025-5372 BDU-ID: 2025-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libssh library's sshkdf function is related to incorrect code generation...

8.8CVSS6.7AI score0.00407EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3177

Software: nghttp2 1.57.0 OS: ROSA Virtualization 3.0 unaffected versions = nghttp2-1.57.0-2.0.2.rv30 affected versions nghttp2-1.57.0-2.0.2.rv30 CVE-ID: CVE-2024-28182 BDU-ID: 2024-02691 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the nghttp2 library as part of the HTTP/2 protocol...

5.3CVSS6.6AI score0.8496EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•12 views

Advisory ROSA-SA-2026-3168

Software: libpng 1.6.34 OS: ROSA Virtualization 3.0 unaffected versions = libpng-1.6.34-9.0.1.1.rv30 affected versions libpng-1.6.34-9.0.1.rv30 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

7.1CVSS7.9AI score0.09393EPSS
Exploits7
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•12 views

Advisory ROSA-SA-2026-3164

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.1 unaffected versions = tcpdump-4.9.3-5.rv31 affected versions tcpdump-4.9.3-5.rv31 CVE-ID: CVE-2020-8037 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PPP decoder in tcpdump allows an attacker to cause a large memory allocation...

7.5CVSS7AI score0.03071EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•12 views

Advisory ROSA-SA-2026-3157

Software: nghttp2 1.57.0 OS: ROSA Virtualization 3.1 unaffected versions = nghttp2-1.57.0-2.0.2.rv31 affected versions nghttp2-1.57.0-2.0.2.rv31 CVE-ID: CVE-2024-28182 BDU-ID: 2024-02691 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the nghttp2 library as part of the HTTP/2 protocol implementati...

5.3CVSS6.9AI score0.8496EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•12 views

Advisory ROSA-SA-2025-3098

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 packageevrstring: opensc-0.20.0-8.rv3 CVE-ID: CVE-2023-2977 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in OpenSC causes a buffer overflow in the pkcs15 cardoshaveverifyrcpackage function, allowing an attacker to cause a processing...

7.1CVSS7.8AI score0.01174EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/11/10 6:15 a.m.•12 views

Advisory ROSA-SA-2025-3058

Software: libxslt 1.1.32 OS: ROSA Virtualization 3.1 unaffected versions = libxslt-1.1.32-6.3.rv31 affected versions libxslt-1.1.32-6.3.rv31 CVE-ID: CVE-2023-40403 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libxslt library of the iPadOS, tvOS, iOS, watchOS, macOS operating system is...

6.5CVSS7AI score0.01092EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 10:17 a.m.•12 views

Advisory ROSA-SA-2025-3000

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-24 affected versions grub2-2.06-24 CVE-ID: CVE-2024-45779 BDU-ID: 2025-03832 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the BFS file system of the Grub2 operating system boot loader is related to reads outside the allowed...

8.8CVSS7.4AI score0.00721EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/02 8:13 a.m.•12 views

Advisory ROSA-SA-2025-2955

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 unaffected versions = kernel-4.18.0-553.40.1.el810 affected versions kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2022-0847 BDU-ID: 2022-01166 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the copypagetoiterpipe and pushpipe functions of the Linux...

7.8CVSS6.8AI score0.89063EPSS
Exploits100
Rosalinux
Rosalinux
•added 2025/09/02 8:13 a.m.•12 views

Advisory ROSA-SA-2025-2954

Software: kernel 4.18.0 OS: ROSA Virtualization 2.1 unaffected versions = kernel-4.18.0-553.40.1.el810 affected versions kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2022-0847 BDU-ID: 2022-01166 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the copypagetoiterpipe and pushpipe functions of the Linux...

7.8CVSS6.8AI score0.89063EPSS
Exploits100
Rosalinux
Rosalinux
•added 2025/08/03 9:31 p.m.•12 views

Advisory ROSA-SA-2025-2920

software: freerdp 2.11.7 OS: ROSA-CHROME unaffected versions = freerdp-2.11.7-7 affected versions freerdp-2.11.7-7 CVE-ID: CVE-2024-32661 BDU-ID: 2024-03394 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FreeRDP RDP client is related to null pointer dereferencing. Exploitation of the...

7.5CVSS6.6AI score0.01224EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/05/26 6:34 a.m.•12 views

Advisory ROSA-SA-2025-2867

Software: freetype 2.8 OS: rosa-server79 packageevrstring: freetype-2.8-14.0.1.res7.1 CVE-ID: CVE-2025-27363 BDU-ID: 2025-02719 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FreeType font rasterization library is related to reading beyond buffer boundaries in memory. Exploitation of the...

8.1CVSS8.5AI score0.26049EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/05/26 6:22 a.m.•12 views

Advisory ROSA-SA-2025-2864

software: freetype 2.10.4 OS: ROSA-CHROME packageevrstring: freetype-2.10.4-7 CVE-ID: CVE-2025-27363 BDU-ID: 2025-02719 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FreeType font rasterization library involves reading outside buffer boundaries in memory. Exploitation of the vulnerability coul...

8.1CVSS8.5AI score0.26049EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•12 views

Advisory ROSA-SA-2025-2826

Software: python-requests 2.25.8 OS: ROSA Virtualization 3.0 packageevrstring: python-requests-2.25.8-1.rv30 CVE-ID: CVE-2023-32681 BDU-ID: 2023-03874 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient...

6.1CVSS7.2AI score0.02974EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•12 views

Advisory ROSA-SA-2025-2820

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 packageevrstring: tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2021-41043 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The Use after free vulnerability in tcpslice causes AddressSanitizer, with no other confirmed impact. CVE-STATUS: The vulnerability has been...

5.5CVSS7.3AI score0.0087EPSS
Exploits1
Total number of security vulnerabilities1374