Lucene search
+L
RosalinuxMost viewed

1374 matches found

rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•7 views

Advisory ROSA-SA-2025-2922

software: kanboard 1.2.44 AXIS: ROSA-CHROME unaffected versions = kanboard-1.2.44-0.gitc07304.1-rosa2021.1 affected versions kanboard-1.2.44-0.gitc07304.1-rosa2021.1 CVE-ID: CVE-2024-51748 BDU-ID: 2024-10653 CVE-Crit: HIGH CVE-DESC.: A vulnerability in Kanboard project management software is...

9.1CVSS9.3AI score0.0091EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•7 views

Advisory ROSA-SA-2025-2926

software: yelp 42.2 WASP: ROSA-CHROME unaffected versions = yelp-42.2-2 affected versions yelp-42.2-2 CVE-ID: CVE-2025-3155 BDU-ID: 2025-03944 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Yelp help system is related to the inclusion of features from an invalid controlled scope when processing...

7.4CVSS7.7AI score0.12592EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•7 views

Advisory ROSA-SA-2025-2923

software: util-linux 2.37.4 OS: ROSA-CHROME unaffected versions = util-linux-2.37.4-3 affected versions util-linux-2.37.4-3 CVE-ID: CVE-2024-28085 BDU-ID: 2024-02517 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the util-linux package of the Linux operating system is related to incorrect privile...

3.3CVSS6AI score0.02242EPSS
Exploits3
rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•7 views

Advisory ROSA-SA-2025-2925

software: yelp-xsl 42.1 WASP: ROSA-CHROME unaffected versions = yelp-xsl-42.1-1 affected versions yelp-xsl-42.1-1 CVE-ID: CVE-2025-3155 BDU-ID: 2025-03944 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Yelp help system is related to the inclusion of features from an invalid controlled scope whe...

7.4CVSS7.7AI score0.12592EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/03 9:7 p.m.•7 views

Advisory ROSA-SA-2025-2919

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-7 affected versions libxml2-2.9.14-7 CVE-ID: CVE-2025-27113 BDU-ID: 2025-03138 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlPatMatch function in the pattern.c file of the libxml2 library is related to null pointe...

7.5CVSS8AI score0.01009EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/03 9:5 p.m.•7 views

Advisory ROSA-SA-2025-2918

software: kernel-5.15 generic WASP: ROSA-CHROME unaffected versions = kernel-5.15-generic-5.15.178-1 affected versions kernel-5.15-generic-5.15.178-1 CVE-ID: CVE-2024-27397 BDU-ID: 2025-00432 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the nftables netfilter component of the Linux operating...

7CVSS7.3AI score0.00257EPSS
Exploits0
rosalinux
rosalinux
•added 2025/08/03 8:55 p.m.•7 views

Advisory ROSA-SA-2025-2914

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-7 affected versions tomcat-9.0.37-7 CVE-ID: CVE-2024-38286 BDU-ID: 2024-07738 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache Tomcat application server TLS protocol implementation is associated with uncontrolled...

8.6CVSS9.1AI score0.01702EPSS
Exploits0
rosalinux
rosalinux
•added 2025/08/03 8:52 p.m.•7 views

Advisory ROSA-SA-2025-2912

software: mosquitto 2.0.20 WASP: ROSA-CHROME unaffected versions = mosquitto-2.0.20-1 affected versions mosquitto-2.0.20-1 CVE-ID: CVE-2024-3935 BDU-ID: 2024-09880 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Eclipse Mosquitto message broker is related to memory re-release. Exploitation of th...

6.5CVSS6.9AI score0.00761EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/03 8:43 p.m.•7 views

Advisory ROSA-SA-2025-2910

software: postgresql 12.22 WASP: ROSA-CHROME unaffected versions = postgresql-12.22-1 affected versions postgresql-12.22-1 CVE-ID: CVE-2023-2455 BDU-ID: 2023-03024 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Schema Handler component of the PostgreSQL database management system is related to...

8.8CVSS7.8AI score0.04422EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/03 8:39 p.m.•7 views

Advisory ROSA-SA-2025-2909

software: freeradius 3.0.27 OS: ROSA-CHROME unaffected versions = freeradius-3.0.27-1 affected versions freeradius-3.0.27-1 CVE-ID: CVE-2024-3596 BDU-ID: 2024-05180 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RADIUS authentication protocol implementation involves bypassing the authenticati...

9CVSS9AI score0.14859EPSS
Exploits2
rosalinux
rosalinux
•added 2025/07/08 1:25 p.m.•7 views

Advisory ROSA-SA-2025-2906

Software: sudo 1.8.29 OS: ROSA Virtualization 2.1 packageevrstring: sudo-1.8.29-8.rv3.1 CVE-ID: CVE-2025-32463 BDU-ID: 2025-07765 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sudo system administration program is related to the inclusion of functions from an invalid controlled area when using...

9.3CVSS9.8AI score0.47467EPSS
Exploits70
rosalinux
rosalinux
•added 2025/07/08 1:21 p.m.•7 views

Advisory ROSA-SA-2025-2905

Software: sudo 1.8.23 OS: rosa-server79 packageevrstring: sudo-1.8.23-11.0.1.res7.3 CVE-ID: CVE-2025-32463 BDU-ID: 2025-07765 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sudo system administration program is related to the inclusion of functions from an invalid controlled area when using the...

9.3CVSS9.8AI score0.47467EPSS
Exploits70
rosalinux
rosalinux
•added 2025/06/23 7:13 a.m.•7 views

Advisory ROSA-SA-2025-2894

Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87.0.3.res7.14 CVE-ID: CVE-2022-2601 BDU-ID: 2022-06819 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the grubfontconstructglyph function of the Grub2 operating systems boot loader is related to an operation exceeding buffer...

8.6CVSS7.9AI score0.00514EPSS
Exploits0
rosalinux
rosalinux
•added 2025/06/09 8:56 a.m.•7 views

Advisory ROSA-SA-2025-2890

Software: libjpeg-turbo 1.5.3 OS: ROSA Virtualization 3.0 packageevrstring: libjpeg-turbo-1.5.3-14.rv30 CVE-ID: CVE-2020-13790 BDU-ID: 2021-01352 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the startinputppm function from rdppm.c of the libjpeg-turbo image manipulation library is related to...

8.1CVSS8.5AI score0.03205EPSS
Exploits1
rosalinux
rosalinux
•added 2025/06/09 8:56 a.m.•7 views

Advisory ROSA-SA-2025-2887

Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 packageevrstring: ghostscript-9.27-16.0.1.rv30 CVE-ID: CVE-2020-27792 BDU-ID: 2023-09076 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the lp8000printpage function of the gdevlp8k.c component of the Ghostscript document processing software...

8.4CVSS7.4AI score0.0153EPSS
Exploits0
rosalinux
rosalinux
•added 2025/06/09 8:53 a.m.•7 views

Advisory ROSA-SA-2025-2883

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-34.rv3 CVE-ID: CVE-2017-17095 BDU-ID: 2019-03339 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the LibTIFF library is related to a heap-based buffer overflow in TIFFSetupStrips. Exploitation of the vulnerability...

8.8CVSS6.8AI score0.10639EPSS
Exploits1
rosalinux
rosalinux
•added 2025/06/09 8:53 a.m.•7 views

Advisory ROSA-SA-2025-2881

Software: libsoup 2.62.3 OS: ROSA Virtualization 2.1 packageevrstring: libsoup-2.62.3-9.rv3 CVE-ID: CVE-2025-2784 BDU-ID: 2025-05737 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the skipinsightwhitespace function of the GNOME GUI libsoup library is related to reading beyond buffer boundaries in...

9CVSS8AI score0.00847EPSS
Exploits1
rosalinux
rosalinux
•added 2025/06/09 8:53 a.m.•7 views

Advisory ROSA-SA-2025-2878

Software: jose 10 OS: ROSA Virtualization 2.1 packageevrstring: jose-10-2.rv3.3 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource consumption...

7.5CVSS6.4AI score0.02085EPSS
Exploits1
rosalinux
rosalinux
•added 2025/03/08 9:20 p.m.•7 views

Advisory ROSA-SA-2025-2766

Software: rsync 3.1.3 OS: ROSA Virtualization 3.0 packageevrstring: rsync-3.1.3-20.rv30 CVE-ID: CVE-2024-12085 BDU-ID: 2025-00376 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding buffer...

7.5CVSS8.1AI score0.09353EPSS
Exploits2
rosalinux
rosalinux
•added 2025/03/01 9:41 p.m.•7 views

Advisory ROSA-SA-2025-2753

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...

5.9CVSS6AI score0.05533EPSS
Exploits0
rosalinux
rosalinux
•added 2025/03/01 9:32 p.m.•7 views

Advisory ROSA-SA-2025-2742

Software: postgresql 13.16 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-13.16-1.rv30 CVE-ID: CVE-2024-7348 BDU-ID: 2024-06153 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pgdump utility of the PostgreSQL database management system is related to null pointer dereferencing due to...

8.8CVSS9.1AI score0.01565EPSS
Exploits0
rosalinux
rosalinux
•added 2025/03/01 9:21 p.m.•7 views

Advisory ROSA-SA-2025-2723

Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 packageevrstring: ghostscript-9.27-15.0.2.rv30 CVE-ID: CVE-2024-46951 BDU-ID: 2024-09419 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the psi/zcolor.c component of the Ghostscript document processing, conversion, and generation software suite...

7.8CVSS7.6AI score0.00387EPSS
Exploits0
rosalinux
rosalinux
•added 2025/02/24 12:28 p.m.•7 views

Advisory ROSA-SA-2025-2700

Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25681 BDU-ID: 2021-01117 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sortrrset function dnssec.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation of...

8.3CVSS8AI score0.81191EPSS
Exploits0
rosalinux
rosalinux
•added 2025/02/15 10:22 p.m.•7 views

Advisory ROSA-SA-2025-2693

Software: pcre2 10.34 OS: ROSA Virtualization 3.0 packageevrstring: pcre2-10.34-9.0.3 CVE-ID: CVE-2022-1586 BDU-ID: 2022-03770 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the compilexclassmatchingpath function of the PCRE2 library is related to reading data beyond buffer boundaries in memory...

9.1CVSS7.4AI score0.03193EPSS
Exploits0
rosalinux
rosalinux
•added 2025/02/15 10:9 p.m.•7 views

Advisory ROSA-SA-2025-2684

Software: libwebp 1.0.0 OS: ROSA Virtualization 3.0 packageevrstring: libwebp-1.0.0.0-8.0.1 CVE-ID: CVE-2018-25011 BDU-ID: 2021-03099 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is related to a buffer overflow in the "heap"...

9.8CVSS9.4AI score0.02662EPSS
Exploits0
rosalinux
rosalinux
•added 2025/01/27 10:13 a.m.•7 views

Advisory ROSA-SA-2025-2576

software: xwayland 23.2.7 WASP: ROSA-CHROME packageevrstring: xwayland-23.2.7-1 CVE-ID: CVE-2024-9632 BDU-ID: 2024-09084 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memor...

9.8CVSS9.3AI score0.02106EPSS
Exploits0
rosalinux
rosalinux
•added 2025/01/27 7:57 a.m.•7 views

Advisory ROSA-SA-2025-2569

software: curl 8.7.1 OS: ROSA-CHROME packageevrstring: curl-8.7.1-2 CVE-ID: CVE-2024-9681 BDU-ID: 2024-09106 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability exists in the implementation of the HSTS HTTP Strict Transport Security mechanism of the curl command line utility due to a bug in the...

6.5CVSS6.7AI score0.0197EPSS
Exploits1
rosalinux
rosalinux
•added 2025/01/13 10:19 a.m.•7 views

Advisory ROSA-SA-2025-2558

Software: libsoup 2.62.2 OS: rosa-server79 packageevrstring: libsoup-2.62.2-2.0.1.res7 CVE-ID: CVE-2024-52530 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in GNOME libsoup allows HTTP request smuggling attack due to ignoring '\0' characters at the end of header names. CVE-STATUS: The...

7.5CVSS6.8AI score0.00793EPSS
Exploits1
rosalinux
rosalinux
•added 2026/03/15 6:14 p.m.•6 views

Advisory ROSA-SA-2026-3212

software: libcupsfilters 2.0.0 OS: ROSA-CHROME unaffected versions = libcupsfilters-2.0.0.0-7 affected versions libcupsfilters-2.0.0-7 CVE-ID: CVE-2024-47076 BDU-ID: 2024-07644 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the cfGetPrinterAttributes5 function of the libcupsfilters library of the...

8.6CVSS7AI score0.76959EPSS
Exploits5
rosalinux
rosalinux
•added 2026/03/15 6:9 p.m.•6 views

Advisory ROSA-SA-2026-3210

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-3 affected versions libssh-0.9.8-3 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside of buffer boundaries in...

8.1CVSS6.7AI score0.02449EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•6 views

Advisory ROSA-SA-2026-3163

Software: sysstat 11.7.3 OS: ROSA Virtualization 3.1 unaffected versions = sysstat-11.7.3-13.rv31 affected versions sysstat-11.7.3-13.rv31 CVE-ID: CVE-2019-16167 BDU-ID: 2022-06244 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remapstruct function of the sacommon.c component of the Sysstat...

7.8CVSS7.2AI score0.01533EPSS
Exploits2
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•6 views

Advisory ROSA-SA-2026-3160

Software: perl 5.26.3 OS: ROSA Virtualization 3.1 unaffected versions = perl-5.26.3-423.rv31 affected versions perl-5.26.3-423.rv31 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an...

5.9CVSS7.3AI score0.0037EPSS
Exploits0
rosalinux
rosalinux
•added 2026/02/16 7:27 a.m.•6 views

Advisory ROSA-SA-2026-3149

Software: libproxy 0.4.15 OS: ROSA Virtualization 3.1 unaffected versions = libproxy-0.4.15-5.5.5.rv31 affected versions libproxy-0.4.15-5.5.rv31 CVE-ID: CVE-2020-25219 BDU-ID: 2022-00336 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the url::recvline function of the url.cpp component of the...

9.8CVSS7.7AI score0.04284EPSS
Exploits1
rosalinux
rosalinux
•added 2026/01/26 12:47 p.m.•6 views

Advisory ROSA-SA-2026-3127

software: freerdp 2.11.7 OS: ROSA-CHROME CVE-ID: CVE-2025-4478 BDU-ID: 2025-12117 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GNOME Remote Desktop service is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker acting remotely to compromise data...

6.5CVSS5.9AI score0.00416EPSS
Exploits0
rosalinux
rosalinux
•added 2026/01/26 12:32 p.m.•6 views

Advisory ROSA-SA-2026-3123

software: redis 7.2.11 OS: ROSA-CHROME unaffected versions = redis-7.2.11-1 affected versions redis-7.2.11-1 CVE-ID: CVE-2025-49844 BDU-ID: 2025-12553 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the Redis database management system DBMS is related to memory utilization after it has been free...

9.9CVSS6.1AI score0.86767EPSS
Exploits14
rosalinux
rosalinux
•added 2026/01/26 12:16 p.m.•6 views

Advisory ROSA-SA-2026-3119

software: mupdf 1.26.10 WASP: ROSA-CHROME unaffected versions = mupdf-1.26.10-1 affected versions mupdf-1.26.10-1 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation ...

6.5CVSS5.8AI score0.00384EPSS
Exploits1
rosalinux
rosalinux
•added 2025/12/02 1:16 p.m.•6 views

Advisory ROSA-SA-2025-3088

Software: udisks2 2.8.4 OS: rosa-server79 unaffected versions = udisks2-2.8.4-1.0.1.res7 affected versions udisks2-2.8.4-1.0.1.res7 CVE-ID: CVE-2025-8067 BDU-ID: 2025-11284 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the fdindex fknction of the Udisks storage device query and management program...

8.5CVSS7.2AI score0.0065EPSS
Exploits1
rosalinux
rosalinux
•added 2025/11/10 6:21 a.m.•6 views

Advisory ROSA-SA-2025-3070

Software: gdk-pixbuf2 2.36.12 OS: ROSA Virtualization 3.0 unaffected versions = gdk-pixbuf2-2.36.12-7.0.1.1.rv30 affected versions gdk-pixbuf2-2.36.12-7.0.1.rv30 CVE-ID: CVE-2025-7345 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gdkpixbufjpegimageloadincrement function of the...

7.5CVSS8AI score0.01051EPSS
Exploits0
rosalinux
rosalinux
•added 2025/11/09 1:37 p.m.•6 views

Advisory ROSA-SA-2025-3049

Software: krb5 1.18.2 OS: ROSA Virtualization 3.1 unaffected versions = krb5-1.18.2-32.rv31 affected versions krb5-1.18.2-32.rv31 CVE-ID: CVE-2024-37370 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the Kerberos network authentication protocol is associated with a...

9.1CVSS8.8AI score0.14859EPSS
Exploits2
rosalinux
rosalinux
•added 2025/09/11 10:13 a.m.•6 views

Advisory ROSA-SA-2025-2999

software: sqlite 3.41.2 OS: ROSA-CHROME unaffected versions = sqlite-3.41.2-3 affected versions sqlite-3.41.2-3 CVE-ID: CVE-2025-3277 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: An integer overflow vulnerability in the SQLite concatws function that could lead to a buffer overflow of up to 4 GB and...

9.8CVSS7.8AI score0.73495EPSS
Exploits3
rosalinux
rosalinux
•added 2025/09/11 10:4 a.m.•6 views

Advisory ROSA-SA-2025-2995

software: unbound 1.17.0 OS: ROSA-CHROME unaffected versions = unbound-1.17.0-2 affected versions unbound-1.17.0-2 CVE-ID: CVE-2024-8508 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Unbound when handling responses with very large RRsets could result in a denial of service. CVE-STATUS...

5.3CVSS6.7AI score0.00801EPSS
Exploits0
rosalinux
rosalinux
•added 2025/09/09 10:41 a.m.•6 views

Advisory ROSA-SA-2025-2981

software: jq 1.8.1 OS: ROSA-CHROME unaffected versions = jq-1.8.1-1 affected versions jq-1.8.1-1 CVE-ID: CVE-2024-53427 BDU-ID: 2025-06690 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the decNumberCopy function of the jq functional programming language is related to accessing a resource via...

8.1CVSS5.3AI score0.00355EPSS
Exploits1
rosalinux
rosalinux
•added 2025/09/09 10:33 a.m.•6 views

Advisory ROSA-SA-2025-2977

software: chromium-browser-stable 138.0.7204.92 WASP: ROSA-CHROME unaffected versions = chromium-browser-stable-138.0.7204.92-1 affected versions chromium-browser-stable-138.0.7204.92-1 CVE-ID: CVE-2025-6554 BDU-ID: 2025-07783 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the JavaScript scrip...

8.1CVSS7.4AI score0.06564EPSS
Exploits5
rosalinux
rosalinux
•added 2025/09/09 10:25 a.m.•6 views

Advisory ROSA-SA-2025-2973

software: sudo 1.9.17p1 WASP: ROSA-CHROME unaffected versions = sudo-1.9.17p1-1 affected versions sudo-1.9.17p1-1 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the authorization mechanism...

9.3CVSS8.6AI score0.47467EPSS
Exploits77
rosalinux
rosalinux
•added 2025/09/09 9:34 a.m.•6 views

Advisory ROSA-SA-2025-2962

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 unaffected versions = libxml2-2.9.7-20.0.2.2.rv30 affected versions libxml2-2.9.7-20.0.2.2.rv30 CVE-ID: CVE-2023-45322 BDU-ID: 2023-06827 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlUnlinkNode function tree.c of the libxml2 library is...

7.5CVSS6.8AI score0.01009EPSS
Exploits3
rosalinux
rosalinux
•added 2025/08/06 8:31 a.m.•6 views

Advisory ROSA-SA-2025-2951

software: xwayland 24.1.8 WASP: ROSA-CHROME unaffected versions = xwayland-24.1.8-1 affected versions xwayland-24.1.8-1 CVE-ID: CVE-2025-49175 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: No translation CVE-STATUS: The vulnerability has been resolved. CVE-REV: To close the vulnerability, run the...

7.8CVSS6.4AI score0.00369EPSS
Exploits0
rosalinux
rosalinux
•added 2025/08/06 8:31 a.m.•6 views

Advisory ROSA-SA-2025-2952

software: cjson 1.7.18 WASP: ROSA-CHROME unaffected versions = cjson-1.7.18-1 affected versions cjson-1.7.18-1 CVE-ID: CVE-2023-53154 BDU-ID: None CVE-Crit: LOW CVE-DESC.: cJSON: Buffer overflow vulnerability on read from heap via parsestring function. CVE-STATUS: Vulnerability has been resolved...

5.5CVSS6.5AI score0.00219EPSS
Exploits1
rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•6 views

Advisory ROSA-SA-2025-2948

software: libsoup2.4 2.74.2 OS: ROSA-CHROME unaffected versions = libsoup2.4-2.74.2-2 affected versions libsoup2.4-2.74.2-2 CVE-ID: CVE-2025-32913 BDU-ID: 2025-06242 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the soupmessageheadersgetcontentdisposition function of the GNOME GUI libsoup library ...

7.5CVSS8.2AI score0.00736EPSS
Exploits0
rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•6 views

Advisory ROSA-SA-2025-2947

software: libsoup 3.2.1 OS: ROSA-CHROME unaffected versions = libsoup-3.2.1-2 affected versions libsoup-3.2.1-2 CVE-ID: CVE-2025-32913 BDU-ID: 2025-06242 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the soupmessageheadersgetcontentdisposition function of the GNOME GUI libsoup library is related t...

7.5CVSS8.2AI score0.00736EPSS
Exploits0
rosalinux
rosalinux
•added 2025/08/06 8:30 a.m.•6 views

Advisory ROSA-SA-2025-2946

software: glibc 2.33 AXIS: ROSA-CHROME unaffected versions = glibc-2.33-11.git5f08d1.1 affected versions glibc-2.33-11.git5f08d1.1 CVE-ID: CVE-2025-0395 BDU-ID: 2025-01120 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the assert function of the GNU C Library system library is related to incorrect...

7.8CVSS7.4AI score0.00557EPSS
Exploits1
Total number of security vulnerabilities1374