Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2024/02/20 9:18 a.m.•63 views

Advisory ROSA-SA-2024-2349

Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87.res7.11 CVE-ID: CVE-2022-28734 BDU-ID: 2024-01201 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Grub loader is related to out-of-bounds writes when processing delimited HTTP headers. Exploitation of the vulnerability...

8.1CVSS6.7AI score0.01131EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/02/20 8:52 a.m.•63 views

Advisory ROSA-SA-2024-2348

Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87.0.1.res7.11 CVE-ID: CVE-2022-2601 BDU-ID: 2022-06819 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the grubfontconstructglyph function of the Grub2 operating systems boot loader is related to an operation exceeding buffer...

8.6CVSS7.7AI score0.00872EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/06/27 10:45 a.m.•62 views

Advisory ROSA-SA-2024-2436

software: cfengine 3.21.3 OS: ROSA-CHROME packageevrstring: cfengine-3.21.3-1 CVE-ID: CVE-2021-36756 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is no SSL certificate validation in CFEngine Enterprise. CVE-STATUS: Fixed CVE-REV: To close, execute command: sudo dnf update cfengine CVE-ID:...

6.5CVSS6.4AI score0.00546EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/02/06 8:15 a.m.•62 views

Advisory ROSA-SA-2024-2338

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-28.rv3.src.rpm CVE-ID: CVE-2022-0561 BDU-ID: 2022-05790 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TIFFFetchStripThing function of the tifdirread.c component of the LibTIFF library is related to pointer...

8.8CVSS8AI score0.01542EPSS
Exploits5
Rosalinux
Rosalinux
•added 2023/10/24 1:59 p.m.•62 views

Advisory ROSA-SA-2023-2279

Software: bind 9.11.4 OS: rosa-server79 packageevrstring: bind-9.11.4-26.P2.res7.15.x8664.rpm CVE-ID: CVE-2023-2828 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Each named instance configured to act as a recursive resolver maintains a cache database containing responses to queries it has recently sent ...

7.5CVSS7.7AI score0.03776EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:9 p.m.•62 views

Advisory ROSA-SA-2021-1975

Software: sqlite 3.7.17 OS: Cobalt 7.9 CVE-ID: CVE-2015-3717 CVE-Crit: HIGH CVE-DESC: Multiple buffer overflows in SQLite's printf function, used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service application crash via...

9.8CVSS9.3AI score0.45426EPSS
Exploits6
Rosalinux
Rosalinux
•added 2023/10/22 6:16 a.m.•61 views

Advisory ROSA-SA-2023-2272

software: quartz 2.2.1 OS: ROSA-CHROME packageevrstring: quartz-2.2.1-11.src.rpm CVE-ID: CVE-2019-13990 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler before version 2.3.0 allows XXE attacks via job description...

9.8CVSS6.8AI score0.162EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/09/05 12:16 p.m.•61 views

Advisory ROSA-SA-2023-2230

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: rsync-3.1.3.src.rpm CVE-ID: CVE-2018-25032 BDU-ID: 2022-01641 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could...

7.5CVSS7.1AI score0.51733EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/09/05 9:40 a.m.•61 views

Advisory ROSA-SA-2023-2229

Software: openssh 7.4p1 OS: rosa-server79 packageevrstring: openssh-7.4p1-23.res7 CVE-ID: CVE-2023-38408 BDU-ID: 2023-03950 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PKCS11 function of the PKCS11 component of the ssh-agent component of the OpenSSH cryptographic security tool is related to...

9.8CVSS7.5AI score0.76768EPSS
Exploits10
Rosalinux
Rosalinux
•added 2022/01/27 1:18 p.m.•61 views

Advisory ROSA-SA-2022-2012

Software: polkit 0.112 OS: rosa-server79 packageevrstring: polkit-0.112-26 CVE-ID: CVE-2021-4034 BDU-ID: 2022-00488 CVE-Crit: HIGH CVE-DESC: There is an issue in pkexec that causes it to not check the number of arguments, assuming that it will always be at least 1 and that the second value is equ...

7.8CVSS8.2AI score0.94921EPSS
Exploits152
Rosalinux
Rosalinux
•added 2021/07/02 5:59 p.m.•61 views

Advisory ROSA-SA-2021-1955

Software: postgresql 9.2.24 OS: Cobalt 7.9 CVE-ID: CVE-2016-7048 CVE-Crit: HIGH CVE-DESC: The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 may allow remote attackers to execute arbitrary code using HTTP to download software. CVE-STATUS: Default...

9.3CVSS7.9AI score0.4644EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/30 8:49 a.m.•60 views

Advisory ROSA-SA-2025-2859

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-65.0.1.rv3.3 CVE-ID: CVE-2016-0736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Apache HTTP Server due to insufficient data encryption in modsessioncrypto, making the server susceptible to padding oracl...

9.8CVSS10AI score0.94999EPSS
Exploits20
Rosalinux
Rosalinux
•added 2024/07/01 2:4 p.m.•60 views

Advisory ROSA-SA-2024-2439

Software: openldap 2.4.46 OS: ROSA Virtualization 2.1 packageevrstring: openldap-2.4.46 CVE-ID: CVE-2020-25709 BDU-ID: 2022-00231 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the slapd server implementation of the OpenLDAP LDAP protocol is related to a flaw in the use of the assert function...

9.8CVSS7.5AI score0.69899EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/12/19 8:46 a.m.•60 views

Advisory ROSA-SA-2023-2310

software: hivex 1.3.23 OS: ROSA-CHROME packageevrstring: hivex-1.3.23-4.src.rpm CVE-ID: CVE-2021-3622 BDU-ID: 2021-04419 CVE-Crit: LOW CVE-DESC.: A vulnerability in the getchildren function of the getchildren library for retrieving the contents of Windows hivex registry branches is related to the...

4.3CVSS6.8AI score0.04794EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/11/21 12:45 p.m.•60 views

Advisory ROSA-SA-2023-2296

software: redis 7.0.12 OS: ROSA-CHROME packageevrstring: redis-7.0.12-1.src.rpm CVE-ID: CVE-2022-24834 BDU-ID: 2023-07213 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cjson and cmsgpack libraries of the Redis database management system DBMS is related to a buffer overflow in dynamic memory...

9.8CVSS8.5AI score0.80919EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•59 views

Advisory ROSA-SA-2025-2804

Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-65.rv30.3 CVE-ID: CVE-2023-31122 BDU-ID: 2023-07124 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modmacro module of the Apache HTTP Server web server involves reading beyond memory boundaries. Exploitation of th...

9.8CVSS8.2AI score0.99957EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/06/20 10:39 a.m.•59 views

Advisory ROSA-SA-2023-2171

Software: sqlite 3.26.0 OS: ROSA Virtualization 2.1 packageevrstring: sqlite-3.26.0-17.rv3 CVE-ID: CVE-2020-35525 BDU-ID: None CVE-Crit: HIGH CVE-DESC: In SQlite 3.31.1, a potential null pointer dereference was detected while processing an INTERSEC request. CVE-STATUS: Fixed CVE-REV: Execute the...

9.8CVSS7.2AI score0.17981EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/04/18 12:13 p.m.•59 views

Advisory ROSA-SA-2023-2156

Software: zlib 1.2.11 OS: ROSA Virtualization 2.1 packageevrstring: 1.2.11 CVE-ID: CVE-2018-25032 BDU-ID: 2022-01641 CVE-Crit: HIGH CVE-DESC: A vulnerability in the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an...

9.8CVSS9AI score0.51733EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/03/05 8:27 a.m.•58 views

Advisory ROSA-SA-2024-2364

Software: ncurses 6.1 OS: ROSA Virtualization 2.1 packageevrstring: ncurses-6.1-9.20180224.rv3 CVE-ID: CVE-2019-17594 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is a heap-based buffer enumeration in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses. CVE-STATUS:...

5.8CVSS7AI score0.02034EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/02/06 8:17 a.m.•58 views

Advisory ROSA-SA-2024-2339

Software: libtirpc 1.1.4 OS: ROSA Virtualization 2.1 packageevrstring: libtirpc-1.1.4-8.rv3.src.rpm CVE-ID: CVE-2021-46828 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: In libtirpc, remote attackers could exhaust the file descriptors of a process using libtirpc because idle TCP connections are not handl...

7.5CVSS7.5AI score0.02088EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/01/30 8:6 a.m.•58 views

Advisory ROSA-SA-2024-2331

Software: glibc 2.17 OS: rosa-server79 packageevrstring: glibc-2.17-326.res7.7 CVE-ID: CVE-2023-4911 BDU-ID: 2023-06269 CVE-Crit: N/A CVE-DESC.: A vulnerability in the dynamic loader ld.so of the glibc library is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability...

7.8CVSS8.2AI score0.81422EPSS
Exploits27
Rosalinux
Rosalinux
•added 2021/07/02 4:56 p.m.•58 views

Advisory ROSA-SA-2021-1844

Software: glibc 2.17 OS: Cobalt 7.9 CVE-ID: CVE-2014-4043 CVE-Crit: MEDIUM CVE-DESC: The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument according to the POSIX specification, allowing context-dependent attackers to launch exploitation vulnerabilities aft...

9.8CVSS10AI score0.05966EPSS
Exploits8
Rosalinux
Rosalinux
•added 2025/04/30 8:52 a.m.•57 views

Advisory ROSA-SA-2025-2860

Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-65.rv30.3 CVE-ID: CVE-2016-0736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Apache HTTP Server due to insufficient data encryption in modsessioncrypto, making the server susceptible to padding oracle...

9.8CVSS10AI score0.94999EPSS
Exploits20
Rosalinux
Rosalinux
•added 2023/03/21 12:31 p.m.•57 views

Advisory ROSA-SA-2023-2133

Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.18.0.10-1 CVE-ID: CVE-2021-2161 BDU-ID: 2021-02490 CVE-Crit: MEDIUM CVE-DESC: A vulnerability in the Libraries component of the Java SE, Java SE Embedded, and Oracle GraalVM Enterprise Edition softwa...

7.5CVSS6.9AI score0.04238EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 4:34 p.m.•57 views

Advisory ROSA-SA-2021-1811

Software: c-ares 1.10.0 OS: Cobalt 7.9 CVE-ID: CVE-2016-5180 CVE-Crit: CRITICAL CVE-DESC: Heap-based buffer overflow in the arescreatequery function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service out-of-range entry or possibly execute arbitrary code via a hostnam...

9.8CVSS8.8AI score0.54164EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/01/09 9:43 a.m.•56 views

Advisory ROSA-SA-2024-2320

software: cups 2.3.3op2 OS: ROSA-CHROME packageevrstring: cups-2.3.3.3op2-6.src.rpm CVE-ID: CVE-2023-4504 BDU-ID: 2023-06408 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the scanps function of the CUPS print server libppd library is related to an operation exceeding buffer boundaries in memory wh...

7CVSS8.1AI score0.00663EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/11/14 1:25 p.m.•56 views

Advisory ROSA-SA-2023-2292

Software: git 2.39.3 OS: ROSA Virtualization 2.1 packageevrstring: git-2.39.3-1.rv3 CVE-ID: CVE-2022-39253 BDU-ID: 2023-06647 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Git for Windows distributed version control system is related to a lack of service data protection. Exploitation of the...

8.8CVSS8.6AI score0.52164EPSS
Exploits6
Rosalinux
Rosalinux
•added 2023/10/21 3:6 p.m.•56 views

Advisory ROSA-SA-2023-2252

software: mariadb 10.5.20 OS: ROSA-CHROME packageevrstring: mariadb-10.5.20-1.src.rpm CVE-ID: CVE-2018-3284 BDU-ID: 2019-00759 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to resource release errors. Exploitation of...

9CVSS7.3AI score0.70561EPSS
Exploits23
Rosalinux
Rosalinux
•added 2023/08/01 1:20 p.m.•56 views

Advisory ROSA-SA-2023-2207

software: kernel-5.10 5.10.184 WASP: ROSA-CHROME packageevrstring: kernel-5.10-generic-5.10.184-1.src.rpm CVE-ID: CVE-2023-34255 BDU-ID: 2023-02994 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xfsbtreelookupgetblock function of the Linux operating systems kernel is related to memory usage aft...

7.8CVSS6.7AI score0.00491EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/06/27 7:49 a.m.•56 views

Advisory ROSA-SA-2023-2174

software: redis 7.0.11 OS: ROSA-CHROME packageevrstring: redis-7.0.11-1.src.rpm CVE-ID: CVE-2022-35977 BDU-ID: 2023-00695 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Redis database management system DBMS is related to integer overflow during object processing. Exploitation of the...

6.5CVSS7.3AI score0.69355EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:38 p.m.•56 views

Advisory ROSA-SA-2021-1939

Software: openssl 1.0.2k OS: Cobalt 7.9 CVE-ID: CVE-2011-4108 CVE-Crit: CRITICAL CVE-DESC: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs MAC checks only if a certain fill-in is allowed, making it easy for remote attackers to recover plaintext using a fill-in orac...

9.8CVSS7.4AI score0.16645EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:39 p.m.•56 views

Advisory ROSA-SA-2021-1832

Software: exempi 2.2.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-18235 CVE-Crit: MEDIUM CVE-DESC: An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles / source / FormatSupport / WEBPSupport.cpp does not guarantee non-zero width and height values, allowing remote attackers to cause...

5.5CVSS7.5AI score0.01367EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/06/23 7:13 a.m.•55 views

Advisory ROSA-SA-2025-2895

Software: nginx 1.20.1 OS: rosa-server79 packageevrstring: nginx-1.20.1-22.res7.2 CVE-ID: CVE-2021-3618 BDU-ID: 2022-00351 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the vsftpd FTP server is related to a lack of protection for transmitted data. Exploitation of the vulnerability could allow an...

7.8CVSS7.9AI score0.99999EPSS
Exploits19
Rosalinux
Rosalinux
•added 2025/04/30 7:45 a.m.•55 views

Advisory ROSA-SA-2025-2852

Software: modhttp2 1.15.7 OS: ROSA Virtualization 2.1 packageevrstring: modhttp2-1.15.7-10.rv3.3 CVE-ID: CVE-2023-25690 BDU-ID: 2023-01738 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the modproxy module of the Apache HTTP Server web server is related to flaws in the handling of the...

9.8CVSS8.5AI score0.99999EPSS
Exploits27
Rosalinux
Rosalinux
•added 2024/07/01 2:8 p.m.•55 views

Advisory ROSA-SA-2024-2440

Software: openssh 8.0p1 OS: ROSA Virtualization 2.1 packageevrstring: openssh-8.0p1 CVE-ID: CVE-2019-16905 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: OpenSSH, when compiled with an experimental key type, has an integer overflow before authentication if the client or server is configured to use a...

7.8CVSS7.6AI score0.0217EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/05/02 9:4 a.m.•55 views

Advisory ROSA-SA-2024-2411

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-22.rv3.src.rpm CVE-ID: CVE-2021-22897 BDU-ID: 2022-00375 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Transport Layer Security TLS protocol implementation of the libcurl library is due to security flaws in the...

9.8CVSS7.6AI score0.0982EPSS
Exploits6
Rosalinux
Rosalinux
•added 2022/01/31 2:3 p.m.•55 views

Advisory ROSA-SA-2022-2013

Software: polkit 0.112 OS: rosa-server79 packageevrstring: polkit-0.112-26 CVE-ID: CVE-2021-4034 BDU-ID: 2022-00488 CVE-Crit: HIGH CVE-DESC: There is an issue in pkexec that causes it to not check the number of arguments, assuming that it will always be at least 1 and that the second value is equ...

7.8CVSS8.5AI score0.94921EPSS
Exploits152
Rosalinux
Rosalinux
•added 2021/07/02 6:7 p.m.•55 views

Advisory ROSA-SA-2021-1968

Software: screen 4.1.0 OS: Cobalt 7.9 CVE-ID: CVE-2017-5618 CVE-Crit: HIGH CVE-DESC: GNU screen before 4.5.1 allows local users to modify arbitrary files and therefore gain superuser privileges by improperly checking log file permissions. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2020-9366...

9.8CVSS9.3AI score0.09147EPSS
Exploits7
Rosalinux
Rosalinux
•added 2024/01/23 12:20 p.m.•54 views

Advisory ROSA-SA-2024-2326

Software: httpd 2.4.6 OS: rosa-server79 packageevrstring: httpd-2.4.6-98.0.1.res7.7 CVE-ID: CVE-2023-31122 BDU-ID: 2023-07124 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modmacro module of the Apache HTTP Server web server involves reading beyond memory boundaries. Exploitation of the...

7.5CVSS6.7AI score0.02978EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/07/25 10:17 a.m.•54 views

Advisory ROSA-SA-2023-2198

Software: sysstat 12.7.2 OS: ROSA-CHROME packageevrstring: sysstat-12.7.2-1.src.rpm CVE-ID: CVE-2022-39377 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: On 32-bit systems in versions 9.1.16 and newer but before 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures...

7.8CVSS8.2AI score0.01096EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:28 p.m.•54 views

Advisory ROSA-SA-2021-1917

Software: memcached 1.4.15 OS: Cobalt 7.9 CVE-ID: CVE-2017-9951 CVE-Crit: HIGH CVE-DESC: The tryreadcommand function in memcached.c in memcached prior to version 1.4.39 allows remote attackers to cause a denial of service segmentation error with an add / set key request, which allows to compare...

7.5CVSS7.8AI score0.04166EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 4:30 p.m.•54 views

Advisory ROSA-SA-2021-1802

Software: bash 4.2.46 OS: Cobalt 7.9 CVE-ID: CVE-2012-6711 CVE-Crit: HIGH CVE-DESC: A heap-based buffer overflow exists in GNU Bash before 4.3, when broad characters not supported by the current language standard set in the LCCTYPE environment variable are printed using the built-in echo function...

7.8CVSS7.5AI score0.02608EPSS
Exploits5
Rosalinux
Rosalinux
•added 2024/05/14 8:49 a.m.•53 views

Advisory ROSA-SA-2024-2418

software: tomcat 9.0.37 WASP: ROSA-CHROME packageevrstring: tomcat-9.0.37-4 CVE-ID: CVE-2023-28709 BDU-ID: 2023-05380 CVE-Crit: HIGH CVE-DESC.: An Apache Tomcat application server vulnerability is associated with a single offset error. Exploitation of the vulnerability could allow an attacker...

7.5CVSS7.3AI score0.99999EPSS
Exploits22
Rosalinux
Rosalinux
•added 2023/12/26 11:56 a.m.•53 views

Advisory ROSA-SA-2023-2317

Software: libinput 1.16.3 OS: ROSA Virtualization 2.1 packageevrstring: libinput-1.16.3-3.rv3.src.rpm CVE-ID: CVE-2022-1215 BDU-ID: 2022-02695 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the evdevlogmsg function of the libinput library's libinput implementation of the X.Org and Wayland display...

7.8CVSS7.7AI score0.00364EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 10:25 p.m.•52 views

Advisory ROSA-SA-2024-2501

Software: postgresql 12.20 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.20-1.rv3 CVE-ID: CVE-2021-32027 BDU-ID: 2021-02776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to an operation exceeding buffer boundaries during array...

8.8CVSS8.4AI score0.12403EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/04/17 1:41 p.m.•52 views

Advisory ROSA-SA-2024-2402

Software: sysstat 11.7.3 OS: ROSA Virtualization 2.1 packageevrstring: sysstat-11.7.3-9.rv3 CVE-ID: CVE-2022-39377 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: sysstat is a set of system performance enhancement tools for the Linux operating system. On 32-bit systems, allocatestructures contains a sizet...

7.8CVSS8.7AI score0.01096EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/03/19 12:44 p.m.•52 views

Advisory ROSA-SA-2024-2377

software: cups 2.3.3op2 OS: ROSA-CHROME packageevrstring: cups-2.3.3.3op2-7.src.rpm CVE-ID: CVE-2022-26691 BDU-ID: 2022-04718 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server is related to flaws in the authorization procedure. Exploitation of the vulnerability could allow an...

7.2CVSS7.2AI score0.01395EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/03/05 8:36 a.m.•52 views

Advisory ROSA-SA-2024-2365

Software: net-snmp 5.8 OS: ROSA Virtualization 2.1 packageevrstring: net-snmp-5.8-27.rv3 CVE-ID: CVE-2022-44792 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP has a NULL Pointer Exception error, which could be used by a remote attacker...

6.5CVSS6.9AI score0.5346EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/04/04 3:18 p.m.•52 views

Advisory ROSA-SA-2023-2138

Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: 11.0.18.0.10-1 CVE-ID: CVE-2022-21434 BDU-ID: 2022-02839 CVE-Crit: MEDIUM CVE-DESC: A vulnerability exists in the Libraries component of the Libraries component of Oracle GraalVM Enterprise Edition virtual machine due to...

7.5CVSS7.6AI score0.17673EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 4:39 p.m.•52 views

Advisory ROSA-SA-2021-1829

Software: erlang R16B OS: Cobalt 7.9 CVE-ID: CVE-2011-0766 CVE-Crit: MEDIUM CVE-DESC: The random number generator in the Crypto application before 2.0.2.2.2 and SSH before 2.0.5, which was used in the Erlang / OTP ssh library before R14B03, uses predictable starting numbers based on the current...

7.8CVSS7.2AI score0.03046EPSS
Exploits1
Total number of security vulnerabilities1374