Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2023/09/12 12:11 p.m.•37 views

Advisory ROSA-SA-2023-2235

Software: libgit2 1.4.5 OS: ROSA-CHROME packageevrstring: libgit2-1.4.5-1.src.rpm CVE-ID: CVE-2023-22742 BDU-ID: 2023-00574 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libssh2 library of the C Libgit2 implementation of Git methods is related to cryptographic signature verification errors...

5.9CVSS6.7AI score0.0058EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/08/22 8:47 a.m.•37 views

Advisory ROSA-SA-2023-2218

software: multipath-tools 0.8.9 WASP: ROSA-CHROME packageevrstring: multipath-tools-0.8.9-3.src.rpm CVE-ID: CVE-2022-41973 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: multipath-tools 0.7.7 to 0.9.x to 0.9.2 allows local users to gain root access as used in conjunction with CVE-2022-41974. Local users...

7.8CVSS6.9AI score0.00658EPSS
Exploits4
Rosalinux
Rosalinux
•added 2023/07/25 10:31 a.m.•37 views

Advisory ROSA-SA-2023-2202

Software: python 3.6.8 OS: rosa-server79 packageevrstring: python-3.6.8-19.res7 CVE-ID: CVE-2023-24329 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blacklisting methods by providing a URL that starts with empty...

7.5CVSS6.9AI score0.20459EPSS
Exploits3
Rosalinux
Rosalinux
•added 2021/07/02 6:4 p.m.•37 views

Advisory ROSA-SA-2021-1961

Software: redland 1.0.16 OS: Cobalt 7.9 CVE-ID: CVE-2012-0037 CVE-Crit: HIGH CVE-DESC: Redland Raptor also known as libraptor before 2.0.7, used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1 and other products, allows remote attackers, with the help of the user, ...

6.5CVSS6.4AI score0.13682EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 5:26 p.m.•37 views

Advisory ROSA-SA-2021-1907

Software: libzip 0.10.1 OS: Cobalt 7.9 CVE-ID: CVE-2015-2331 CVE-Crit: HIGH CVE-DESC: An integer overflow in the zipcdirnew function in zipdirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6. 7 and other products,...

7.5CVSS10AI score0.27692EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:44 p.m.•37 views

Advisory ROSA-SA-2021-1841

Software: ghostscript 9.25 OS: Cobalt 7.9 CVE-ID: CVE-2018-19478 CVE-Crit: MEDIUM CVE-DESC: In Artifex Ghostscript before 9.26, a carefully crafted PDF file can run extremely long calculations when parsing the file. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2020-14373 CVE-Crit: MEDIUM...

5.5CVSS6.7AI score0.01888EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 6:31 p.m.•36 views

Advisory ROSA-SA-2025-2629

software: jackson-databind 2.9.9.3 OS: ROSA-CHROME packageevrstring: jackson-databind-2.9.9.9.3 CVE-ID: CVE-2019-14540 BDU-ID: 2019-04085 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FasterXML com.zaxxer.hikari.HikariConfig function of the Java library for grammar parsing JSON files...

9.8CVSS9.1AI score0.10676EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 10:40 a.m.•36 views

Advisory ROSA-SA-2025-2581

software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-4 CVE-ID: CVE-2024-1454 BDU-ID: 2024-03243 CVE-Crit: LOW CVE-DESC.: A vulnerability in the AuthentIC driver of the OpenSC smart card software toolkit and libraries is related to memory usage after it has been freed...

3.4CVSS6.7AI score0.00422EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/29 8:35 a.m.•36 views

Advisory ROSA-SA-2024-2513

Software: python-setuptools 0.9.8 OS: rosa-server79 packageevrstring: python-setuptools-0.9.8-7.0.1.res7 CVE-ID: CVE-2024-6345 BDU-ID: 2024-05843 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the packageindex module of the setuptools project packaging simplification library is related to functions...

8.8CVSS8.3AI score0.01939EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 8:57 p.m.•36 views

Advisory ROSA-SA-2024-2486

Software: postgresql15 15.7 OS: rosa-server79 packageevrstring: postgresql15-15.7-1PGDG.res7 CVE-ID: CVE-2023-39418 BDU-ID: 2023-04768 CVE-Crit: LOW CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to access delimitation flaws. Exploitation of the vulnerability...

8.8CVSS8.3AI score0.04322EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/05/28 8:24 a.m.•36 views

Advisory ROSA-SA-2024-2425

software: aspell 0.60.8 WASP: ROSA-CHROME packageevrstring: aspell-0.60.8-3 CVE-ID: CVE-2019-25051 BDU-ID: None CVE-Crit: N/A CVE-DESC.: objstack in GNU Aspell has a heap buffer overflow in acommon::ObjStack::duptop CVE-STATUS: Fixed CVE-REV: To close, execute command: sudo dnf update aspell...

7.8CVSS7.5AI score0.00549EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/03/26 11:41 a.m.•36 views

Advisory ROSA-SA-2024-2381

Software: rsyslog 8.1911.0 OS: ROSA Virtualization 2.1 packageevrstring: rsyslog-8.1911.0-6.0.1.rv3 CVE-ID: CVE-2022-24903 BDU-ID: 2022-04363 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the TCP modules of the Rsyslog log processing software utility is related to writing beyond buffer boundaries ...

8.1CVSS7.6AI score0.03821EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/12/12 12:25 p.m.•36 views

Advisory ROSA-SA-2023-2306

Software: hivex 1.3.18 OS: ROSA Virtualization 2.1 packageevrstring: hivex-1.3.18-23.rv3.src.rpm CVE-ID: CVE-2021-3622 BDU-ID: 2021-04419 CVE-Crit: LOW CVE-DESC.: A vulnerability in the getchildren function of the getchildren library for retrieving the contents of Windows hivex registry branches ...

4.3CVSS7.7AI score0.04794EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/12/05 10:33 a.m.•36 views

Advisory ROSA-SA-2023-2301

Software: gzip 1.9 OS: ROSA Virtualization 2.1 packageevrstring: gzip-1.9-13.rv3.src.rpm CVE-ID: CVE-2022-1271 BDU-ID: 2022-02113 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gzip library is related to errors in file name handling. Exploitation of the vulnerability could allow an attacker...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/31 2:38 p.m.•36 views

Advisory ROSA-SA-2023-2286

Software: dhcp 4.3.6 OS: ROSA Virtualization 2.1 packageevrstring: dhcp-4.3.6-49.0.1.rv3.src.rpm CVE-ID: CVE-2022-2929 BDU-ID: None CVE-Crit: N/A CVE-DESC.: In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, a system with access to a DHCP server that sends DHCP packets created to...

6.5CVSS6.7AI score0.0062EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/22 6:19 a.m.•36 views

Advisory ROSA-SA-2023-2273

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-1.src.rpm CVE-ID: CVE-2021-46784 BDU-ID: 2022-04051 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server's implementation of the Gopher network protocol is associated with the use of assert or a similar operator...

8.6CVSS7.2AI score0.0362EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/21 3:57 p.m.•36 views

Advisory ROSA-SA-2023-2255

software: mariadb 10.5.20 OS: ROSA-CHROME packageevrstring: mariadb-10.5.20-1.src.rpm CVE-ID: CVE-2022-32088 BDU-ID: 2022-04064 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Exectimetracker::getloops/Filesorttracker::reportuse/filesort function of the MariaDB database management system is...

7.5CVSS6.9AI score0.02082EPSS
Exploits3
Rosalinux
Rosalinux
•added 2023/10/10 9:32 a.m.•36 views

Advisory ROSA-SA-2023-2242

Software: open-vm-tools 11.0.5 OS: rosa-server79 packageevrstring: open-vm-tools-11.0.5-2.rv3.src.rpm CVE-ID: CVE-2023-20900 BDU-ID: 2023-05064 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the VMware Tools suite of utilities is related to the ability to bypass the SAML token signature...

7.5CVSS6.9AI score0.01193EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/09/12 11:49 a.m.•36 views

Advisory ROSA-SA-2023-2232

Software: firefox 102.14.0 OS: rosa-server79 packageevrstring: firefox-102.14.0-3.res7.x8664.rpm CVE-ID: CVE-2023-3417 BDU-ID: 2023-03965 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character for overriding text directio...

9.8CVSS8.8AI score0.13694EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/09/05 9:31 a.m.•36 views

Advisory ROSA-SA-2023-2227

software: buildah 1.30.0 AXIS: ROSA-CHROME packageevrstring: buildah-1.30.0-2.src.rpm CVE-ID: CVE-2022-27651 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There was a bug in the build that caused containers to incorrectly start with non-empty default permissions. A bug was discovered in Moby Docker...

7.1CVSS6.7AI score0.01225EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 6:14 p.m.•36 views

Advisory ROSA-SA-2021-1984

Software: tar 1.26 OS: Cobalt 7.9 CVE-ID: CVE-2018-12015. CVE-Crit: HIGH CVE-DESC: In Perl before 5.26.2, the Archive :: Tar module allows remote attackers to bypass the directory traversal protection mechanism and overwrite arbitrary files via an archive file containing a symbolic link and a...

7.5CVSS7.8AI score0.07343EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:20 p.m.•36 views

Advisory ROSA-SA-2021-1899

Software: libvirt 4.5.0 OS: Cobalt 7.9 CVE-ID: CVE-2020-25637 CVE-Crit: MEDIUM CVE-DESC: A double free memory issue has been detected in libvirt APIs in versions prior to 6.8.0 responsible for querying information about network interfaces of a running QEMU domain. This flaw affects the polkit...

7.2CVSS6.7AI score0.00529EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:16 p.m.•36 views

Advisory ROSA-SA-2021-1884

Software: libpng 1.5.13 OS: Cobalt 7.9 CVE-ID: CVE-2013-7353 CVE-Crit: HIGH CVE-DESC: Integer overflow in pngsetunknownchunks function in libpng / pngset.c in libpng before 1.5.14beta08 allows context-sensitive attackers to cause a denial of service segmentation error and crash via a crafted imag...

10CVSS9.6AI score0.06431EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 4:35 p.m.•36 views

Advisory ROSA-SA-2021-1817

Software: cups-filters 1.0.35 OS: Cobalt 7.9 CVE-ID: CVE-2013-6473 CVE-Crit: MEDIUM CVE-DESC: Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 through 1.0.47 allow remote attackers to execute arbitrary code across a large 1 page or 2 lines in a URF file...

8.3CVSS8.8AI score0.03429EPSS
Exploits3
Rosalinux
Rosalinux
•added 2021/07/02 4:31 p.m.•36 views

Advisory ROSA-SA-2021-1804

Software: accountservice 0.6.50 OS: Cobalt 7.9 CVE-ID: CVE-2020-16126 CVE-Crit: LOW CVE-DESC: Ubuntu-specific modification of AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, incorrectly removed ruid, allowing untrusted users to send signals to AccountsService,...

5.5CVSS6.8AI score0.00541EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/01/27 8:27 a.m.•35 views

Advisory ROSA-SA-2025-2573

Software: qbittorrent 4.6.7 OS: ROSA-CHROME packageevrstring: qbittorrent-4.6.7-1 CVE-ID: CVE-2024-51774 BDU-ID: 2024-09433 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cross-platform BitTorrent client qBittorrent is related to improper SSL/TLS certificate authentication. Exploitation of the...

8.1CVSS6.7AI score0.03295EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/09/25 9:36 a.m.•35 views

Advisory ROSA-SA-2024-2477

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-2 CVE-ID: CVE-2023-46724 BDU-ID: 2023-07699 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to errors in SSL/TLS certificate validation. Exploitation of the vulnerability could allow an attacker actin...

9.3CVSS7.1AI score0.85944EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/07/01 2:13 p.m.•35 views

Advisory ROSA-SA-2024-2442

software: usbredir 0.8.0 OS: ROSA-CHROME packageevrstring: usbredir-0.8.0-4 CVE-ID: CVE-2021-3700 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A post-release exploit vulnerability was discovered in usbredir in usbredirparserserialize in usbredirparser/usbredirparser.c. This issue occurs when...

6.4CVSS6.8AI score0.00309EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/04/23 12:16 p.m.•35 views

Advisory ROSA-SA-2024-2407

software: xz 5.2.9 AXIS: ROSA-CHROME packageevrstring: xz-5.2.9-1 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in the xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extrac...

10CVSS9.6AI score0.85974EPSS
Exploits40
Rosalinux
Rosalinux
•added 2023/10/21 2:46 p.m.•35 views

Advisory ROSA-SA-2023-2251

software: mariadb 10.5.20 OS: ROSA-CHROME packageevrstring: mariadb-10.5.20-1.src.rpm CVE-ID: CVE-2018-2813 BDU-ID: 2019-03456 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Server: DDL component of the MySQL Server database management system is related to a lack of service data protection...

7.1CVSS6.3AI score0.03716EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/03/07 10:1 a.m.•35 views

Advisory ROSA-SA-2023-2129

Software: libksba 1.3.0 OS: rosa-server79 packageevrstring: libksba-1.3.0 CVE-ID: CVE-2022-47629 BDU-ID: 2022-07478 CVE-Crit: HIGH CVE-DESC: A vulnerability in the X.509 LibKSBA certificate function-providing library is related to an integer overflow in the CRL parser. Exploitation of the...

9.8CVSS9.8AI score0.0155EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/02/14 11:48 a.m.•35 views

Advisory ROSA-SA-2023-2112

Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87 CVE-ID: CVE-2022-28733 BDU-ID: 2022-03372 CVE-Crit: HIGH CVE-DESC: A vulnerability in the grubnetrecvip4packets function of the Grub operating systems bootloader program is related to integer overflow. Exploitation of the...

8.1CVSS9.1AI score0.01284EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:21 p.m.•35 views

Advisory ROSA-SA-2021-2000

Software: xdelta 3.0.7 OS: Cobalt 7.9 CVE-ID: CVE-2014-9765 CVE-Crit: HIGH CVE-DESC: Buffer overflow in maingetappheader function in xdelta3-main.h in xdelta3 before 3.0.9 allows remote attackers to execute arbitrary code through a crafted input file. CVE-STATUS: default CVE-REV: default...

8.8CVSS9.1AI score0.04157EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:18 p.m.•35 views

Advisory ROSA-SA-2021-1991

Software: unzip 6.0 OS: Cobalt 7.9 CVE-ID: CVE-2014-9913 CVE-Crit: MEDIUM CVE-DESC: Buffer overflow in listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service failure using vectors associated with the compression method. CVE-STATUS: default CVE-REV:...

7.8CVSS7.9AI score0.30469EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 6:15 p.m.•35 views

Advisory ROSA-SA-2021-1985

Software: tcpdump 4.9.2 OS: Cobalt 7.9 CVE-ID: CVE-2017-16808 CVE-Crit: MEDIUM CVE-DESC: tcpdump before 4.9.3 has a redundant heap-based buffer read associated with aoeprint in print-aoe.c and lookupememem in addrtoname.c. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2018-10103 CVE-Crit:...

9.8CVSS7.2AI score0.05342EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:12 p.m.•35 views

Advisory ROSA-SA-2021-1980

Software: sudo 1.8.23 OS: Cobalt 7.9 CVE-ID: CVE-2021-23239 CVE-Crit: LOW CVE-DESC: The sudoedit personality in sudo before 1.9.5 can allow a local unprivileged user to perform arbitrary directory existence tests by winning the sudoedit.c race condition when replacing a user-controlled directory...

7.8CVSS6.5AI score0.01066EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 6:7 p.m.•35 views

Advisory ROSA-SA-2021-1967

Software: samba 4.10.16 OS: Cobalt 7.9 CVE-ID: CVE-2020-10745 CVE-Crit: HIGH CVE-DESC: In all versions of Samba prior to 4.10.17, prior to 4.11.11, and prior to 4.12.4, a flaw has been discovered in the way NetBios is handled over TCP / IP. This flaw allows a remote attacker to cause excessive CP...

10CVSS7.8AI score0.99512EPSS
Exploits75
Rosalinux
Rosalinux
•added 2021/07/02 6:4 p.m.•35 views

Advisory ROSA-SA-2021-1964

Software: rsync 3.1.2 OS: Cobalt 7.9 CVE-ID: CVE-2017-15994 CVE-Crit: CRITICAL CVE-DESC: rsync 3.1.3-development before 10/24-2017 incorrectly handles outdated checksums, making it easy for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch is widely used...

9.8CVSS8.2AI score0.06337EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:4 p.m.•35 views

Advisory ROSA-SA-2021-1960

Software: quagga 0.99.22.4 OS: Cobalt 7.9 CVE-ID: CVE-2016-1245 CVE-Crit: CRITICAL CVE-DESC: It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffers from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The main reason was that the BUFSIZ was...

9.8CVSS6.8AI score0.74599EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:36 p.m.•35 views

Advisory ROSA-SA-2021-1936

Software: opensc 0.19.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-15945 CVE-Crit: MEDIUM CVE-DESC: OpenSC before 0.20.0-rc1 has out-of-bounds access to ASN.1 bit string in decodebitstring in libopensc / asn1.c. CVE-STATUS: default CVE-REV: default CVE-ID: CVE-2019-15946 CVE-Crit: MEDIUM CVE-DESC: OpenSC...

7.5CVSS7.5AI score0.02198EPSS
Exploits2
Rosalinux
Rosalinux
•added 2021/07/02 5:7 p.m.•35 views

Advisory ROSA-SA-2021-1857

Software: junit 4.11 OS: Cobalt 7.9 CVE-ID: CVE-2020-15250 CVE-Crit: MEDIUM CVE-DESC: In JUnit4, from version 4.7 through 4.13.1, the TemporaryFolder test rule contains a local information disclosure vulnerability. In Unix-like systems, a system's temporary directory is shared by all users on tha...

5.5CVSS6.2AI score0.01695EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/11/10 6:21 a.m.•34 views

Advisory ROSA-SA-2025-3069

Software: freeglut 3.0.0 OS: ROSA Virtualization 3.0 unaffected versions = freeglut-3.0.0.0-9.rv30 affected versions freeglut-3.0.0.0-9.rv30 CVE-ID: CVE-2024-24258 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GlutAddSubMenu function of the MuPDF PDF viewer is related to a memory leak...

7.5CVSS6.8AI score0.01147EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•34 views

Advisory ROSA-SA-2025-2836

Software: dhcp 4.3.6 OS: ROSA Virtualization 2.1 packageevrstring: dhcp-4.3.6-50.0.1.rv3 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity a...

7.5CVSS7.8AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/06/27 10:49 a.m.•34 views

Advisory ROSA-SA-2024-2437

Software: ncurses 6.1 OS: ROSA Virtualization 2.1 packageevrstring: ncurses-6.1 CVE-ID: CVE-2022-29458 BDU-ID: 2023-00296 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the convertstrings function of the convertstrings component of the tinfo/readentry.c component of the Ncurses terminal I/O...

7.1CVSS7.1AI score0.01341EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/05/07 7:41 a.m.•34 views

Advisory ROSA-SA-2024-2415

software: hwloc 2.7.1 OS: ROSA-CHROME packageevrstring: hwloc-2.7.1-2 CVE-ID: CVE-2022-47022 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A problem discovered in open-mpi hwloc allows attackers to cause denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. CVE-STATUS:...

4.7CVSS7.3AI score0.00286EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/05/07 7:39 a.m.•34 views

Advisory ROSA-SA-2024-2414

software: upx 4.2.1 OS: ROSA-CHROME packageevrstring: upx-4.2.1-1 CVE-ID: CVE-2023-23456 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A heap buffer overflow problem was discovered in UPX in PackTmt::pack in the file ptmt.cpp. This thread allows an attacker to cause a denial of service interrupt using...

5.5CVSS7.6AI score0.0039EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/05/02 7:56 a.m.•34 views

Advisory ROSA-SA-2024-2410

Software: cloud-init 20.3 OS: ROSA Virtualization 2.1 packageevrstring: cloud-init-20.3-10.el84.5.src.rpm CVE-ID: CVE-2021-3429 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: When instructing Cloud-init to set a random password for a new version user account, Cloud-init wrote that password to the publi...

5.5CVSS7.3AI score0.00236EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/04/02 7:22 a.m.•34 views

Advisory ROSA-SA-2024-2388

Software: wireshark 4.0.10 OS: ROSA-CHROME packageevrstring: wireshark-4.0.10-1.src.rpm CVE-ID: CVE-2023-0666 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Due to a failure in length validation provided by an attacker-created RTPS packet, Wireshark is vulnerable by default to a heap buffer overflow an...

7.5CVSS8.2AI score0.0462EPSS
Exploits10
Rosalinux
Rosalinux
•added 2024/04/02 7:1 a.m.•34 views

Advisory ROSA-SA-2024-2386

Software: samba 4.12.3 OS: ROSA Virtualization 2.1 packageevrstring: samba-4.12.3-12.0.1.rv3.3.x8664.rpm CVE-ID: CVE-2020-10745 BDU-ID: 2021-01741 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Samba networking software package is associated with uncontrolled resource consumption. Exploitation ...

7.8CVSS6.9AI score0.03874EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/03/26 10:40 a.m.•34 views

Advisory ROSA-SA-2024-2378

software: pcre2 10.36 WASP: ROSA-CHROME packageevrstring: pcre2-10.36-4.src.rpm CVE-ID: CVE-2022-41409 BDU-ID: 2023-05302 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pcre2test command of the PCRE2 regular expression library is related to integer overflow. Exploitation of the vulnerability...

7.5CVSS6.8AI score0.00962EPSS
Exploits1
Total number of security vulnerabilities1374