1374 matches found
Advisory ROSA-SA-2026-3218
software: sssd 2.9.7 OS: ROSA-CHROME unaffected versions = sssd-2.9.7-1 affected versions sssd-2.9.7-1 CVE-ID: CVE-2023-3758 BDU-ID: 2024-04108 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remote directory access control service and SSSD authentication mechanism is associated with a race...
Advisory ROSA-SA-2026-3213
Software: libmicrohttpd 0.9.77 OS: ROSA-CHROME unaffected versions = libmicrohttpd-0.9.77-1 affected versions libmicrohttpd-0.9.77-1 CVE-ID: CVE-2025-59777 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dereferencing the NULL pointer in GNU libmicrohttpd allows a remote attacker to cause a denial of...
Advisory ROSA-SA-2026-3209
software: hostapd 2.11 WASP: ROSA-CHROME unaffected versions = hostapd-2.11-2 affected versions hostapd-2.11-2 CVE-ID: CVE-2025-24912 BDU-ID: None CVE-Crit: LOW CVE-DESC.: RADIUS packet handling vulnerability in hostapd: hostapd incorrectly handles specially crafted RADIUS packets. When...
Advisory ROSA-SA-2026-3207
software: libxslt 1.1.43 OS: ROSA-CHROME unaffected versions = libxslt-1.1.43-1 affected versions libxslt-1.1.43-1 CVE-ID: CVE-2024-55549 BDU-ID: 2025-03641 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xsltGetInheritedNsList function of the libxslt library is related to memory usage after it...
Advisory ROSA-SA-2026-3198
Software: perl 5.26.3 OS: ROSA Virtualization 2.1 unaffected versions = perl-5.26.3-423.rv3 affected versions perl-5.26.3-423.rv3 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an unreliab...
Advisory ROSA-SA-2026-3185
Software: unbound 1.16.2 OS: ROSA Virtualization 3.0 unaffected versions = unbound-1.16.2-5.9.rv30 affected versions unbound-1.16.2-5.9.rv30 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliabl...
Advisory ROSA-SA-2026-3178
Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 unaffected versions = opensc-0.20.0-8.0.1.rv30 affected versions opensc-0.20.0-8.0.1.rv30 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...
Advisory ROSA-SA-2026-3180
Software: perl 5.26.3 OS: ROSA Virtualization 3.0 unaffected versions = perl-5.26.3-423.rv30 affected versions perl-5.26.3-423.rv30 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an...
Advisory ROSA-SA-2026-3171
Software: libsoup 2.62.3 OS: ROSA Virtualization 3.0 unaffected versions = libsoup-2.62.3-11.rv30 affected versions libsoup-2.62.3-11.rv30 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow durin...
Advisory ROSA-SA-2026-3174
Software: libtommath 1.2.0 OS: ROSA Virtualization 3.0 unaffected versions = libtommath-1.2.0-1.rv30 affected versions libtommath-1.2.0-1.rv30 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...
Advisory ROSA-SA-2026-3166
Software: vim 8.0.1763 OS: ROSA Virtualization 3.1 unaffected versions = vim-8.0.1763-21.0.1.rv31 affected versions vim-8.0.1763-21.0.1.1.rv31 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...
Advisory ROSA-SA-2026-3165
Software: unbound 1.16.2 OS: ROSA Virtualization 3.1 unaffected versions = unbound-1.16.2-5.9.rv31 affected versions unbound-1.16.2-5.9.rv31 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliabl...
Advisory ROSA-SA-2026-3161
Software: rsync 3.1.3 OS: ROSA Virtualization 3.1 unaffected versions = rsync-3.1.3-23.rv31 affected versions rsync-3.1.3-23.rv31 CVE-ID: CVE-2025-4638 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the zlib library embedded in PointCloudLibrary PCL allows attackers to cause...
Advisory ROSA-SA-2026-3155
Software: lz4 1.8.3 OS: ROSA Virtualization 3.1 unaffected versions = lz4-1.8.3-5.rv31 affected versions lz4-1.8.3-5.rv31 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer...
Advisory ROSA-SA-2026-3152
Software: libssh 0.9.6 OS: ROSA Virtualization 3.1 unaffected versions = libssh-0.9.6-16.rv31 affected versions libssh-0.9.6-16.rv31 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside ...
Advisory ROSA-SA-2026-3151
Software: libsoup 2.62.3 OS: ROSA Virtualization 3.1 unaffected versions = libsoup-2.62.3-11.rv31 affected versions libsoup-2.62.3-11.rv31 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow durin...
Advisory ROSA-SA-2026-3147
Software: jackson-databind 2.10.0 OS: ROSA Virtualization 3.1 unaffected versions = jackson-databind-2.10.0-1.0.2.rv31 affected versions jackson-databind-2.10.0-1.0.2.rv31 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...
Advisory ROSA-SA-2026-3131
Software: bind 9.11.36 OS: ROSA Virtualization 2.1 unaffected versions = bind-9.11.36-16.rv3.6 affected versions bind-9.11.36-16.rv3.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...
Advisory ROSA-SA-2026-3133
Software: curl 7.61.1 OS: ROSA Virtualization 2.1 unaffected versions = curl-7.61.1-34.0.2.rv3.9 affected versions curl-7.61.1-34.0.2.rv3.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffer...
Advisory ROSA-SA-2026-3129
software: expat 2.7.3 OS: ROSA-CHROME unaffected versions = expat-2.7.3-1 affected versions expat-2.7.3-1 CVE-ID: CVE-2025-59375 BDU-ID: 2025-12925 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to unrestricted resource allocation. Exploitation of th...
Advisory ROSA-SA-2026-3120
software: qpdfview 0.5 WASP: ROSA-CHROME unaffected versions = qpdfview-0.5-4 affected versions qpdfview-0.5-4 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation of...
Advisory ROSA-SA-2025-3109
Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to ...
Advisory ROSA-SA-2025-3112
Software: cairo 1.15.12 OS: ROSA Virtualization 2.1 packageevrstring: cairo-1.15.12-6.rv3 CVE-ID: CVE-2020-35492 BDU-ID: 2021-03445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the image-compositor.c component of the Cairo vector graphics library is related to a data stack buffer overflow...
Advisory ROSA-SA-2025-3099
Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...
Advisory ROSA-SA-2025-3100
Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...
Advisory ROSA-SA-2025-3095
Software: gnutls 3.6.16 OS: ROSA Virtualization 2.1 packageevrstring: gnutls-3.6.16-8.0.1.rv3.1 CVE-ID: CVE-2023-5981 BDU-ID: 2024-01500 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GnuTLS transport layer security library is related to information disclosure via a mismatch. Exploitation of...
Advisory ROSA-SA-2025-3097
Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-18.rv3.2 CVE-ID: CVE-2023-39615 BDU-ID: 2023-05968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlsax2startelement function of the libxml2 library is caused by a buffer overflow. Exploitation of the...
Advisory ROSA-SA-2025-3090
Software: python-setuptools 0.9.8 OS: rosa-server79 unaffected versions = python-setuptools-0.9.8-7.0.3.res7 affected versions python-setuptools-0.9.8-7.0.3.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging simplification...
Advisory ROSA-SA-2025-3092
Software: squid 3.5.20 OS: rosa-server79 unaffected versions = squid-3.5.20-17.0.9.res7.13 affected versions squid-3.5.20-17.0.9.res7.13 CVE-ID: CVE-2025-54574 BDU-ID: 2025-09345 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Squid proxy server is related to a buffer overflow in dynamic...
Advisory ROSA-SA-2025-3089
Software: pam 1.1.8 OS: rosa-server79 unaffected versions = pam-1.1.8-23.0.3.res7 affected versions pam-1.1.8-23.0.3.res7 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...
Advisory ROSA-SA-2025-3087
Software: git 1.8.3.1 OS: rosa-server79 unaffected versions = git-1.8.3.1-25.0.1.res7 affected versions git-1.8.3.1-25.0.1.1.res7 CVE-ID: CVE-2025-48384 BDU-ID: 2025-08691 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system of the Microsoft Visual Studio softwa...
Advisory ROSA-SA-2025-3080
Software: aide 0.15.1 OS: rosa-server79 unaffected versions = aide-0.15.1-13.0.3.res7.1 affected versions aide-0.15.1-13.0.3.res7.1 CVE-ID: CVE-2025-54389 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in AIDE before version 0.19.2: Special characters in filenames and symbolic links are...
Advisory ROSA-SA-2025-3086
Software: gdk-pixbuf2 2.36.12 OS: rosa-server79 unaffected versions = gdk-pixbuf2-2.36.12-3.0.1.res7 affected versions gdk-pixbuf2-2.36.12-3.0.1.res7 CVE-ID: CVE-2025-7345 BDU-ID: 2025-11747 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdkpixbufjpegimageloadincrement function of the...
Advisory ROSA-SA-2025-3081
Software: cups 1.6.3 OS: rosa-server79 unaffected versions = cups-1.6.3-52.0.1.res7 affected versions cups-1.6.3-52.0.1.res7 CVE-ID: CVE-2025-58060 BDU-ID: 2025-11019 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CUPS Common UNIX Printing System is related to flaws in the authentication...
Advisory ROSA-SA-2025-3079
Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 CVE-ID: CVE-2019-16905 BDU-ID: 2021-03382 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the OpenSSH cryptographic security tool is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to...
Advisory ROSA-SA-2025-3075
Software: libssh 0.9.6 OS: ROSA Virtualization 2.1 unaffected versions = libssh-0.9.6-15.rv3 affected versions libssh-0.9.6-15.rv3 CVE-ID: CVE-2025-5318 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside of buffer...
Advisory ROSA-SA-2025-3062
Software: gdk-pixbuf2 2.36.12 OS: ROSA Virtualization 2.1 unaffected versions = gdk-pixbuf2-2.36.12-7.0.1.1.rv3 affected versions gdk-pixbuf2-2.36.12-7.0.1.rv3 CVE-ID: CVE-2025-7345 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdkpixbufjpegimageloadincrement function of the...
Advisory ROSA-SA-2025-3061
Software: emacs 26.1 OS: ROSA Virtualization 2.1 unaffected versions = emacs-26.1-15.rv3 affected versions emacs-26.1-15.rv3 CVE-ID: CVE-2024-53920 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the elisp-completion-at-point and elisp-flymake-byte-compile function of the ELisp mode of...
Advisory ROSA-SA-2025-3054
Software: libxml2 2.9.7 OS: ROSA Virtualization 3.1 unaffected versions = libxml2-2.9.7-21.0.1.rv31.3 affected versions libxml2-2.9.7-21.0.1.1.rv31.3 CVE-ID: CVE-2025-6021 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...
Advisory ROSA-SA-2025-3045
Software: bzip2 1.0.6 OS: ROSA Virtualization 3.1 unaffected versions = bzip2-1.0.6-28.rv31 affected versions bzip2-1.0.6-28.rv31 CVE-ID: CVE-2019-12900 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BZ2decompress decompress.c function of the bzip2 data compression utility is related to...
Advisory ROSA-SA-2025-3032
software: vim 9.1.1768 WASP: ROSA-CHROME unaffected versions = vim-9.1.1768-1 affected versions vim-9.1.1768-1 CVE-ID: CVE-2024-47814 BDU-ID: 2024-08644 CVE-Crit: LOW CVE-DESC.: A vulnerability in the BufWinLeave function of the vim text editor is related to memory usage after memory is freed...
Advisory ROSA-SA-2025-3029
software: redis 7.2.10 OS: ROSA-CHROME unaffected versions = redis-7.2.10-1 affected versions redis-7.2.10-1 CVE-ID: CVE-2024-31227 BDU-ID: 2024-09249 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability exists in the Redis database management system due to insufficient input validation. Exploitation of t...
Advisory ROSA-SA-2025-3022
Software: libarchive 3.6.2 OS: ROSA-CHROME unaffected versions = libarchive-3.6.2-8 affected versions libarchive-3.6.2-8 CVE-ID: CVE-2025-5915 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in libarchive allows a buffer overflow to occur on the heap during filter processing, which could...
Advisory ROSA-SA-2025-3021
software: cjson 1.7.19 AXIS: ROSA-CHROME unaffected versions = cjson-1.7.19-1 affected versions cjson-1.7.19-1 CVE-ID: CVE-2025-57052 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Vulnerability in cJSON 1.5.0-1.7.18: allows a remote attacker to perform array escaping via decodearrayindexfrompointer...
Advisory ROSA-SA-2025-3018
software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-2 affected versions libssh-0.9.8-2 CVE-ID: CVE-2025-5372 BDU-ID: 2025-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libssh library's sshkdf function is related to incorrect code generation control. Exploitation o...
Advisory ROSA-SA-2025-3005
software: gimp 2.10.36 WASP: ROSA-CHROME unaffected versions = gimp-2.10.36-4 affected versions gimp-2.10.36-4 CVE-ID: CVE-2025-5473 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An integer overflow vulnerability in GIMP parsing ICO files allows remote attackers to execute arbitrary code. User interacti...
Advisory ROSA-SA-2025-3004
software: flatpak 1.14.10 WASP: ROSA-CHROME unaffected versions = flatpak-1.14.10-1 affected versions flatpak-1.14.10-1 CVE-ID: CVE-2024-32462 BDU-ID: 2024-03113 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management too...
Advisory ROSA-SA-2025-2994
software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-13 affected versions tomcat-9.0.37-13 CVE-ID: CVE-2025-52520 BDU-ID: 2025-08953 CVE-Crit: MEDIUM CVE-DESC.: Apache Tomcat application server vulnerability is related to integer overflow. Exploitation of the vulnerabilit...
Advisory ROSA-SA-2025-2991
software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-7 affected versions ghostscript-9.56.1-7 CVE-ID: CVE-2025-48708 BDU-ID: 2025-06028 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the gslibctxctxstashsanitizedarg function of the base/gslibctx.c file of the...
Advisory ROSA-SA-2025-2990
software: assimp 5.0.1 OS: ROSA-CHROME unaffected versions = assimp-5.0.1.1-7 affected versions assimp-5.0.1.1-7 CVE-ID: CVE-2025-3548 BDU-ID: 2025-07019 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the File Handler component of the cross-platform 3D model import library Assimp Open Asset Impor...