Lucene search
+L
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3161

Software: rsync 3.1.3 OS: ROSA Virtualization 3.1 unaffected versions = rsync-3.1.3-23.rv31 affected versions rsync-3.1.3-23.rv31 CVE-ID: CVE-2025-4638 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the zlib library embedded in PointCloudLibrary PCL allows attackers to cause...

9.8CVSS7.8AI score0.16004EPSS
Exploits5
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3154

Software: libtommath 1.2.0 OS: ROSA Virtualization 3.1 unaffected versions = libtommath-1.2.0-1.rv31 affected versions libtommath-1.2.0-1.rv31 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...

9.8CVSS8.5AI score0.01254EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3150

Software: libsndfile 1.0.28 OS: ROSA Virtualization 3.1 unaffected versions = libsndfile-1.0.28-16.0.2.rv31 affected versions libsndfile-1.0.28-16.0.2.rv31 CVE-ID: CVE-2017-14634 BDU-ID: 2021-03755 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the double64init function of the libsndfile library ...

6.5CVSS6.3AI score0.03423EPSS
Exploits2
Rosalinux
Rosalinux
•added 2026/02/16 7:27 a.m.•9 views

Advisory ROSA-SA-2026-3148

Software: libpng 1.6.34 OS: ROSA Virtualization 3.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv31 affected versions libpng-1.6.34-9.0.1.1.rv31 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrect...

7.1CVSS6.9AI score0.0036EPSS
Exploits6
Rosalinux
Rosalinux
•added 2026/02/16 7:7 a.m.•9 views

Advisory ROSA-SA-2026-3132

Software: cups 2.2.6 OS: ROSA Virtualization 2.1 unaffected versions = cups-2.2.6-66.0.1.rv3 affected versions cups-2.2.6-66.0.1.rv3 CVE-ID: CVE-2025-58364 BDU-ID: 2025-12439 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server libcups library is related to null pointer...

6.7CVSS7.4AI score0.01063EPSS
Exploits3
Rosalinux
Rosalinux
•added 2026/01/26 1:19 p.m.•9 views

Advisory ROSA-SA-2026-3129

software: expat 2.7.3 OS: ROSA-CHROME unaffected versions = expat-2.7.3-1 affected versions expat-2.7.3-1 CVE-ID: CVE-2025-59375 BDU-ID: 2025-12925 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to unrestricted resource allocation. Exploitation of th...

7.5CVSS5.8AI score0.01279EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/01/26 12:37 p.m.•9 views

Advisory ROSA-SA-2026-3125

Software: qbittorrent 4.6.7 OS: ROSA-CHROME unaffected versions = qbittorrent-4.6.7-2 affected versions qbittorrent-4.6.7-2 CVE-ID: CVE-2025-54310 BDU-ID: 2025-11251 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the cross-platform BitTorrent client qBittorrent is related to the lack of validatio...

5.3CVSS5.8AI score0.00398EPSS
Exploits0
Rosalinux
Rosalinux
•added 2026/01/26 12:16 p.m.•9 views

Advisory ROSA-SA-2026-3120

software: qpdfview 0.5 WASP: ROSA-CHROME unaffected versions = qpdfview-0.5-4 affected versions qpdfview-0.5-4 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation of...

6.5CVSS5.8AI score0.00384EPSS
Exploits1
Rosalinux
Rosalinux
•added 2026/01/26 8:35 a.m.•9 views

Advisory ROSA-SA-2026-3115

software: apache 2.4.66 OS: ROSA-CHROME unaffected versions = apache-2.4.66-1 affected versions apache-2.4.66-1 CVE-ID: CVE-2025-66200 BDU-ID: 2025-15638 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the moduserdir module of the Apache HTTP Server web server involves bypassing the authentication...

8.3CVSS6.2AI score0.01527EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/12/02 1:21 p.m.•9 views

Advisory ROSA-SA-2025-3106

Software: c-ares 1.13.0 OS: ROSA Virtualization 2.1 packageevrstring: c-ares-1.13.0-11.rv3 CVE-ID: CVE-2020-22217 BDU-ID: 2023-05898 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the aresparsesoareply function of the C-ares asynchronous DNS query library is related to an operation exceeding...

6.4CVSS9AI score0.00838EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•9 views

Advisory ROSA-SA-2025-3101

Software: pam 1.3.1 OS: ROSA Virtualization 2.1 packageevrstring: pam-1.3.1-36.rv3 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

7.4CVSS9.1AI score0.00791EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•9 views

Advisory ROSA-SA-2025-3099

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...

5.9CVSS7.7AI score0.05533EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/12/02 1:20 p.m.•9 views

Advisory ROSA-SA-2025-3096

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-33.rv3 CVE-ID: CVE-2018-15209 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in LibTIFF allows remote attackers to cause a denial of service or execute arbitrary code via a specially crafted TIFF file...

8.8CVSS8.8AI score0.03969EPSS
Exploits8
Rosalinux
Rosalinux
•added 2025/12/02 1:16 p.m.•9 views

Advisory ROSA-SA-2025-3091

Software: python3-setuptools 39.2.0 OS: rosa-server79 unaffected versions = python3-setuptools-39.2.0-10.0.5.res7 affected versions python3-setuptools-39.2.0-10.0.5.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging...

8.8CVSS8.6AI score0.01454EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/12/02 1:16 p.m.•9 views

Advisory ROSA-SA-2025-3092

Software: squid 3.5.20 OS: rosa-server79 unaffected versions = squid-3.5.20-17.0.9.res7.13 affected versions squid-3.5.20-17.0.9.res7.13 CVE-ID: CVE-2025-54574 BDU-ID: 2025-09345 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Squid proxy server is related to a buffer overflow in dynamic...

10CVSS8.2AI score0.62871EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/11/10 6:20 a.m.•9 views

Advisory ROSA-SA-2025-3063

Software: libarchive 3.3.3 OS: ROSA Virtualization 2.1 unaffected versions = libarchive-3.3.3.3-6.0.1.rv3 affected versions libarchive-3.3.3.3-6.0.1.rv3 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

7.8CVSS7.2AI score0.04056EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/11/09 1:37 p.m.•9 views

Advisory ROSA-SA-2025-3050

Software: expat 2.2.5 OS: ROSA Virtualization 3.1 unaffected versions = expat-2.2.5-17.0.1.rv31 affected versions expat-2.2.5-17.0.1.rv31 CVE-ID: CVE-2019-15903 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to incorrect restriction of xml...

9.8CVSS8.8AI score0.35867EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/10/27 6:20 a.m.•9 views

Advisory ROSA-SA-2025-3040

Software: gnutls 3.6.16 OS: ROSA Virtualization 2.1 unaffected versions = gnutls-3.6.16-8.0.1.rv3.4 affected versions gnutls-3.6.16-8.0.1.1.rv3.4 CVE-ID: CVE-2024-12243 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in GnuTLS when processing ASN.1 data via libtasn1 could result in...

8.2CVSS7AI score0.01245EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/29 2:38 p.m.•9 views

Advisory ROSA-SA-2025-3027

software: jasper 2.0.33 WASP: ROSA-CHROME unaffected versions = jasper-2.0.33-2 affected versions jasper-2.0.33-2 CVE-ID: CVE-2025-8835 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in JasPer before version 4.2.5 allows a crash due to null pointer dereferencing in the jasimagechclrspc...

5.5CVSS7.5AI score0.0021EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/29 1:37 p.m.•9 views

Advisory ROSA-SA-2025-3015

Software: dovecot 2.3.21.1 OS: ROSA-CHROME unaffected versions = dovecot-2.3.21.1-6 affected versions dovecot-2.3.21.1-6 CVE-ID: CVE-2022-30550 BDU-ID: 2022-04273 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the passdb account database of the Dovecot mail server is related to configuration...

8.8CVSS7.1AI score0.02071EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/29 1:35 p.m.•9 views

Advisory ROSA-SA-2025-3013

software: openscap 1.4.2 OS: ROSA-CHROME unaffected versions = openscap-1.4.2-2 affected versions openscap-1.4.2-2 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc library of the OpenSC smart...

3.9CVSS7AI score0.00355EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 10:32 a.m.•9 views

Advisory ROSA-SA-2025-3007

software: qt5-qtconnectivity 5.15.10 OS: ROSA-CHROME unaffected versions = qt5-qtconnectivity-5.15.15-3 affected versions qt5-qtconnectivity-5.15.15-3 CVE-ID: CVE-2025-23050 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In the Qt Bluetooth module QLowEnergyController on Linux when using the Bluetooth...

3.1CVSS6.9AI score0.00172EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 10:27 a.m.•9 views

Advisory ROSA-SA-2025-3006

Software: libpcap 1.10.5 OS: ROSA-CHROME unaffected versions = libpcap-1.10.5-1 affected versions libpcap-1.10.5-1 CVE-ID: CVE-2023-7256 BDU-ID: 2024-07427 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libpcap library's freeaddrinfo function involves calling freeaddrinfo for the same allocat...

4.4CVSS6.3AI score0.00227EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 10:19 a.m.•9 views

Advisory ROSA-SA-2025-3001

software: suricata 7.0.11 WASP: ROSA-CHROME unaffected versions = suricata-7.0.11-1 affected versions suricata-7.0.11-1 CVE-ID: CVE-2024-38534 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in Suricata allows system resources to be consumed by certain modbus traffic. CVE-STATUS: The...

7.5CVSS7.3AI score0.00869EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 10:6 a.m.•9 views

Advisory ROSA-SA-2025-2996

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-23 affected versions grub2-2.06-23 CVE-ID: CVE-2024-45777 BDU-ID: 2025-07120 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gettext component of the Grub operating systems loader is related to integer overflow. Exploitation...

7.8CVSS7.5AI score0.00444EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 10:2 a.m.•9 views

Advisory ROSA-SA-2025-2994

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-13 affected versions tomcat-9.0.37-13 CVE-ID: CVE-2025-52520 BDU-ID: 2025-08953 CVE-Crit: MEDIUM CVE-DESC.: Apache Tomcat application server vulnerability is related to integer overflow. Exploitation of the vulnerabilit...

7.5CVSS8AI score0.0196EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 9:59 a.m.•9 views

Advisory ROSA-SA-2025-2992

Software: dav1d 1.3.0 AXIS: ROSA-CHROME unaffected versions = dav1d-1.3.0-2 affected versions dav1d-1.3.0-2 CVE-ID: CVE-2024-1580 BDU-ID: 2024-04901 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the dav1d decoder of the iOS, iPadOS, visionOS, macOS, Fedora, and Safari browser operating systems i...

8.8CVSS7.7AI score0.01835EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/11 9:53 a.m.•9 views

Advisory ROSA-SA-2025-2989

software: subversion 1.14.5 OS: ROSA-CHROME unaffected versions = subversion-1.14.5-1 affected versions subversion-1.14.5-1 CVE-ID: CVE-2024-46901 BDU-ID: 2025-03298 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the moddavsvn function of Apache Subversion software is related to a flaw in the...

4.3CVSS4.2AI score0.01943EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/09 10:39 a.m.•9 views

Advisory ROSA-SA-2025-2980

software: busybox 1.37.0 OS: ROSA-CHROME unaffected versions = busybox-1.37.0-1 affected versions busybox-1.37.0-1 CVE-ID: CVE-2022-48174 BDU-ID: 2023-05378 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the ash.c file of the BusyBox set of UNIX command line utilities is related to writing...

9.8CVSS8.3AI score0.0313EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/09/09 10:21 a.m.•9 views

Advisory ROSA-SA-2025-2972

software: systemd 249 WASP: ROSA-CHROME unaffected versions = systemd-249-1.gitfab79a.27 affected versions systemd-249-1.gitfab79a.27 CVE-ID: CVE-2025-4598 BDU-ID: 2025-06694 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the systemd-coredump service of the Systemd daemon is related to a kernel...

4.7CVSS5.2AI score0.0066EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/09 9:50 a.m.•9 views

Advisory ROSA-SA-2025-2966

Software: avahi 0.7 OS: ROSA Virtualization 3.0 unaffected versions = avahi-0.7-27.0.2.rv30.1 affected versions avahi-0.7-27.0.0.2.rv30.1 CVE-ID: CVE-2018-1000845 BDU-ID: 2019-00693 CVE-Crit: CRITICAL. CVE-DESC: Duplicate CVE-2017-6519 CVE-STATUS: The vulnerability has been resolved CVE-REV: To...

9.1CVSS9.3AI score0.03082EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/09/09 9:29 a.m.•9 views

Advisory ROSA-SA-2025-2956

Software: libnbd 1.6.0 OS: ROSA Virtualization 2.1 unaffected versions = libnbd-1.6.0-6.0.1.rv3 affected versions libnbd-1.6.0-6.0.1.1.rv3 CVE-ID: CVE-2023-5215 BDU-ID: 2024-06033 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the nbdgetsize function of the libnbd library is related to the...

7.4CVSS6.6AI score0.00746EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/08/06 8:31 a.m.•9 views

Advisory ROSA-SA-2025-2950

software: assimp 5.0.1 OS: ROSA-CHROME unaffected versions = assimp-5.0.1.1-6 affected versions assimp-5.0.1.1-6 CVE-ID: CVE-2024-45679 BDU-ID: 2025-02665 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the 3D model import library Open Asset Import Library Assimp is related to a buffer overflow in...

8.4CVSS6.3AI score0.00273EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/07/08 1:26 p.m.•9 views

Advisory ROSA-SA-2025-2907

Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1.rv30 CVE-ID: CVE-2025-32463 BDU-ID: 2025-07765 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sudo system administration program is related to the inclusion of functions from an invalid controlled area when usin...

9.3CVSS9.8AI score0.47467EPSS
Exploits70
Rosalinux
Rosalinux
•added 2025/06/23 7:57 a.m.•9 views

Advisory ROSA-SA-2025-2901

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-51.rv3.5 CVE-ID: CVE-2024-38472 BDU-ID: 2024-05354 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache HTTP Server web server is related to insufficient validation of incoming requests. Exploitation of the...

9.1CVSS7.6AI score0.6795EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/06/09 8:56 a.m.•9 views

Advisory ROSA-SA-2025-2892

Software: libtasn1 4.13 OS: ROSA Virtualization 3.0 packageevrstring: libtasn1-4.13-5.rv3 CVE-ID: CVE-2024-12133 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in libtasn1 causes the system to slow down or crash due to inefficient processing of certain certificate data. As a result, an...

5.3CVSS6AI score0.0107EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/06/09 8:56 a.m.•9 views

Advisory ROSA-SA-2025-2893

Software: libtiff 4.0.9 OS: ROSA Virtualization 3.0 packageevrstring: libtiff-4.0.9-34.rv30 CVE-ID: CVE-2017-17095 BDU-ID: 2019-03339 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the LibTIFF library is related to a heap-based buffer overflow in TIFFSetupStrips. Exploitation of the vulnerability...

8.8CVSS6.8AI score0.10639EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/06/09 8:53 a.m.•9 views

Advisory ROSA-SA-2025-2879

Software: krb5 1.18.2 OS: ROSA Virtualization 2.1 packageevrstring: krb5-1.18.2-32.rv3 CVE-ID: CVE-2020-28196 BDU-ID: 2023-03437 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Kerberos network protocol implementation of the Debian GNU/Linux, Red Hat Enterprise Linux, Ubuntu, Fedora, Alt 8 SP...

9.1CVSS8.4AI score0.14859EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/05/19 5:10 p.m.•9 views

Advisory ROSA-SA-2025-2863

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 packageevrstring: kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2024-40998 BDU-ID: None CVE-Crit: DATA LOSSES. CVE-DESC.: Vulnerability in Linux kernel: access to uninitialized rs-lock lock in ext4fillsuper function. CVE-STATUS: Vulnerability has bee...

7.8CVSS9.7AI score0.0032EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/30 7:46 a.m.•9 views

Advisory ROSA-SA-2025-2854

Software: binutils 2.30 OS: ROSA Virtualization 3.0 packageevrstring: binutils-2.30-125.0.1.rv30 CVE-ID: CVE-2018-1000876 BDU-ID: 2023-01657 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the disassembledata function of the objdump.c component of the GNU Binutils development software tool is...

7.8CVSS7.8AI score0.01234EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•9 views

Advisory ROSA-SA-2025-2847

Software: less 530 OS: ROSA Virtualization 2.1 packageevrstring: less-530-3.rv3 CVE-ID: CVE-2022-48624 BDU-ID: 2024-04438 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the closealtfile filename.c function for UNIX-like Less text terminals is related to the skipping of Shellquote calls for...

8.6CVSS8.9AI score0.01059EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•9 views

Advisory ROSA-SA-2025-2801

Software: gtk3 3.22.30 OS: ROSA Virtualization 3.0 packageevrstring: gtk3-3.22.30-12.rv30 CVE-ID: CVE-2024-6655 BDU-ID: 2024-06447 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GTK graphical user interface creation library GIMP Toolkit is related to mismanagement of code generation...

7CVSS7AI score0.00464EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/08 9:20 p.m.•9 views

Advisory ROSA-SA-2025-2767

Software: libsoup 2.62.3 OS: ROSA Virtualization 3.0 packageevrstring: libsoup-2.62.3-7.rv30 CVE-ID: CVE-2024-52530 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An HTTP request smuggling vulnerability in GNOME libsoup allows an attacker to trick the server by injecting the '\0' character into request...

8.4CVSS8.5AI score0.00933EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/03/08 9:17 p.m.•9 views

Advisory ROSA-SA-2025-2760

Software: doxygen 1.8.5 OS: rosa-server79 packageevrstring: doxygen-1.8.5-4.0.1.res7 CVE-ID: CVE-2020-11022 BDU-ID: 2020-05190 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the jQuery library is associated with a failure to take measures to protect the structure of a web page. Exploitation of th...

6.9CVSS8.1AI score0.99019EPSS
Exploits11
Rosalinux
Rosalinux
•added 2025/03/01 9:41 p.m.•9 views

Advisory ROSA-SA-2025-2752

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 packageevrstring: opensc-0.20.0-8.rv3 CVE-ID: CVE-2023-2977 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in OpenSC causes a buffer overflow in the pkcs15 cardoshaveverifyrcpackage function, allowing an attacker to cause a processing...

7.1CVSS7.4AI score0.01174EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/03/01 9:32 p.m.•9 views

Advisory ROSA-SA-2025-2738

Software: libndp 1.7 OS: ROSA Virtualization 3.0 packageevrstring: libndp-1.7-7.rv30 CVE-ID: CVE-2024-5564 BDU-ID: 2024-04337 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could...

8.1CVSS6.8AI score0.01165EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/03/01 9:21 p.m.•9 views

Advisory ROSA-SA-2025-2725

Software: libtiff 4.0.9 OS: ROSA Virtualization 3.0 packageevrstring: libtiff-4.0.9-33.rv30 CVE-ID: CVE-2018-15209 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in LibTIFF allows remote attackers to cause a denial of service or execute arbitrary code via a specially crafted TIFF file...

8.8CVSS7.2AI score0.03969EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/02/15 10:9 p.m.•9 views

Advisory ROSA-SA-2025-2680

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 packageevrstring: curl-7.61.1-33.0.2 CVE-ID: CVE-2023-27533 BDU-ID: 2023-02107 CVE-Crit: LOW CVE-DESC.: A vulnerability in the curl program line utility is related to communication using the TELNET protocol, which could allow an attacker to pass a...

9.8CVSS6.9AI score0.01993EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 7:13 p.m.•9 views

Advisory ROSA-SA-2025-2646

software: python2 2.7.18 WASP: ROSA-CHROME packageevrstring: python2-2.7.18-7 CVE-ID: CVE-2022-0391 BDU-ID: 2022-02302 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the urllib.parse module of the Python programming language interpreter is related to the non-neutralization of CRLF sequences...

9.8CVSS8.1AI score0.35717EPSS
Exploits14
Rosalinux
Rosalinux
•added 2025/01/28 11:6 a.m.•9 views

Advisory ROSA-SA-2025-2605

software: libuv 1.44.2 OS: ROSA-CHROME packageevrstring: libuv-1.44.2-2 CVE-ID: CVE-2024-24806 BDU-ID: 2024-02979 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of the libuv asynchronous I/O library is related to insufficient...

7.3CVSS6.9AI score0.02003EPSS
Exploits1
Total number of security vulnerabilities1374