Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2025/05/26 6:35 a.m.•11 views

Advisory ROSA-SA-2025-2871

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0.0-33.0.5.res7 CVE-ID: CVE-2024-9632 BDU-ID: 2024-09084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in...

7.8CVSS8.6AI score0.00894EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•11 views

Advisory ROSA-SA-2025-2842

Software: gdk-pixbuf2 2.36.12 OS: ROSA Virtualization 2.1 packageevrstring: gdk-pixbuf2-2.36.12-6.0.1.rv3 CVE-ID: CVE-2022-48622 BDU-ID: 2024-06670 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GdkPixbuf image loading library is related to a heap memory corruption in aniloadchunk. Exploitation...

7.8CVSS8AI score0.00415EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•11 views

Advisory ROSA-SA-2025-2817

Software: rpm 4.14.3 OS: ROSA Virtualization 3.0 packageevrstring: rpm-4.14.3-31.rv30 CVE-ID: CVE-2021-35937 BDU-ID: 2021-03555 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RPM Package Manager RPM of Red Hat Enterprise Linux operating systems is caused by a race condition. Exploitation of t...

6.7CVSS7AI score0.00491EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•11 views

Advisory ROSA-SA-2025-2794

Software: cups 2.2.6 OS: ROSA Virtualization 3.0 packageevrstring: cups-2.2.6-62.rv30 CVE-ID: CVE-2024-47175 BDU-ID: 2024-07645 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the ppdCreatePPDFromIPP2 function of the CUPS print server libppd library is related to failure to take measures to...

9.8CVSS8.7AI score0.62474EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/03/01 9:41 p.m.•11 views

Advisory ROSA-SA-2025-2754

Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

3.3CVSS4.5AI score0.00228EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/15 10:22 p.m.•11 views

Advisory ROSA-SA-2025-2697

Software: tomcat 9.0.62 OS: ROSA Virtualization 3.0 packageevrstring: tomcat-9.0.62-30.0.2 CVE-ID: CVE-2022-29885 BDU-ID: 2022-03434 CVE-Crit: HIGH CVE-DESC.: An implementation vulnerability in the EncryptInterceptor class of the Apache Tomcat application server is related to incomplete program...

7.5CVSS8.4AI score0.73139EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/02/15 10:22 p.m.•11 views

Advisory ROSA-SA-2025-2695

Software: shim 15.6 OS: ROSA Virtualization 3.0 packageevrstring: shim-15.6 CVE-ID: CVE-2023-40547 BDU-ID: 2024-00725 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability exists in the shim UEFI bootloader due to failure to take measures to neutralize special elements. Exploitation of the vulnerability...

8.3CVSS8AI score0.04892EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/15 10:22 p.m.•11 views

Advisory ROSA-SA-2025-2696

Software: systemd 239 OS: ROSA Virtualization 3.0 packageevrstring: systemd-239-78.0.1 CVE-ID: CVE-2019-3843 BDU-ID: 2022-00318 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the systemd service initialization and management subsystem is related to improper privilege assignment. Exploitation of...

7.8CVSS7.2AI score0.01217EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/02/15 10:9 p.m.•11 views

Advisory ROSA-SA-2025-2690

Software: zabbix 6.0.12 OS: ROSA Virtualization 3.0 packageevrstring: zabbix-6.0.12-1.0.1 CVE-ID: CVE-2023-32724 BDU-ID: 2024-06936 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Zabbix Universal Monitoring System is related to improper assignment of permissions for a critical resource...

9.1CVSS7AI score0.00592EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 7:46 p.m.•11 views

Advisory ROSA-SA-2025-2668

software: sox 14.4.2 OS: ROSA-CHROME packageevrstring: sox-14.4.2-6 CVE-ID: CVE-2022-31650 BDU-ID: 2023-01722 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the lsxaiffstartwrite function of the aiff.c component of the Sound eXchange audio editor is related to insufficient comparison. Exploitation ...

5.5CVSS8.9AI score0.01114EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/28 7:43 p.m.•11 views

Advisory ROSA-SA-2025-2667

software: sqlite 3.41.2 OS: ROSA-CHROME packageevrstring: sqlite-3.41.2-2 CVE-ID: CVE-2023-7104 BDU-ID: 2024-00480 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sessionReadRecord function of the ext/session/sqlite3session.c file of the SQLite database management system is related to a buffer...

7.3CVSS7.5AI score0.01249EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 7:30 p.m.•11 views

Advisory ROSA-SA-2025-2659

software: openslp 2.0.0 WASP: ROSA-CHROME packageevrstring: openslp-2.0.0 CVE-ID: CVE-2016-4912 BDU-ID: None CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in OpenSLP allows remote attackers to cause a denial of service via a large number of specially crafted packets. CVE-STATUS: The vulnerability...

7.5CVSS6.8AI score0.0536EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:35 p.m.•11 views

Advisory ROSA-SA-2025-2632

software: yt-dlp 2023.07.06 WASP: ROSA-CHROME packageevrstring: yt-dlp-2023.07.06-2 CVE-ID: CVE-2023-40581 BDU-ID: 2023-06330 CVE-Crit: HIGH CVE-DESC.: A vulnerability exists in the yt-dlp audio and video download utility due to failure to take measures to neutralize special elements. Exploitatio...

8.3CVSS6.7AI score0.01292EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 12:37 p.m.•11 views

Advisory ROSA-SA-2025-2614

software: yt-dlp 2023.09.24 WASP: ROSA-CHROME packageevrstring: yt-dlp-2023.09.24-1 CVE-ID: CVE-2023-46121 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in yt-dlp allows an attacker to perform a MITM attack and gain access to a cookie. CVE-STATUS: The vulnerability has been resolved...

5CVSS6.9AI score0.00318EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 11:4 a.m.•11 views

Advisory ROSA-SA-2025-2604

software: expat 2.6.2 OS: ROSA-CHROME packageevrstring: expat-2.6.2-1 CVE-ID: CVE-2023-52426 BDU-ID: 2024-04334 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to improper restriction of recursive object references in DTDs. Exploitation of the...

7.5CVSS7.8AI score0.02006EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•11 views

Advisory ROSA-SA-2025-2562

Software: xerces-c 3.1.1 OS: rosa-server79 packageevrstring: xerces-c-3.1.1-10.0.1.res7 CVE-ID: CVE-2023-37536 BDU-ID: 2023-06960 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Heerces C++ library of the BigFix Platform IT Collaborative Management Platform is caused by an integer overflow...

8.8CVSS7.6AI score0.01381EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/12/17 8:5 a.m.•11 views

Advisory ROSA-SA-2024-2542

Software: vorbis-tools 1.4.2 OS: ROSA-CHROME packageevrstring: vorbis-tools-1.4.2-3 CVE-ID: CVE-2023-43361 BDU-ID: 2024-02625 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Vorbis-tools package is related to the ability to write beyond buffer boundaries in memory when converting wav files to og...

7.8CVSS7.6AI score0.00448EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/11/26 9:3 a.m.•11 views

Advisory ROSA-SA-2024-2524

Software: monit 5.30.0 OS: rosa-server79 packageevrstring: monit-5.30.0-2.res7 CVE-ID: CVE-2022-26563 BDU-ID: 2023-05304 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PAMcheckPasswd function of the Monit process, program, file and directory management and monitoring utility is related to flaws...

8.8CVSS7.1AI score0.00667EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 9:2 a.m.•11 views

Advisory ROSA-SA-2024-2523

Software: xrdp 0.9.25 OS: rosa-server79 packageevrstring: xrdp-0.9.25-2.0.1.res7 CVE-ID: CVE-2023-40184 BDU-ID: 2023-07659 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the authstartsession function of the XRDP server is related to the bypassing of session restrictions. Exploitation of the...

6.5CVSS7.2AI score0.00728EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/29 8:30 a.m.•11 views

Advisory ROSA-SA-2024-2510

Software: python-urllib3 1.10.2 OS: rosa-server79 packageevrstring: python-urllib3-1.10.2-7.0.1.res7 CVE-ID: CVE-2024-37891 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: When using urllib3 proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy as expected...

6.5CVSS7.5AI score0.01141EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/05/08 11:1 a.m.•10 views

Advisory ROSA-SA-2026-3263

Software: kernel-ml 5.15.180 OS: rosa-server79 unaffected versions = kernel-ml-5.15.180-1.0.1.res7 affected versions kernel-ml-5.15.180-1.0.1.res7 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perfor...

7.8CVSS6AI score0.96267EPSS
Exploits230
Rosalinux
Rosalinux
•added 2026/03/22 9:17 p.m.•10 views

Advisory ROSA-SA-2026-3242

software: djvulibre 3.5.29 WASP: ROSA-CHROME unaffected versions = djvulibre-3.5.29-1 affected versions djvulibre-3.5.29-1 CVE-ID: CVE-2021-46312 BDU-ID: 2023-05878 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the IW44EncodeCodec.cpp component of the library for viewing, creating, editing DjVu...

6.5CVSS6.5AI score0.00869EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 9:17 p.m.•10 views

Advisory ROSA-SA-2026-3239

software: suricata 7.0.14 AXIS: ROSA-CHROME unaffected versions = suricata-7.0.14-1 affected versions suricata-7.0.14-1 CVE-ID: CVE-2026-22258 BDU-ID: 2026-00955 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Suricata Intrusion Detection and Prevention System's DCERPC protocol implementation is...

9.8CVSS6AI score0.00508EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 9:2 p.m.•10 views

Advisory ROSA-SA-2026-3234

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-6 affected versions curl-8.7.1-6 CVE-ID: CVE-2025-14017 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In multi-threaded LDAPS transfers in libcurl, changing TLS options in one thread changed them globally and could affect other...

6.3CVSS6AI score0.00106EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 9:2 p.m.•10 views

Advisory ROSA-SA-2026-3235

software: expat 2.7.4 OS: ROSA-CHROME unaffected versions = expat-2.7.4-1 affected versions expat-2.7.4-1 CVE-ID: CVE-2026-24515 BDU-ID: None CVE-Crit: LOW CVE-DESC.: In libexpat before 2.7.4, the XMLExternalEntityParserCreate function does not copy custom handler data of unknown encoding...

2.9CVSS7AI score0.0017EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 6:39 p.m.•10 views

Advisory ROSA-SA-2026-3224

software: tpm2-tools 5.5.1 OS: ROSA-CHROME unaffected versions = tpm2-tools-5.5.1-1 affected versions tpm2-tools-5.5.1-1 CVE-ID: CVE-2024-29039 BDU-ID: 2025-16174 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the tpm2 checkquote component of the Trusted Platform Module tpm2-tools repository fo...

9CVSS6.4AI score0.00984EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 6:39 p.m.•10 views

Advisory ROSA-SA-2026-3220

Software: fonttools 4.49.0 WASP: ROSA-CHROME unaffected versions = fonttools-4.49.0-2 affected versions fonttools-4.49.0-2 CVE-ID: CVE-2025-66034 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Arbitrary file write vulnerability in fontTools varLib allows a remote attacker to execute arbitrary code when...

9.8CVSS7.1AI score0.00496EPSS
Exploits9
Rosalinux
Rosalinux
•added 2026/03/15 6:5 p.m.•10 views

Advisory ROSA-SA-2026-3208

Software: webmin 2.520 WASP: ROSA-CHROME unaffected versions = webmin-2.520-1 affected versions webmin-2.520-1 CVE-ID: CVE-2025-61541 BDU-ID: 2025-14429 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getwebminemailurl function of the Webmin hosting control panel is related to access delimitatio...

7.1CVSS5.7AI score0.00426EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•10 views

Advisory ROSA-SA-2026-3193

Software: libtomcrypt 1.18.2 OS: ROSA Virtualization 2.1 unaffected versions = libtomcrypt-1.18.2-5.0.1.rv3 affected versions libtomcrypt-1.18.2-5.0.1.1.rv3 CVE-ID: CVE-2019-17362 BDU-ID: 2025-16070 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the derdecodeutf8string function of the...

9.1CVSS7.2AI score0.03195EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•10 views

Advisory ROSA-SA-2026-3194

Software: libtommath 1.1.0 OS: ROSA Virtualization 2.1 unaffected versions = libtommath-1.1.0-4.rv3 affected versions libtommath-1.1.0-4.rv3 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...

9.8CVSS8.6AI score0.01254EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•10 views

Advisory ROSA-SA-2026-3188

Software: libpng 1.6.34 OS: ROSA Virtualization 2.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv3 affected versions libpng-1.6.34-9.0.1.rv3 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read outside buffer vulnerability in LIBPNG: The pngimagereadcomposite function incorrectly...

7.1CVSS7.8AI score0.09393EPSS
Exploits7
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•10 views

Advisory ROSA-SA-2026-3190

Software: libsndfile 1.0.28 OS: ROSA Virtualization 2.1 unaffected versions = libsndfile-1.0.28-16.0.2.rv3 affected versions libsndfile-1.0.28-16.0.2.rv3 CVE-ID: CVE-2017-14634 BDU-ID: 2021-03755 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the double64init function of the libsndfile library is...

6.5CVSS6.3AI score0.03423EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•10 views

Advisory ROSA-SA-2026-3192

Software: libssh 0.9.6 OS: ROSA Virtualization 2.1 unaffected versions = libssh-0.9.6-16.rv3 affected versions libssh-0.9.6-16.rv3 CVE-ID: CVE-2025-5372 BDU-ID: 2025-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libssh library's sshkdf function is related to incorrect code generation...

8.8CVSS6.7AI score0.00407EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 12:24 p.m.•10 views

Advisory ROSA-SA-2026-3189

Software: libproxy 0.4.15 OS: ROSA Virtualization 2.1 unaffected versions = libproxy-0.4.15-5.5.5.rv3 affected versions libproxy-0.4.15-5.5.rv3 CVE-ID: CVE-2020-25219 BDU-ID: 2022-00336 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the url::recvline function of the url.cpp component of the Libprox...

9.8CVSS7.8AI score0.04284EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•10 views

Advisory ROSA-SA-2026-3182

Software: sqlite 3.26.0 OS: ROSA Virtualization 3.0 unaffected versions = sqlite-3.26.0-20.rv30 affected versions sqlite-3.26.0-20.rv30 CVE-ID: CVE-2025-6965 BDU-ID: 2025-08786 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Aggregate Term Handler component of the SQLite database management syst...

7.7CVSS6.6AI score0.73495EPSS
Exploits3
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•10 views

Advisory ROSA-SA-2026-3176

Software: modauthopenidc 2.4.9.4 OS: ROSA Virtualization 3.0 unaffected versions = modauthopenidc-2.4.9.4-8.rv30 affected versions modauthopenidc-2.4.9.4-8.rv30 CVE-ID: CVE-2025-3891 BDU-ID: 2025-10948 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the authentication and authorization module for...

8.2CVSS6.2AI score0.01327EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•10 views

Advisory ROSA-SA-2026-3173

Software: libtomcrypt 1.18.2 OS: ROSA Virtualization 3.0 unaffected versions = libtomcrypt-1.18.2-5.0.1.rv30 affected versions libtomcrypt-1.18.2-5.0.1.rv30 CVE-ID: CVE-2019-17362 BDU-ID: 2025-16070 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the derdecodeutf8string function of the...

9.1CVSS7.2AI score0.03195EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•10 views

Advisory ROSA-SA-2026-3175

Software: lz4 1.8.3 OS: ROSA Virtualization 3.0 unaffected versions = lz4-1.8.3-5.rv30 affected versions lz4-1.8.3-5.rv30 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer...

8.1CVSS7.6AI score0.09116EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•10 views

Advisory ROSA-SA-2026-3169

Software: libproxy 0.4.15 OS: ROSA Virtualization 3.0 unaffected versions = libproxy-0.4.15-5.5.5.rv30 affected versions libproxy-0.4.15-5.5.5.rv30 CVE-ID: CVE-2020-25219 BDU-ID: 2022-00336 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the url::recvline function of the url.cpp component of the...

9.8CVSS7.8AI score0.04284EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•10 views

Advisory ROSA-SA-2026-3156

Software: modauthopenidc 2.4.9.4 OS: ROSA Virtualization 3.1 unaffected versions = modauthopenidc-2.4.9.4-8.rv31 affected versions modauthopenidc-2.4.9.4-8.rv31 CVE-ID: CVE-2025-3891 BDU-ID: 2025-10948 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the authentication and authorization module for...

8.2CVSS6.4AI score0.01327EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:14 a.m.•10 views

Advisory ROSA-SA-2026-3143

Software: curl 7.61.1 OS: ROSA Virtualization 3.1 unaffected versions = curl-7.61.1-34.0.2.rv31.9 affected versions curl-7.61.1-34.0.2.rv31.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

7.5CVSS5.8AI score0.01301EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/01/26 1:16 p.m.•10 views

Advisory ROSA-SA-2026-3128

software: gnutls 3.8.10 OS: ROSA-CHROME unaffected versions = gnutls-3.8.10-1 affected versions gnutls-3.8.10-1 CVE-ID: CVE-2025-32988 BDU-ID: 2025-11076 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the asn1deletestructure function of the GnuTLS transport layer security library involves a memory...

8.2CVSS5.8AI score0.01185EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/01/26 12:38 p.m.•10 views

Advisory ROSA-SA-2026-3126

software: suricata 7.0.12 AXIS: ROSA-CHROME unaffected versions = suricata-7.0.12-1 affected versions suricata-7.0.12-1 CVE-ID: CVE-2025-59147 BDU-ID: 2025-12460 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Suricata Intrusion Detection and Prevention System is related to incorrect security...

7.5CVSS5.9AI score0.00344EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/12/02 1:21 p.m.•10 views

Advisory ROSA-SA-2025-3110

Software: ncurses 6.1 OS: ROSA Virtualization 2.1 packageevrstring: ncurses-6.1-10.20180224.0.1.rv3 CVE-ID: CVE-2021-39537 BDU-ID: 2023-07626 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the nccaptoinfo function of the captoinfo.c component of the Ncurses terminal I/O control library involve...

8.8CVSS9.3AI score0.03231EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•10 views

Advisory ROSA-SA-2025-3104

Software: libsoup 2.62.3 OS: ROSA Virtualization 2.1 packageevrstring: libsoup-2.62.3-7.rv3 CVE-ID: CVE-2024-52530 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An HTTP request smuggling vulnerability in GNOME libsoup allows an attacker to trick the server by injecting the '\0' character into request...

8.4CVSS7.3AI score0.00933EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•10 views

Advisory ROSA-SA-2025-3094

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-34.0.2.rv3.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent...

9.8CVSS7.9AI score0.36081EPSS
Exploits7
Rosalinux
Rosalinux
•added 2025/12/02 1:16 p.m.•10 views

Advisory ROSA-SA-2025-3093

Software: sudo 1.8.23 OS: rosa-server79 unaffected versions = sudo-1.8.23-11.0.2.res7.3 affected versions sudo-1.8.23-11.0.2.2.res7.3 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the...

8.8CVSS8.7AI score0.03239EPSS
Exploits76
Rosalinux
Rosalinux
•added 2025/10/27 6:20 a.m.•10 views

Advisory ROSA-SA-2025-3041

Software: cups 2.2.6 OS: ROSA Virtualization 3.0 unaffected versions = cups-2.2.6-63.rv30 affected versions cups-2.2.6-63.rv30 CVE-ID: CVE-2025-58060 BDU-ID: 2025-11019 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CUPS Common UNIX Printing System is related to flaws in the authentication...

8CVSS7.1AI score0.00964EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/10/27 6:19 a.m.•10 views

Advisory ROSA-SA-2025-3035

Software: firefox 128.5.1 OS: rosa-server79 unaffected versions = firefox-128.5.1-1.0.1.res7 affected versions firefox-128.5.1-1.0.1.res7 CVE-ID: CVE-2024-11692 BDU-ID: 2024-10454 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is...

8.8CVSS7.9AI score0.00768EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/10/14 2:33 p.m.•10 views

Advisory ROSA-SA-2025-3031

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-10 affected versions libxml2-2.9.14-10 CVE-ID: CVE-2025-9714 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability: uncontrolled recursion in evalXPath of libxml2 library before 2.9.14, allowing a local attacker to cau...

6.2CVSS7AI score0.00144EPSS
Exploits0
Total number of security vulnerabilities1374