Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•12 views

Advisory ROSA-SA-2025-2820

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 packageevrstring: tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2021-41043 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The Use after free vulnerability in tcpslice causes AddressSanitizer, with no other confirmed impact. CVE-STATUS: The vulnerability has been...

5.5CVSS7.3AI score0.0087EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•12 views

Advisory ROSA-SA-2025-2815

Software: binutils 2.30 OS: ROSA Virtualization 3.0 packageevrstring: binutils-2.30-125.rv30 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.6AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•12 views

Advisory ROSA-SA-2025-2813

Software: net-snmp 5.8 OS: ROSA Virtualization 3.0 packageevrstring: net-snmp-5.8-30.0.1.rv30 CVE-ID: CVE-2022-24805 BDU-ID: 2024-06509 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the NET-SNMP-VACM-MIB function of the Net-SNMP software suite of the Linux operating system is related to buffer...

8.8CVSS8.2AI score0.01299EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•12 views

Advisory ROSA-SA-2025-2803

Software: harfbuzz 1.7.5 OS: ROSA Virtualization 3.0 packageevrstring: harfbuzz-1.7.5-4.rv30 CVE-ID: CVE-2023-25193 BDU-ID: 2023-06149 CVE-Crit: HIGH CVE-DESC.: Vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to unrestricted resource...

7.5CVSS7.4AI score0.01812EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/17 9:44 p.m.•12 views

Advisory ROSA-SA-2025-2776

Software: libssh 0.9.6 OS: ROSA Virtualization 2.1 packageevrstring: libssh-0.9.6-14.rv3 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection...

5.9CVSS6.5AI score0.93305EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/03/17 9:44 p.m.•12 views

Advisory ROSA-SA-2025-2779

Software: ncurses 6.1 OS: ROSA Virtualization 2.1 packageevrstring: ncurses-6.1-10.20180224.0.1.rv3 CVE-ID: CVE-2021-39537 BDU-ID: 2023-07626 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the nccaptoinfo function of the captoinfo.c component of the Ncurses terminal I/O control library involve...

8.8CVSS7.6AI score0.03231EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/08 10:22 p.m.•12 views

Advisory ROSA-SA-2025-2774

Software: kernel kernel OS: ROSA Virtualization 3.0 packageevrstring: kernel-kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2024-1086 BDU-ID: 2024-01187 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the nftverdictinit function in the net/netfilter/nftablesapi.c module of the Linux operating system...

7.8CVSS8.5AI score0.28058EPSS
Exploits16
Rosalinux
Rosalinux
•added 2025/03/08 9:19 p.m.•12 views

Advisory ROSA-SA-2025-2764

Software: libsoup 2.62.3 OS: ROSA Virtualization 2.1 packageevrstring: libsoup-2.62.3-7.rv3 CVE-ID: CVE-2024-52530 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An HTTP request smuggling vulnerability in GNOME libsoup allows an attacker to trick the server by injecting the '\0' character into request...

8.4CVSS8.5AI score0.00933EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•12 views

Advisory ROSA-SA-2025-2744

Software: python-idna 2.5 OS: ROSA Virtualization 3.0 packageevrstring: python-idna-2.5-7.0.2.rv30 CVE-ID: CVE-2024-3651 BDU-ID: 2024-04211 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the idna.encode function of the Internationalized Domain Names in Applications IDNA is associated with...

7.5CVSS7.4AI score0.01386EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•12 views

Advisory ROSA-SA-2025-2729

Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 packageevrstring: opensc-0.20.0-8.rv30 CVE-ID: CVE-2023-2977 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in OpenSC causes a buffer overflow in the pkcs15 cardoshaveverifyrcpackage function, allowing an attacker to cause a processing...

7.1CVSS7.4AI score0.01174EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•12 views

Advisory ROSA-SA-2025-2726

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 packageevrstring: libxml2-2.9.7-18.0.1.rv30.2 CVE-ID: CVE-2022-49043 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Use-after-free vulnerability in libxml2. CVE-STATUS: Vulnerability has been resolved. CVE-REV: To close the vulnerability, run the comman...

8.1CVSS8.1AI score0.00257EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•12 views

Advisory ROSA-SA-2025-2722

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 packageevrstring: curl-7.61.1-34.0.2.rv30.2 CVE-ID: CVE-2023-28322 BDU-ID: 2023-02895 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libcurl library is related to errors in sending POST and PUT HTTP requests using the same descriptor. Exploitati...

8.6CVSS9.3AI score0.36081EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/02/24 12:28 p.m.•12 views

Advisory ROSA-SA-2025-2706

Software: libksba 1.3.5 OS: ROSA Virtualization 3.0 packageevrstring: libksba-1.3.5-9 CVE-ID: CVE-2022-3515 BDU-ID: 2022-06395 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the X.509 certificate function-providing library LibKSBA is related to an integer overflow in the CRL parser. Exploitation of...

9.8CVSS8AI score0.01635EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/02/15 10:22 p.m.•12 views

Advisory ROSA-SA-2025-2694

Software: samba 4.17.12 OS: ROSA Virtualization 3.0 packageevrstring: samba-4.17.12 CVE-ID: CVE-2022-38023 BDU-ID: 2022-06830 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Netlogon Remote Protocol MS-NRPC implementation of Windows operating systems is due to errors in security settings...

8.1CVSS7.3AI score0.02416EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:38 p.m.•12 views

Advisory ROSA-SA-2025-2664

software: openvswitch 2.17.8 OS: ROSA-CHROME packageevrstring: openvswitch-2.17.8 CVE-ID: CVE-2023-5366 BDU-ID: 2024-03244 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Open vSwitch OvS software tiered switch is related to insufficient data authentication. Exploitation of the vulnerability...

7.1CVSS7.5AI score0.00389EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 11:33 a.m.•12 views

Advisory ROSA-SA-2025-2610

software: vim 9.1.0104 WASP: ROSA-CHROME packageevrstring: vim-9.1.0104-1 CVE-ID: CVE-2024-22667 BDU-ID: 2024-02840 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Didsetlangmap function of the vim text editor involves calling sprintf to write to an error buffer that is passed to option callba...

7.8CVSS7.5AI score0.00563EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 11:11 a.m.•12 views

Advisory ROSA-SA-2025-2607

software: gnutls 3.8.4 OS: ROSA-CHROME packageevrstring: gnutls-3.8.4-1 CVE-ID: CVE-2024-0553 BDU-ID: 2024-00707 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GnuTLS transport layer cryptographic library is related to a difference in response time when processing an RSA ciphertext in a...

7.5CVSS7.3AI score0.01614EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/13 10:5 a.m.•12 views

Advisory ROSA-SA-2025-2554

Software: libcaca 0.99 OS: rosa-server79 packageevrstring: libcaca-0.99-0.40.beta20.res7 CVE-ID: CVE-2018-20545 BDU-ID: 2019-01073 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the loadimage src/common-image.c function of the libcaca graphics library involves an integer overflow. Exploitation of t...

8.8CVSS7.8AI score0.02389EPSS
Exploits8
Rosalinux
Rosalinux
•added 2024/12/26 10:30 a.m.•12 views

Advisory ROSA-SA-2024-2547

software: virglrenderer 0.8.1 OS: ROSA-CHROME packageevrstring: virglrenderer-0.8.1-4 CVE-ID: CVE-2020-8002 BDU-ID: 2023-00917 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vrendrenderer.c component of the Virglrenderer virtual OpenGL renderer is related to pointer dereferencing errors...

5.5CVSS6.6AI score0.00342EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 11:24 a.m.•12 views

Advisory ROSA-SA-2024-2532

Software: ansible 2.9.18 OS: rosa-server79 packageevrstring: ansible-2.9.18-1.res7 CVE-ID: CVE-2021-20228 BDU-ID: 2021-03706 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Ansible configuration management system is related to information disclosure. Exploitation of the vulnerability could all...

7.5CVSS6.8AI score0.02043EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/06/01 11:9 a.m.•11 views

Advisory ROSA-SA-2026-3302

Project: libid3tag 0.15.1b Operating System: ROSA-CHROME Unaffected versions: = libid3tag-0.15.1b-25 Affected versions: libid3tag-0.15.1b-25 CVE-ID: CVE-2004-2779 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability exists in the id3utf16deserialize function in the utf16.c library of...

7.5CVSS5.8AI score0.02507EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/19 2:20 p.m.•11 views

Advisory ROSA-SA-2026-3281

software: libde265 1.0.18 OS: ROSA-CHROME unaffected versions = libde265-1.0.18-1 affected versions libde265-1.0.18-1 CVE-ID: CVE-2025-61147 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in strukturag libde265 commit d9fea9d is related to a segmentation error in the...

6.2CVSS5.7AI score0.00159EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/19 2:16 p.m.•11 views

Advisory ROSA-SA-2026-3279

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-16 affected versions tomcat-9.0.37-16 CVE-ID: CVE-2026-24733 BDU-ID: None CVE-Crit: LOW CVE-DESC.: An invalid input validation vulnerability in Apache Tomcat allows a remote attacker to bypass security restrictions by...

6.5CVSS6.9AI score0.00494EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/05/06 9:35 p.m.•11 views

Advisory ROSA-SA-2026-3258

software: kernel-6.1 6.1.152 OS: ROSA-CHROME unaffected versions = kernel-6.1-6.1.1.152-3 affected versions kernel-6.1-6.1.152-3 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD "in-place"...

7.8CVSS6AI score0.96267EPSS
Exploits230
Rosalinux
Rosalinux
•added 2026/05/06 9:35 p.m.•11 views

Advisory ROSA-SA-2026-3260

software: kernel-5.15 5.15.193 WASP: ROSA-CHROME unaffected versions = kernel-5.15-5.15.193-3 affected versions kernel-5.15-5.15.193-3 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD...

7.8CVSS6AI score0.96267EPSS
Exploits230
Rosalinux
Rosalinux
•added 2026/03/22 9:46 p.m.•11 views

Advisory ROSA-SA-2026-3256

software: libheif 1.12.0 WASP: ROSA-CHROME unaffected versions = libheif-1.12.0-6 affected versions libheif-1.12.0-6 CVE-ID: CVE-2025-68431 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In libheif HEIF/AVIF decoder/encoder before 1.21.0, when processing a specially formed HEIF with an overlay element ...

7.1CVSS5.9AI score0.00267EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 9:25 p.m.•11 views

Advisory ROSA-SA-2026-3247

software: libreoffice 24.8.7.2 OS: ROSA-CHROME unaffected versions = libreoffice-24.8.7.2 affected versions libreoffice-24.8.7.2 CVE-ID: CVE-2025-2866 BDU-ID: 2025-05910 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the LibreOffice office suite is related to incorrect cryptographic signature...

5.5CVSS5.8AI score0.00096EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 9:2 p.m.•11 views

Advisory ROSA-SA-2026-3232

software: kanboard 1.2.49 WASP: ROSA-CHROME unaffected versions = kanboard-1.2.49-1 affected versions kanboard-1.2.49-1 CVE-ID: CVE-2026-21879 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: An Open Redirect vulnerability in Kanboard ≤ 1.2.48 allowed authenticated users to be redirected to malicious...

9.1CVSS5.7AI score0.00433EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/03/22 6:55 p.m.•11 views

Advisory ROSA-SA-2026-3226

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-26 affected versions grub2-2.06-26 CVE-ID: CVE-2025-61662 BDU-ID: 2025-14786 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the gettext module of the Grub2 operating systems boot loader is related to the ability to use memory...

7.8CVSS5.8AI score0.00194EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/15 5:44 p.m.•11 views

Advisory ROSA-SA-2026-3205

software: angie 1.11.3 OS: ROSA-CHROME unaffected versions = angie-1.11.3-1 affected versions angie-1.11.3-1 CVE-ID: CVE-2026-1642 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX OSS and NGINX Plus when proxying to upstream TLS servers allows an attacker in a man-in-the-middle...

8.2CVSS6AI score0.00339EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•11 views

Advisory ROSA-SA-2026-3200

Software: sqlite 3.26.0 OS: ROSA Virtualization 2.1 unaffected versions = sqlite-3.26.0-20.rv3 affected versions sqlite-3.26.0-20.rv3 CVE-ID: CVE-2020-24736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A buffer overflow vulnerability in SQLite3 allows a local attacker to cause a denial of service DoS...

7.7CVSS6.9AI score0.73495EPSS
Exploits4
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•11 views

Advisory ROSA-SA-2026-3197

Software: pam 1.3.1 OS: ROSA Virtualization 2.1 unaffected versions = pam-1.3.1-39.rv3 affected versions pam-1.3.1-39.rv3 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...

7.8CVSS7AI score0.00399EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•11 views

Advisory ROSA-SA-2026-3204

Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 unaffected versions = vim-8.0.1763-21.0.1.rv3 affected versions vim-8.0.1763-21.0.0.1.rv3 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...

4.1CVSS6.3AI score0.00731EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•11 views

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02805EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•11 views

Advisory ROSA-SA-2026-3191

Software: libsoup 2.62.3 OS: ROSA Virtualization 2.1 unaffected versions = libsoup-2.62.3-11.rv3 affected versions libsoup-2.62.3-11.rv3 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow during...

8.2CVSS6.8AI score0.00594EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•11 views

Advisory ROSA-SA-2026-3179

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 unaffected versions = pam-1.3.1-39.0.2.rv30 affected versions pam-1.3.1-39.0.2.rv30 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

7.8CVSS7AI score0.00399EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•11 views

Advisory ROSA-SA-2026-3167

Software: jackson-databind 2.10.0 OS: ROSA Virtualization 3.0 unaffected versions = jackson-databind-2.10.0-1.0.2.rv30 affected versions jackson-databind-2.10.0-1.0.2.rv30 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...

7.5CVSS6.5AI score0.17611EPSS
Exploits5
Rosalinux
Rosalinux
•added 2026/02/16 7:8 a.m.•11 views

Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

7.5CVSS5.8AI score0.01301EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:8 a.m.•11 views

Advisory ROSA-SA-2026-3137

Software: cups 2.2.6 OS: ROSA Virtualization 3.0 unaffected versions = cups-2.2.6-66.rv30 affected versions cups-2.2.6-66.rv30 CVE-ID: CVE-2025-58364 BDU-ID: 2025-12439 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server libcups library is related to null pointer dereferencing du...

6.7CVSS7.1AI score0.01063EPSS
Exploits3
Rosalinux
Rosalinux
•added 2026/01/26 1:21 p.m.•11 views

Advisory ROSA-SA-2026-3130

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-12 affected versions libxml2-2.9.14-12 CVE-ID: CVE-2025-6021 BDU-ID: 2025-07144 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a stack-based buffer overflow...

7.5CVSS6.2AI score0.01067EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/01/26 12:23 p.m.•11 views

Advisory ROSA-SA-2026-3122

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-11 affected versions libxml2-2.9.14-11 CVE-ID: CVE-2022-49043 BDU-ID: 2025-11749 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlXIncludeAddNode function of the xinclude.c file of the libxml2 library is related to...

8.1CVSS5.8AI score0.00257EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/01/26 8:27 a.m.•11 views

Advisory ROSA-SA-2026-3113

software: squid 5.9 WASP: ROSA-CHROME unaffected versions = squid-5.9-3 affected versions squid-5.9-3 CVE-ID: CVE-2023-49285 BDU-ID: 2023-08581 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to an operation exceeding buffer boundaries in memory. Exploitation of the...

8.6CVSS6AI score0.88818EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•11 views

Advisory ROSA-SA-2025-3105

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-6.rv3 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the html template tool jinja is related to a failure to neutralize special...

7.8CVSS7.4AI score0.005EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/11/10 6:21 a.m.•11 views

Advisory ROSA-SA-2025-3071

Software: libarchive 3.3.3 OS: ROSA Virtualization 3.0 unaffected versions = libarchive-3.3.3.3-6.0.1.rv30 affected versions libarchive-3.3.3.3-6.0.1.rv30 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

7.8CVSS7.2AI score0.04056EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/11/10 6:14 a.m.•11 views

Advisory ROSA-SA-2025-3053

Software: libarchive 3.3.3 OS: ROSA Virtualization 3.1 unaffected versions = libarchive-3.3.3.3-6.0.1.rv31 affected versions libarchive-3.3.3.3-6.0.1.rv31 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

7.8CVSS7.2AI score0.04056EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/09/29 1:39 p.m.•11 views

Advisory ROSA-SA-2025-3017

software: chromium-browser-stable 140.0.7339.185 WASP: ROSA-CHROME unaffected versions = chromium-browser-stable-140.0.7339.185-1 affected versions chromium-browser-stable-140.0.7339.185-1 CVE-ID: CVE-2025-10585 BDU-ID: 2025-11457 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the V8 component of...

9.8CVSS7.1AI score0.05426EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/29 9:11 a.m.•11 views

Advisory ROSA-SA-2025-3008

software: mono 6.12.0 WASP: ROSA-CHROME unaffected versions = mono-6.12.0-206.1 affected versions mono-6.12.0-206.1 CVE-ID: CVE-2021-24112 BDU-ID: 2021-00929 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the .NET Core software platform is related to insufficient input validation. Exploitation of t...

9.8CVSS7.4AI score0.0327EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/09 10:37 a.m.•11 views

Advisory ROSA-SA-2025-2978

software: cjson 1.7.18 WASP: ROSA-CHROME unaffected versions = cjson-1.7.18-2 affected versions cjson-1.7.18-2 CVE-ID: CVE-2023-26819 BDU-ID: None CVE-Crit: LOW CVE-DESC.: cJSON 1.7.15 may cause a denial of service when processing a specially generated JSON document, e.g.: "a": true, "b": null,...

2.9CVSS4.4AI score0.00208EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/08/06 8:30 a.m.•11 views

Advisory ROSA-SA-2025-2944

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-10 affected versions tomcat-9.0.37-10 CVE-ID: CVE-2024-24549 BDU-ID: 2024-02608 CVE-Crit: HIGH CVE-DESC.: An Apache Tomcat application server vulnerability is related to insufficient input validation. Exploitation of th...

7.5CVSS7.5AI score0.23072EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/06/09 8:53 a.m.•11 views

Advisory ROSA-SA-2025-2884

Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 packageevrstring: libwebp-1.0.0.0-10.0.1.rv3 CVE-ID: CVE-2018-25013 BDU-ID: 2021-03103 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is related to reading beyond buffer boundaries in...

9.1CVSS7.4AI score0.02051EPSS
Exploits0
Total number of security vulnerabilities1374