Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2025/09/11 10:20 a.m.•10 views

Advisory ROSA-SA-2025-3002

software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-8 affected versions ghostscript-9.56.1-8 CVE-ID: CVE-2023-46751 BDU-ID: 2024-00187 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdevprnopenprinterseekable function of the Ghostscript document processing,...

8.8CVSS7.7AI score0.0153EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 9:45 a.m.•10 views

Advisory ROSA-SA-2025-2986

software: spdlog 1.8.5 OS: ROSA-CHROME unaffected versions = spdlog-1.8.5-2 affected versions spdlog-1.8.5-2 CVE-ID: CVE-2025-6140 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in spdlog causes excessive resource consumption when running the scopedpadder function patternformatter-inl.h,...

4.8CVSS6.7AI score0.00202EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/08/03 8:59 p.m.•10 views

Advisory ROSA-SA-2025-2915

software: x11-server 21.1.16 OS: ROSA-CHROME unaffected versions = x11-server-21.1.16-1 affected versions x11-server-21.1.16-1 CVE-ID: CVE-2025-26594 BDU-ID: 2025-04129 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Wayland protocol implementation for X.Org XWayland, an implementation of the ...

7.8CVSS8.6AI score0.00485EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/06/09 8:56 a.m.•10 views

Advisory ROSA-SA-2025-2886

Software: freetype 2.9.1 OS: ROSA Virtualization 3.0 packageevrstring: freetype-2.9.1-10.rv30 CVE-ID: CVE-2025-27363 BDU-ID: 2025-02719 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FreeType font rasterization library is related to reading beyond buffer boundaries in memory. Exploitation of th...

8.1CVSS8.7AI score0.26049EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/05/26 11:41 a.m.•10 views

Advisory ROSA-SA-2025-2875

Software: iptables 1.8.7 OS: ROSA-CHROME packageevrstring: iptables-1.8.7 CVE-ID: None BDU-ID: 2025-02342 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Linux operating system iptables packet filtering rule table configuration and management utility is related to insecure privilege management...

8.1AI score
Exploits0
Rosalinux
Rosalinux
•added 2025/05/26 6:32 a.m.•10 views

Advisory ROSA-SA-2025-2865

Software: emacs 24.3 OS: rosa-server79 packageevrstring: emacs-24.3-23.0.1.res7.1 CVE-ID: CVE-2025-1244 BDU-ID: 2025-04327 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability exists in the EMACS text editor due to failure to take measures to neutralize special elements. Exploitation of the vulnerabilit...

8.8CVSS7.4AI score0.0256EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•10 views

Advisory ROSA-SA-2025-2832

Software: avahi 0.7 OS: ROSA Virtualization 2.1 packageevrstring: avahi-0.7-21.0.1.rv3 CVE-ID: CVE-2023-1981 BDU-ID: 2023-03858 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Avahi Local Area Network Service Discovery System involves uncontrolled resource consumption. Exploitation of the...

6.2CVSS7AI score0.00453EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•10 views

Advisory ROSA-SA-2025-2829

Software: postgresql-jdbc 42.2.28 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-jdbc-42.2.28-1.0.1.rv30 CVE-ID: CVE-2024-1597 BDU-ID: 2024-01541 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the JDBC driver pgjdbc for connecting Java programs to a PostgreSQL database is related to...

10CVSS8.3AI score0.0481EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•10 views

Advisory ROSA-SA-2025-2822

Software: pampkcs11 0.6.13 OS: ROSA Virtualization 3.0 packageevrstring: pampkcs11-0.6.13-1.rv30 CVE-ID: CVE-2025-24032 BDU-ID: None CVE-Crit: DATA LOSSES. CVE-DESC.: The PAM-PKCS11 vulnerability allows an attacker to log in to a user account using a token created by the user. CVE-STATUS: The...

9.2CVSS6.7AI score0.00681EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•10 views

Advisory ROSA-SA-2025-2819

Software: squashfs-tools 4.3 OS: ROSA Virtualization 3.0 packageevrstring: squashfs-tools-4.3-21.rv30 CVE-ID: CVE-2021-40153 BDU-ID: 2021-05217 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the squashfsopendir function of the unsquash-1.c component of the Squashfs Squashfs-Tools file system...

8.1CVSS6.9AI score0.025EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•10 views

Advisory ROSA-SA-2025-2816

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2024-5535 BDU-ID: 2024-06988 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSLselectnextproto function of the SSL toolkit for the TLS and SSL OpenSSL protocols is related to informatio...

9.1CVSS9.1AI score0.05582EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•10 views

Advisory ROSA-SA-2025-2799

Software: gdk-pixbuf2 2.36.12 OS: ROSA Virtualization 3.0 packageevrstring: gdk-pixbuf2-2.36.12-6.0.1.rv30 CVE-ID: CVE-2022-48622 BDU-ID: 2024-06670 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GdkPixbuf image loading library is related to a heap memory corruption in aniloadchunk. Exploitatio...

7.8CVSS8AI score0.00415EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•10 views

Advisory ROSA-SA-2025-2805

Software: iperf3 3.5 OS: ROSA Virtualization 3.0 packageevrstring: iperf3-3.5-11.rv30 CVE-ID: CVE-2024-53580 BDU-ID: 2024-11145 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Iperf3 network bandwidth measurement tool is related to improper handling of test parameters passed to the server in jso...

7.5CVSS7.4AI score0.00926EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•10 views

Advisory ROSA-SA-2025-2793

Software: bubblewrap 0.4.0 OS: ROSA Virtualization 3.0 packageevrstring: bubblewrap-0.4.0-2.rv30 CVE-ID: CVE-2024-42472 BDU-ID: 2024-06671 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Flatpak application and environment management tool is related to improper neutralization of special output...

10CVSS9.5AI score0.01283EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•10 views

Advisory ROSA-SA-2025-2745

Software: python3x-idna 2.10 OS: ROSA Virtualization 3.0 packageevrstring: python3x-idna-2.10-4.rv30 CVE-ID: CVE-2024-3651 BDU-ID: 2024-04211 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the idna.encode function of the Internationalized Domain Names in Applications IDNA is associated with...

7.5CVSS7.4AI score0.01386EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•10 views

Advisory ROSA-SA-2025-2741

Software: orc 0.4.28 OS: ROSA Virtualization 3.0 packageevrstring: orc-0.4.28-4.rv30 CVE-ID: CVE-2024-40897 BDU-ID: 2024-06669 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the orcparse.c file of the library for compiling and executing programs that operate on GStreamer ORC data arrays is relate...

7CVSS6.9AI score0.00379EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•10 views

Advisory ROSA-SA-2025-2728

Software: opencryptoki 3.21.0 OS: ROSA Virtualization 3.0 packageevrstring: opencryptoki-3.21.0-10.rv30 CVE-ID: CVE-2024-0914 BDU-ID: 2024-02839 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the opencryptoki package is related to the processing of RSA PKCS1 augmented ciphertexts. Exploitation of...

5.9CVSS6.9AI score0.00878EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/02/15 10:22 p.m.•10 views

Advisory ROSA-SA-2025-2696

Software: systemd 239 OS: ROSA Virtualization 3.0 packageevrstring: systemd-239-78.0.1 CVE-ID: CVE-2019-3843 BDU-ID: 2022-00318 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the systemd service initialization and management subsystem is related to improper privilege assignment. Exploitation of...

7.8CVSS7.2AI score0.01217EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/01/28 7:46 p.m.•10 views

Advisory ROSA-SA-2025-2669

software: python3 3.8.13 WASP: ROSA-CHROME packageevrstring: python3-3.8.13 CVE-ID: CVE-2015-20107 BDU-ID: 2022-03962 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the mailcap module of the Python programming language interpreter is related to insufficient validation of arguments passed to a...

8CVSS7.7AI score0.07269EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 8:19 a.m.•10 views

Advisory ROSA-SA-2025-2571

software: ghostscript 9.56.1 OS: ROSA-CHROME packageevrstring: ghostscript-9.56.1-1 CVE-ID: CVE-2024-46956 BDU-ID: 2024-09737 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the psi/zfile.c component of the Ghostscript document processing, conversion, and generation software suite involves reading...

7.8CVSS7.5AI score0.00388EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:26 a.m.•10 views

Advisory ROSA-SA-2025-2566

software: x11-server 1.20.14 OS: ROSA-CHROME packageevrstring: x11-server-1.20.14-6 CVE-ID: CVE-2023-6377 BDU-ID: 2024-00457 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the xorg-x11-server package is related to the use of memory after it has been freed when processing Button Action objects...

7.8CVSS8.1AI score0.01631EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:5 a.m.•10 views

Advisory ROSA-SA-2025-2556

Software: cups-filters 1.0.35 OS: rosa-server79 packageevrstring: cups-filters-1.0.35-29.0.2.res7 CVE-ID: CVE-2024-47176 BDU-ID: 2024-07643 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cups-browsed daemon of the CUPS print server is associated with the use of dangerous methods or functions...

7.5CVSS8.1AI score0.50174EPSS
Exploits15
Rosalinux
Rosalinux
•added 2024/12/17 8:5 a.m.•10 views

Advisory ROSA-SA-2024-2544

software: tomcat 9.0.37 WASP: ROSA-CHROME packageevrstring: tomcat-9.0.37-6 CVE-ID: CVE-2020-13943 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: An HTTP/2 vulnerability in Apache Tomcat allows an attacker to access unwanted resources. CVE-STATUS: The vulnerability has been resolved CVE-REV: To close t...

7.5CVSS6.4AI score0.57286EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 11:43 a.m.•10 views

Advisory ROSA-SA-2024-2534

software: zchunk 1.2.2 OS: ROSA-CHROME packageevrstring: zchunk-1.2.2.2-2 CVE-ID: CVE-2023-46228 BDU-ID: 2023-07324 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c components of the RPM zchunk file size reduction software...

7.8CVSS7.2AI score0.00261EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/11/26 11:29 a.m.•10 views

Advisory ROSA-SA-2024-2533

Software: imlib2 1.4.9 OS: rosa-server79 packageevrstring: imlib2-1.4.9-1.res7 CVE-ID: CVE-2014-9762 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: imlib2 allows remote attackers to cause a denial of service segmentation error using a GIF image without a color map. CVE-STATUS: Fixed CVE-REV: Run the yum...

9.8CVSS8.4AI score0.05839EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 9:41 p.m.•9 views

Advisory ROSA-SA-2026-3253

Software: haproxy 3.2.13 WASP: ROSA-CHROME unaffected versions = haproxy-3.2.13-1 affected versions haproxy-3.2.13-1 CVE-ID: CVE-2025-11230 BDU-ID: 2025-13169 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HAProxy server software is related to algorithmic complexity. Exploitation of the...

7.5CVSS7AI score0.00479EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 9:27 p.m.•9 views

Advisory ROSA-SA-2026-3248

software: exim 4.99.1 OS: ROSA-CHROME unaffected versions = exim-4.99.1-1 affected versions exim-4.99.1-1 CVE-ID: CVE-2025-67896 BDU-ID: 2026-00906 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Exim mail server is related to a buffer overflow in dynamic memory. Exploitation of the...

9.8CVSS6AI score0.00411EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 9:2 p.m.•9 views

Advisory ROSA-SA-2026-3233

software: libcupsfilters 2.0.0 OS: ROSA-CHROME unaffected versions = libcupsfilters-2.0.0.0-8 affected versions libcupsfilters-2.0.0-8 CVE-ID: CVE-2025-57812 BDU-ID: 2025-15977 CVE-Crit: LOW CVE-DESC.: A vulnerability in the cfFilterImageToRaster function of the CUPS print server is related to...

3.7CVSS5.7AI score0.0044EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 8:49 p.m.•9 views

Advisory ROSA-SA-2026-3228

software: gpsd 3.21 WASP: ROSA-CHROME unaffected versions = gpsd-3.21-5 affected versions gpsd-3.21-5 CVE-ID: CVE-2025-67268 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Vulnerability in gpsd before commit dc966aa: in drivers/drivernmea2000.c, function hnd129540 handling PGN 129540 - GNSS Satellite...

9.8CVSS6.1AI score0.00674EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/03/22 8:49 p.m.•9 views

Advisory ROSA-SA-2026-3229

software: capstone 4.0.2 OS: ROSA-CHROME unaffected versions = capstone-4.0.2-2 affected versions capstone-4.0.2.2-2 CVE-ID: CVE-2025-67873 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC: Capstone is a disassembler framework. In versions up to and including 6.0.0.0-Alpha5, skipdata length was not checked...

7.8CVSS7.2AI score0.00191EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/22 6:55 p.m.•9 views

Advisory ROSA-SA-2026-3225

software: busybox 1.37.0 OS: ROSA-CHROME unaffected versions = busybox-1.37.0-2 affected versions busybox-1.37.0-2 CVE-ID: CVE-2025-46394 BDU-ID: None CVE-Crit: LOW CVE-DESC.: In tar in BusyBox, file names in a TAR archive can be hidden in the list output using terminal escape sequences...

3.3CVSS7AI score0.00149EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/03/22 6:39 p.m.•9 views

Advisory ROSA-SA-2026-3221

software: python-ldap 3.4.5 WASP: ROSA-CHROME unaffected versions = python-ldap-3.4.5-2 affected versions python-ldap-3.4.5-2 CVE-ID: CVE-2025-61911 BDU-ID: 2026-02913 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the filter.py component of the Python module for working with Python-LDAP LDAP...

6.9CVSS6.3AI score0.00427EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/03/15 6:12 p.m.•9 views

Advisory ROSA-SA-2026-3211

software: vtk 9.0.1 OS: ROSA-CHROME unaffected versions = vtk-9.0.1.1-6 affected versions vtk-9.0.1.1-6 CVE-ID: CVE-2025-57106 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer overflow in Kitware VTK before 9.5.0 in the vtkGLTFDocumentLoader component. The vulnerability occurs in the...

7.5CVSS6AI score0.00392EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/03/15 5:47 p.m.•9 views

Advisory ROSA-SA-2026-3206

software: nginx 1.28.2 OS: ROSA-CHROME unaffected versions = nginx-1.28.2-1 affected versions nginx-1.28.2-1 CVE-ID: CVE-2026-1642 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX OSS and NGINX Plus when proxying to upstream TLS servers allows an attacker in a man-in-the-middle...

8.2CVSS6AI score0.00339EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 10:56 a.m.•9 views

Advisory ROSA-SA-2026-3170

Software: libsndfile 1.0.28 OS: ROSA Virtualization 3.0 unaffected versions = libsndfile-1.0.28-16.0.2.rv30 affected versions libsndfile-1.0.28-16.0.2.rv30 CVE-ID: CVE-2017-14634 BDU-ID: 2021-03755 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the double64init function of the libsndfile library ...

6.5CVSS6.3AI score0.03423EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3153

Software: libtomcrypt 1.18.2 OS: ROSA Virtualization 3.1 unaffected versions = libtomcrypt-1.18.2-5.0.1.rv31 affected versions libtomcrypt-1.18.2-5.0.1.1.rv31 CVE-ID: CVE-2019-17362 BDU-ID: 2025-16070 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the derdecodeutf8string function of the...

9.1CVSS7.1AI score0.03195EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3158

Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02805EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3154

Software: libtommath 1.2.0 OS: ROSA Virtualization 3.1 unaffected versions = libtommath-1.2.0-1.rv31 affected versions libtommath-1.2.0-1.rv31 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...

9.8CVSS8.5AI score0.01254EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3148

Software: libpng 1.6.34 OS: ROSA Virtualization 3.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv31 affected versions libpng-1.6.34-9.0.1.1.rv31 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrect...

7.1CVSS6.9AI score0.0036EPSS
Exploits6
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3150

Software: libsndfile 1.0.28 OS: ROSA Virtualization 3.1 unaffected versions = libsndfile-1.0.28-16.0.2.rv31 affected versions libsndfile-1.0.28-16.0.2.rv31 CVE-ID: CVE-2017-14634 BDU-ID: 2021-03755 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the double64init function of the libsndfile library ...

6.5CVSS6.3AI score0.03423EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 7:8 a.m.•9 views

Advisory ROSA-SA-2026-3136

Software: bind 9.11.36 OS: ROSA Virtualization 3.0 unaffected versions = bind-9.11.36-16.rv30.6 affected versions bind-9.11.36-16.rv30.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...

8.6CVSS5.9AI score0.00509EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/02/16 7:7 a.m.•9 views

Advisory ROSA-SA-2026-3132

Software: cups 2.2.6 OS: ROSA Virtualization 2.1 unaffected versions = cups-2.2.6-66.0.1.rv3 affected versions cups-2.2.6-66.0.1.rv3 CVE-ID: CVE-2025-58364 BDU-ID: 2025-12439 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server libcups library is related to null pointer...

6.7CVSS7.4AI score0.01063EPSS
Exploits3
Rosalinux
Rosalinux
•added 2026/01/26 12:37 p.m.•9 views

Advisory ROSA-SA-2026-3125

Software: qbittorrent 4.6.7 OS: ROSA-CHROME unaffected versions = qbittorrent-4.6.7-2 affected versions qbittorrent-4.6.7-2 CVE-ID: CVE-2025-54310 BDU-ID: 2025-11251 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the lack of validatio...

5.3CVSS5.8AI score0.00398EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/01/26 8:35 a.m.•9 views

Advisory ROSA-SA-2026-3115

software: apache 2.4.66 OS: ROSA-CHROME unaffected versions = apache-2.4.66-1 affected versions apache-2.4.66-1 CVE-ID: CVE-2025-66200 BDU-ID: 2025-15638 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the moduserdir module of the Apache HTTP Server web server involves bypassing the authentication...

8.3CVSS6.2AI score0.01527EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/01/26 8:33 a.m.•9 views

Advisory ROSA-SA-2026-3114

software: samba 4.19 WASP: ROSA-CHROME unaffected versions = samba-4.19 affected versions samba-4.19 CVE-ID: CVE-2025-10230 BDU-ID: 2025-13037 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability exists in the WINS name resolution server implementation of the Samba networking suite due to failure to ta...

10CVSS6.2AI score0.40121EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/12/02 1:21 p.m.•9 views

Advisory ROSA-SA-2025-3106

Software: c-ares 1.13.0 OS: ROSA Virtualization 2.1 packageevrstring: c-ares-1.13.0-11.rv3 CVE-ID: CVE-2020-22217 BDU-ID: 2023-05898 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the aresparsesoareply function of the C-ares asynchronous DNS query library is related to an operation exceeding...

6.4CVSS9AI score0.00838EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•9 views

Advisory ROSA-SA-2025-3101

Software: pam 1.3.1 OS: ROSA Virtualization 2.1 packageevrstring: pam-1.3.1-36.rv3 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

7.4CVSS9.1AI score0.00798EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•9 views

Advisory ROSA-SA-2025-3094

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-34.0.2.rv3.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent...

9.8CVSS7.9AI score0.36081EPSS
Exploits7
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•9 views

Advisory ROSA-SA-2025-3096

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-33.rv3 CVE-ID: CVE-2018-15209 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in LibTIFF allows remote attackers to cause a denial of service or execute arbitrary code via a specially crafted TIFF file...

8.8CVSS8.8AI score0.03969EPSS
Exploits8
Rosalinux
Rosalinux
•added 2025/12/02 1:16 p.m.•9 views

Advisory ROSA-SA-2025-3091

Software: python3-setuptools 39.2.0 OS: rosa-server79 unaffected versions = python3-setuptools-39.2.0-10.0.5.res7 affected versions python3-setuptools-39.2.0-10.0.5.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging...

8.8CVSS8.6AI score0.01479EPSS
Exploits4
Total number of security vulnerabilities1374