Lucene search
+L
RosalinuxMost viewed

1374 matches found

rosalinux
rosalinux
•added 2026/03/22 6:32 p.m.•8 views

Advisory ROSA-SA-2026-3218

software: sssd 2.9.7 OS: ROSA-CHROME unaffected versions = sssd-2.9.7-1 affected versions sssd-2.9.7-1 CVE-ID: CVE-2023-3758 BDU-ID: 2024-04108 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remote directory access control service and SSSD authentication mechanism is associated with a race...

7.1CVSS7AI score0.01033EPSS
Exploits1
rosalinux
rosalinux
•added 2026/03/15 6:18 p.m.•8 views

Advisory ROSA-SA-2026-3213

Software: libmicrohttpd 0.9.77 OS: ROSA-CHROME unaffected versions = libmicrohttpd-0.9.77-1 affected versions libmicrohttpd-0.9.77-1 CVE-ID: CVE-2025-59777 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dereferencing the NULL pointer in GNU libmicrohttpd allows a remote attacker to cause a denial of...

8.7CVSS7.1AI score0.00422EPSS
Exploits0
rosalinux
rosalinux
•added 2026/03/15 6:8 p.m.•8 views

Advisory ROSA-SA-2026-3209

software: hostapd 2.11 WASP: ROSA-CHROME unaffected versions = hostapd-2.11-2 affected versions hostapd-2.11-2 CVE-ID: CVE-2025-24912 BDU-ID: None CVE-Crit: LOW CVE-DESC.: RADIUS packet handling vulnerability in hostapd: hostapd incorrectly handles specially crafted RADIUS packets. When...

3.7CVSS5.7AI score0.00716EPSS
Exploits0
rosalinux
rosalinux
•added 2026/03/15 5:58 p.m.•8 views

Advisory ROSA-SA-2026-3207

software: libxslt 1.1.43 OS: ROSA-CHROME unaffected versions = libxslt-1.1.43-1 affected versions libxslt-1.1.43-1 CVE-ID: CVE-2024-55549 BDU-ID: 2025-03641 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xsltGetInheritedNsList function of the libxslt library is related to memory usage after it...

7.8CVSS6.7AI score0.00324EPSS
Exploits3
rosalinux
rosalinux
•added 2026/02/16 12:24 p.m.•8 views

Advisory ROSA-SA-2026-3198

Software: perl 5.26.3 OS: ROSA Virtualization 2.1 unaffected versions = perl-5.26.3-423.rv3 affected versions perl-5.26.3-423.rv3 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an unreliab...

5.9CVSS7.3AI score0.0037EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 10:56 a.m.•8 views

Advisory ROSA-SA-2026-3185

Software: unbound 1.16.2 OS: ROSA Virtualization 3.0 unaffected versions = unbound-1.16.2-5.9.rv30 affected versions unbound-1.16.2-5.9.rv30 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliabl...

8.7CVSS6.5AI score0.00188EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 10:56 a.m.•8 views

Advisory ROSA-SA-2026-3178

Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 unaffected versions = opensc-0.20.0-8.0.1.rv30 affected versions opensc-0.20.0-8.0.1.rv30 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02805EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 10:56 a.m.•8 views

Advisory ROSA-SA-2026-3180

Software: perl 5.26.3 OS: ROSA Virtualization 3.0 unaffected versions = perl-5.26.3-423.rv30 affected versions perl-5.26.3-423.rv30 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an...

5.9CVSS7.3AI score0.0037EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 10:56 a.m.•8 views

Advisory ROSA-SA-2026-3171

Software: libsoup 2.62.3 OS: ROSA Virtualization 3.0 unaffected versions = libsoup-2.62.3-11.rv30 affected versions libsoup-2.62.3-11.rv30 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow durin...

8.2CVSS6.8AI score0.00594EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 10:56 a.m.•8 views

Advisory ROSA-SA-2026-3174

Software: libtommath 1.2.0 OS: ROSA Virtualization 3.0 unaffected versions = libtommath-1.2.0-1.rv30 affected versions libtommath-1.2.0-1.rv30 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...

9.8CVSS8.6AI score0.01254EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3166

Software: vim 8.0.1763 OS: ROSA Virtualization 3.1 unaffected versions = vim-8.0.1763-21.0.1.rv31 affected versions vim-8.0.1763-21.0.1.1.rv31 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...

4.1CVSS6.6AI score0.00731EPSS
Exploits2
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3165

Software: unbound 1.16.2 OS: ROSA Virtualization 3.1 unaffected versions = unbound-1.16.2-5.9.rv31 affected versions unbound-1.16.2-5.9.rv31 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliabl...

8.7CVSS6.4AI score0.00188EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3161

Software: rsync 3.1.3 OS: ROSA Virtualization 3.1 unaffected versions = rsync-3.1.3-23.rv31 affected versions rsync-3.1.3-23.rv31 CVE-ID: CVE-2025-4638 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the zlib library embedded in PointCloudLibrary PCL allows attackers to cause...

9.8CVSS7.8AI score0.16004EPSS
Exploits5
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3155

Software: lz4 1.8.3 OS: ROSA Virtualization 3.1 unaffected versions = lz4-1.8.3-5.rv31 affected versions lz4-1.8.3-5.rv31 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer...

9.8CVSS7.2AI score0.09116EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3152

Software: libssh 0.9.6 OS: ROSA Virtualization 3.1 unaffected versions = libssh-0.9.6-16.rv31 affected versions libssh-0.9.6-16.rv31 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside ...

8.8CVSS7.7AI score0.93305EPSS
Exploits6
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3151

Software: libsoup 2.62.3 OS: ROSA Virtualization 3.1 unaffected versions = libsoup-2.62.3-11.rv31 affected versions libsoup-2.62.3-11.rv31 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow durin...

9CVSS7.5AI score0.00933EPSS
Exploits3
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•8 views

Advisory ROSA-SA-2026-3147

Software: jackson-databind 2.10.0 OS: ROSA Virtualization 3.1 unaffected versions = jackson-databind-2.10.0-1.0.2.rv31 affected versions jackson-databind-2.10.0-1.0.2.rv31 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...

7.5CVSS6.5AI score0.17611EPSS
Exploits5
rosalinux
rosalinux
•added 2026/02/16 7:7 a.m.•8 views

Advisory ROSA-SA-2026-3131

Software: bind 9.11.36 OS: ROSA Virtualization 2.1 unaffected versions = bind-9.11.36-16.rv3.6 affected versions bind-9.11.36-16.rv3.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...

8.6CVSS6.4AI score0.00509EPSS
Exploits1
rosalinux
rosalinux
•added 2026/02/16 7:7 a.m.•8 views

Advisory ROSA-SA-2026-3133

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 unaffected versions = curl-7.61.1-34.0.2.rv3.9 affected versions curl-7.61.1-34.0.2.rv3.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffer...

7.5CVSS5.8AI score0.01301EPSS
Exploits1
rosalinux
rosalinux
•added 2026/01/26 1:19 p.m.•8 views

Advisory ROSA-SA-2026-3129

software: expat 2.7.3 OS: ROSA-CHROME unaffected versions = expat-2.7.3-1 affected versions expat-2.7.3-1 CVE-ID: CVE-2025-59375 BDU-ID: 2025-12925 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to unrestricted resource allocation. Exploitation of th...

7.5CVSS5.8AI score0.01279EPSS
Exploits1
rosalinux
rosalinux
•added 2026/01/26 12:16 p.m.•8 views

Advisory ROSA-SA-2026-3120

software: qpdfview 0.5 WASP: ROSA-CHROME unaffected versions = qpdfview-0.5-4 affected versions qpdfview-0.5-4 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation of...

6.5CVSS5.8AI score0.00384EPSS
Exploits1
rosalinux
rosalinux
•added 2025/12/02 1:21 p.m.•8 views

Advisory ROSA-SA-2025-3109

Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to ...

9.8CVSS7.1AI score0.49285EPSS
Exploits2
rosalinux
rosalinux
•added 2025/12/02 1:21 p.m.•8 views

Advisory ROSA-SA-2025-3112

Software: cairo 1.15.12 OS: ROSA Virtualization 2.1 packageevrstring: cairo-1.15.12-6.rv3 CVE-ID: CVE-2020-35492 BDU-ID: 2021-03445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the image-compositor.c component of the Cairo vector graphics library is related to a data stack buffer overflow...

7.8CVSS7.4AI score0.01112EPSS
Exploits0
rosalinux
rosalinux
•added 2025/12/02 1:20 p.m.•8 views

Advisory ROSA-SA-2025-3099

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...

5.9CVSS7.7AI score0.05533EPSS
Exploits0
rosalinux
rosalinux
•added 2025/12/02 1:20 p.m.•8 views

Advisory ROSA-SA-2025-3100

Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

3.3CVSS7.5AI score0.00228EPSS
Exploits0
rosalinux
rosalinux
•added 2025/12/02 1:20 p.m.•8 views

Advisory ROSA-SA-2025-3095

Software: gnutls 3.6.16 OS: ROSA Virtualization 2.1 packageevrstring: gnutls-3.6.16-8.0.1.rv3.1 CVE-ID: CVE-2023-5981 BDU-ID: 2024-01500 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GnuTLS transport layer security library is related to information disclosure via a mismatch. Exploitation of...

7.5CVSS8.7AI score0.01614EPSS
Exploits1
rosalinux
rosalinux
•added 2025/12/02 1:20 p.m.•8 views

Advisory ROSA-SA-2025-3097

Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-18.rv3.2 CVE-ID: CVE-2023-39615 BDU-ID: 2023-05968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlsax2startelement function of the libxml2 library is caused by a buffer overflow. Exploitation of the...

8.1CVSS8.9AI score0.01364EPSS
Exploits4
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3090

Software: python-setuptools 0.9.8 OS: rosa-server79 unaffected versions = python-setuptools-0.9.8-7.0.3.res7 affected versions python-setuptools-0.9.8-7.0.3.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging simplification...

8.8CVSS8.6AI score0.01479EPSS
Exploits4
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3092

Software: squid 3.5.20 OS: rosa-server79 unaffected versions = squid-3.5.20-17.0.9.res7.13 affected versions squid-3.5.20-17.0.9.res7.13 CVE-ID: CVE-2025-54574 BDU-ID: 2025-09345 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Squid proxy server is related to a buffer overflow in dynamic...

10CVSS8.2AI score0.62871EPSS
Exploits2
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3089

Software: pam 1.1.8 OS: rosa-server79 unaffected versions = pam-1.1.8-23.0.3.res7 affected versions pam-1.1.8-23.0.3.res7 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...

7.8CVSS8.9AI score0.00399EPSS
Exploits0
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3087

Software: git 1.8.3.1 OS: rosa-server79 unaffected versions = git-1.8.3.1-25.0.1.res7 affected versions git-1.8.3.1-25.0.1.1.res7 CVE-ID: CVE-2025-48384 BDU-ID: 2025-08691 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system of the Microsoft Visual Studio softwa...

8CVSS7.4AI score0.02775EPSS
Exploits9
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3080

Software: aide 0.15.1 OS: rosa-server79 unaffected versions = aide-0.15.1-13.0.3.res7.1 affected versions aide-0.15.1-13.0.3.res7.1 CVE-ID: CVE-2025-54389 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in AIDE before version 0.19.2: Special characters in filenames and symbolic links are...

6.2CVSS6.7AI score0.00225EPSS
Exploits1
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3086

Software: gdk-pixbuf2 2.36.12 OS: rosa-server79 unaffected versions = gdk-pixbuf2-2.36.12-3.0.1.res7 affected versions gdk-pixbuf2-2.36.12-3.0.1.res7 CVE-ID: CVE-2025-7345 BDU-ID: 2025-11747 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdkpixbufjpegimageloadincrement function of the...

7.5CVSS8AI score0.01051EPSS
Exploits0
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•8 views

Advisory ROSA-SA-2025-3081

Software: cups 1.6.3 OS: rosa-server79 unaffected versions = cups-1.6.3-52.0.1.res7 affected versions cups-1.6.3-52.0.1.res7 CVE-ID: CVE-2025-58060 BDU-ID: 2025-11019 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CUPS Common UNIX Printing System is related to flaws in the authentication...

8CVSS8.8AI score0.00964EPSS
Exploits1
rosalinux
rosalinux
•added 2025/11/10 12:23 p.m.•8 views

Advisory ROSA-SA-2025-3079

Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 CVE-ID: CVE-2019-16905 BDU-ID: 2021-03382 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the OpenSSH cryptographic security tool is caused by an integer overflow. Exploitation of the vulnerability could allow an attacker to...

7.8CVSS7.7AI score0.05326EPSS
Exploits3
rosalinux
rosalinux
•added 2025/11/10 6:22 a.m.•8 views

Advisory ROSA-SA-2025-3075

Software: libssh 0.9.6 OS: ROSA Virtualization 2.1 unaffected versions = libssh-0.9.6-15.rv3 affected versions libssh-0.9.6-15.rv3 CVE-ID: CVE-2025-5318 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside of buffer...

8.1CVSS7.3AI score0.02449EPSS
Exploits0
rosalinux
rosalinux
•added 2025/11/10 6:20 a.m.•8 views

Advisory ROSA-SA-2025-3062

Software: gdk-pixbuf2 2.36.12 OS: ROSA Virtualization 2.1 unaffected versions = gdk-pixbuf2-2.36.12-7.0.1.1.rv3 affected versions gdk-pixbuf2-2.36.12-7.0.1.rv3 CVE-ID: CVE-2025-7345 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdkpixbufjpegimageloadincrement function of the...

7.5CVSS8AI score0.01051EPSS
Exploits0
rosalinux
rosalinux
•added 2025/11/10 6:20 a.m.•8 views

Advisory ROSA-SA-2025-3061

Software: emacs 26.1 OS: ROSA Virtualization 2.1 unaffected versions = emacs-26.1-15.rv3 affected versions emacs-26.1-15.rv3 CVE-ID: CVE-2024-53920 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the elisp-completion-at-point and elisp-flymake-byte-compile function of the ELisp mode of...

7.8CVSS9.4AI score0.00526EPSS
Exploits0
rosalinux
rosalinux
•added 2025/11/10 6:14 a.m.•8 views

Advisory ROSA-SA-2025-3054

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.1 unaffected versions = libxml2-2.9.7-21.0.1.rv31.3 affected versions libxml2-2.9.7-21.0.1.1.rv31.3 CVE-ID: CVE-2025-6021 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...

9.1CVSS7.8AI score0.01437EPSS
Exploits2
rosalinux
rosalinux
•added 2025/11/09 1:37 p.m.•8 views

Advisory ROSA-SA-2025-3045

Software: bzip2 1.0.6 OS: ROSA Virtualization 3.1 unaffected versions = bzip2-1.0.6-28.rv31 affected versions bzip2-1.0.6-28.rv31 CVE-ID: CVE-2019-12900 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BZ2decompress decompress.c function of the bzip2 data compression utility is related to...

9.8CVSS8AI score0.0812EPSS
Exploits0
rosalinux
rosalinux
•added 2025/10/14 2:33 p.m.•8 views

Advisory ROSA-SA-2025-3032

software: vim 9.1.1768 WASP: ROSA-CHROME unaffected versions = vim-9.1.1768-1 affected versions vim-9.1.1768-1 CVE-ID: CVE-2024-47814 BDU-ID: 2024-08644 CVE-Crit: LOW CVE-DESC.: A vulnerability in the BufWinLeave function of the vim text editor is related to memory usage after memory is freed...

4.7CVSS7.5AI score0.00292EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/29 2:44 p.m.•8 views

Advisory ROSA-SA-2025-3029

software: redis 7.2.10 OS: ROSA-CHROME unaffected versions = redis-7.2.10-1 affected versions redis-7.2.10-1 CVE-ID: CVE-2024-31227 BDU-ID: 2024-09249 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability exists in the Redis database management system due to insufficient input validation. Exploitation of t...

9.8CVSS8.3AI score0.07934EPSS
Exploits7
rosalinux
rosalinux
•added 2025/09/29 2:17 p.m.•8 views

Advisory ROSA-SA-2025-3022

Software: libarchive 3.6.2 OS: ROSA-CHROME unaffected versions = libarchive-3.6.2-8 affected versions libarchive-3.6.2-8 CVE-ID: CVE-2025-5915 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in libarchive allows a buffer overflow to occur on the heap during filter processing, which could...

6.6CVSS7.9AI score0.00341EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/29 2:3 p.m.•8 views

Advisory ROSA-SA-2025-3021

software: cjson 1.7.19 AXIS: ROSA-CHROME unaffected versions = cjson-1.7.19-1 affected versions cjson-1.7.19-1 CVE-ID: CVE-2025-57052 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Vulnerability in cJSON 1.5.0-1.7.18: allows a remote attacker to perform array escaping via decodearrayindexfrompointer...

9.8CVSS7AI score0.00693EPSS
Exploits1
rosalinux
rosalinux
•added 2025/09/29 1:42 p.m.•8 views

Advisory ROSA-SA-2025-3018

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-2 affected versions libssh-0.9.8-2 CVE-ID: CVE-2025-5372 BDU-ID: 2025-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libssh library's sshkdf function is related to incorrect code generation control. Exploitation o...

8.8CVSS7.3AI score0.00407EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/11 10:25 a.m.•8 views

Advisory ROSA-SA-2025-3005

software: gimp 2.10.36 WASP: ROSA-CHROME unaffected versions = gimp-2.10.36-4 affected versions gimp-2.10.36-4 CVE-ID: CVE-2025-5473 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: An integer overflow vulnerability in GIMP parsing ICO files allows remote attackers to execute arbitrary code. User interacti...

8.8CVSS7.8AI score0.11066EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/11 10:24 a.m.•8 views

Advisory ROSA-SA-2025-3004

software: flatpak 1.14.10 WASP: ROSA-CHROME unaffected versions = flatpak-1.14.10-1 affected versions flatpak-1.14.10-1 CVE-ID: CVE-2024-32462 BDU-ID: 2024-03113 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xdg-desktop-portal interface of the Flatpak application and environment management too...

8.4CVSS8.4AI score0.00512EPSS
Exploits1
rosalinux
rosalinux
•added 2025/09/11 10:2 a.m.•8 views

Advisory ROSA-SA-2025-2994

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-13 affected versions tomcat-9.0.37-13 CVE-ID: CVE-2025-52520 BDU-ID: 2025-08953 CVE-Crit: MEDIUM CVE-DESC.: Apache Tomcat application server vulnerability is related to integer overflow. Exploitation of the vulnerabilit...

7.5CVSS8AI score0.0196EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/11 9:57 a.m.•8 views

Advisory ROSA-SA-2025-2991

software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-7 affected versions ghostscript-9.56.1-7 CVE-ID: CVE-2025-48708 BDU-ID: 2025-06028 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the gslibctxctxstashsanitizedarg function of the base/gslibctx.c file of the...

4CVSS6.5AI score0.00276EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/11 9:55 a.m.•8 views

Advisory ROSA-SA-2025-2990

software: assimp 5.0.1 OS: ROSA-CHROME unaffected versions = assimp-5.0.1.1-7 affected versions assimp-5.0.1.1-7 CVE-ID: CVE-2025-3548 BDU-ID: 2025-07019 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the File Handler component of the cross-platform 3D model import library Assimp Open Asset Impor...

5.3CVSS7.9AI score0.00243EPSS
Exploits1
Total number of security vulnerabilities1374