1374 matches found
Advisory ROSA-SA-2025-2940
Software: exfatprogs 1.2.9 OS: ROSA-CHROME unaffected versions = exfatprogs-1.2.9-1 affected versions exfatprogs-1.2.9-1 CVE-ID: CVE-2023-45897 BDU-ID: 2024-03156 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the readfiledentryset function of the exfatprogs user-space utility is related to readi...
Advisory ROSA-SA-2025-2938
software: emacs 30.1 OS: ROSA-CHROME unaffected versions = emacs-30.1-1 affected versions emacs-30.1-1 CVE-ID: CVE-2024-30202 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in Emacs allows execution of arbitrary Lisp code when Org mode is activated. CVE-STATUS: The vulnerability has been...
Advisory ROSA-SA-2025-2936
software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-4 affected versions ghostscript-9.56.1-4 CVE-ID: CVE-2024-29507 BDU-ID: 2024-05697 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Ghostscript document processing, conversion, and generation software suite is...
Advisory ROSA-SA-2025-2913
software: c-ares 1.19.1 OS: ROSA-CHROME unaffected versions = c-ares-1.19.1-2 affected versions c-ares-1.19.1-2 CVE-ID: CVE-2024-25629 BDU-ID: 2024-01708 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the aresreadline function of the C-ares asynchronous DNS query library is related to an operatio...
Advisory ROSA-SA-2025-2888
Software: jose 10 OS: ROSA Virtualization 3.0 packageevrstring: jose-10-2.rv30.3 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource consumption...
Advisory ROSA-SA-2025-2891
Software: libsoup 2.62.3 OS: ROSA Virtualization 3.0 packageevrstring: libsoup-2.62.3-9.rv30 CVE-ID: CVE-2025-2784 BDU-ID: 2025-05737 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the skipinsightwhitespace function of the GNOME GUI libsoup library is related to reading beyond buffer boundaries in...
Advisory ROSA-SA-2025-2877
Software: freetype 2.9.1 OS: ROSA Virtualization 2.1 packageevrstring: freetype-2.9.1-10.rv3 CVE-ID: CVE-2025-27363 BDU-ID: 2025-02719 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FreeType font rasterization library is related to reading beyond buffer boundaries in memory. Exploitation of the...
Advisory ROSA-SA-2025-2800
Software: gmp 6.1.2 OS: ROSA Virtualization 3.0 packageevrstring: gmp-6.1.2-11.rv30 CVE-ID: CVE-2021-43618 BDU-ID: 2022-05776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mpz/inpraw.c component of the GMP arithmetic operations library on 32-bit platforms is related to integer overflow...
Advisory ROSA-SA-2025-2775
Software: c-ares 1.13.0 OS: ROSA Virtualization 2.1 packageevrstring: c-ares-1.13.0-11.rv3 CVE-ID: CVE-2020-22217 BDU-ID: 2023-05898 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the aresparsesoareply function of the C-ares asynchronous DNS query library is related to an operation exceeding...
Advisory ROSA-SA-2025-2770
Software: python-jwcrypto 0.5.0 OS: ROSA Virtualization 3.0 packageevrstring: python-jwcrypto-0.5.0-2.rv30 CVE-ID: CVE-2024-28102 BDU-ID: 2024-01978 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the deserialize JavaScript library function for Jwcrypto is associated with uncontrolled resource...
Advisory ROSA-SA-2025-2761
Software: raptor2 2.0.9 OS: rosa-server79 packageevrstring: raptor2-2.0.9-3.0.1.res7 CVE-ID: CVE-2024-57823 BDU-ID: None CVE-Crit: CRITICAL. CVE-DESC.: An integer overflow vulnerability was discovered in the Raptor RDF Syntax Library when normalizing URIs using the turtle parser in the...
Advisory ROSA-SA-2025-2758
Software: libsoup 2.62.2 OS: rosa-server79 packageevrstring: libsoup-2.62.2-2.0.3.res7 CVE-ID: CVE-2024-52531 BDU-ID: 2025-00232 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the soupheaderparseparamliststrict function of the GNOME GUI libsoup library is related to a buffer overflow in dynamic...
Advisory ROSA-SA-2025-2742
Software: postgresql 13.16 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-13.16-1.rv30 CVE-ID: CVE-2024-7348 BDU-ID: 2024-06153 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pgdump utility of the PostgreSQL database management system is related to null pointer dereferencing due to...
Advisory ROSA-SA-2025-2727
Software: modauthopenidc 2.4.9.4 OS: ROSA Virtualization 3.0 packageevrstring: modauthopenidc-2.4.9.4-6.rv30 CVE-ID: CVE-2024-24814 BDU-ID: 2024-02794 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is associated...
Advisory ROSA-SA-2025-2718
Software: sqlite 3.26.0 OS: ROSA Virtualization 3.0 packageevrstring: sqlite-3.26.0-19 CVE-ID: CVE-2019-8457 BDU-ID: 2019-03785 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the rtreenode function of the SQLite database management system is related to a read operation exceeding buffer...
Advisory ROSA-SA-2025-2685
Software: nettle 3.4.1 OS: ROSA Virtualization 3.0 packageevrstring: nettle-3.4.1-7 CVE-ID: CVE-2021-20305 BDU-ID: 2021-02748 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the signature verification functions GOST DSA, EDDSA, and ECDSA of the Nettle library is related to flaws in the cryptographic...
Advisory ROSA-SA-2025-2622
software: ghostscript 9.54.0 OS: ROSA-CHROME packageevrstring: ghostscript-9.54.0-11 CVE-ID: CVE-2023-38559 BDU-ID: 2023-07662 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the devnpcxwriterle function of the base/gdevdevdevn.c component of the Ghostscript document processing software suite...
Advisory ROSA-SA-2025-2596
software: procps-ng 3.3.17 OS: ROSA-CHROME packageevrstring: procps-ng-3.3.17-4 CVE-ID: CVE-2023-4016 BDU-ID: 2023-07117 CVE-Crit: LOW CVE-DESC.: A vulnerability in the running processes information collection utility ps of the procps-ng command line utility set is related to an operation exceedi...
Advisory ROSA-SA-2025-2590
software: vim 9.1.0754 WASP: ROSA-CHROME packageevrstring: vim-9.1.0754-1 CVE-ID: CVE-2024-41957 BDU-ID: 2024-06478 CVE-Crit: LOW CVE-DESC.: A vulnerability in the tagstackclearentry function of the src/alloc.c file of the vim text editor exists due to a bug in the use of pointers after memory...
Advisory ROSA-SA-2025-2588
software: assimp 5.0.1 OS: ROSA-CHROME packageevrstring: assimp-5.0.1.1-4 CVE-ID: CVE-2024-40724 BDU-ID: 2024-06186 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the File Handler component of the 3D model import library Open Asset Import Library Assimp is related to a heap buffer overflow...
Advisory ROSA-SA-2025-2557
Software: giflib 4.1.6 OS: rosa-server79 packageevrstring: giflib-4.1.6-9.0.1.1.res7 CVE-ID: CVE-2023-48161 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer Overflow vulnerability in GifLib allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function. CVE-STATUS: The...
Advisory ROSA-SA-2025-3059
Software: dhcp 4.3.6 OS: ROSA Virtualization 2.1 unaffected versions = dhcp-4.3.6-50.0.1.rv3 affected versions dhcp-4.3.6-50.0.1.1.rv3 CVE-ID: CVE-2021-25217 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A software vulnerability providing the DHCP Dynamic Host Configuration Protocol service to the network is...
Advisory ROSA-SA-2025-3020
software: tinyxml2 6.2.0 WASP: ROSA-CHROME unaffected versions = tinyxml2-6.2.0-2 affected versions tinyxml2-6.2.0-2 CVE-ID: CVE-2024-50615 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in TinyXML2 before 10.0.0: Reachable assertion in XMLUtil::GetCharacterRef could cause application...
Advisory ROSA-SA-2025-2692
Software: gnutls 3.6.16 OS: ROSA Virtualization 3.0 packageevrstring: gnutls-3.6.16-8 CVE-ID: CVE-2021-20231 BDU-ID: 2022-00206 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the keyshare extension of the GnuTLS transport layer security library is related to memory usage after it has been freed...