Lucene search
K
RosalinuxMost viewed

1374 matches found

Rosalinux
Rosalinux
•added 2024/08/12 1:9 p.m.•34 views

Advisory ROSA-SA-2024-2468

software: patch 2.7.6 OS: ROSA-CHROME packageevrstring: patch-2.7.6-5 CVE-ID: CVE-2018-6951 BDU-ID: 2023-01652 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the intuitdifftype function of the pch.c component of the Patch edit transfer program is related to pointer dereferencing errors. Exploitatio...

9.3CVSS6.8AI score0.08585EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/06/27 10:49 a.m.•34 views

Advisory ROSA-SA-2024-2437

Software: ncurses 6.1 OS: ROSA Virtualization 2.1 packageevrstring: ncurses-6.1 CVE-ID: CVE-2022-29458 BDU-ID: 2023-00296 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the convertstrings function of the convertstrings component of the tinfo/readentry.c component of the Ncurses terminal I/O...

7.1CVSS7.1AI score0.01341EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/05/07 7:41 a.m.•34 views

Advisory ROSA-SA-2024-2415

software: hwloc 2.7.1 OS: ROSA-CHROME packageevrstring: hwloc-2.7.1-2 CVE-ID: CVE-2022-47022 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A problem discovered in open-mpi hwloc allows attackers to cause denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. CVE-STATUS:...

4.7CVSS7.3AI score0.00286EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/05/07 7:39 a.m.•34 views

Advisory ROSA-SA-2024-2414

software: upx 4.2.1 OS: ROSA-CHROME packageevrstring: upx-4.2.1-1 CVE-ID: CVE-2023-23456 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A heap buffer overflow problem was discovered in UPX in PackTmt::pack in the file ptmt.cpp. This thread allows an attacker to cause a denial of service interrupt using...

5.5CVSS7.6AI score0.0039EPSS
Exploits2
Rosalinux
Rosalinux
•added 2024/04/02 7:22 a.m.•34 views

Advisory ROSA-SA-2024-2388

Software: wireshark 4.0.10 OS: ROSA-CHROME packageevrstring: wireshark-4.0.10-1.src.rpm CVE-ID: CVE-2023-0666 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Due to a failure in length validation provided by an attacker-created RTPS packet, Wireshark is vulnerable by default to a heap buffer overflow an...

7.5CVSS8.2AI score0.0462EPSS
Exploits10
Rosalinux
Rosalinux
•added 2024/04/02 7:1 a.m.•34 views

Advisory ROSA-SA-2024-2386

Software: samba 4.12.3 OS: ROSA Virtualization 2.1 packageevrstring: samba-4.12.3-12.0.1.rv3.3.x8664.rpm CVE-ID: CVE-2020-10745 BDU-ID: 2021-01741 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Samba networking software package is associated with uncontrolled resource consumption. Exploitation ...

7.8CVSS6.9AI score0.03874EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/12/12 12:18 p.m.•34 views

Advisory ROSA-SA-2023-2304

software: netty 4.1.13 WASP: ROSA-CHROME packageevrstring: netty-4.1.13-13.src.rpm CVE-ID: CVE-2023-34462 BDU-ID: 2023-05355 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the SniHandler component of the Netty networking software tool is associated with uncontrolled resource consumption...

6.5CVSS7AI score0.02459EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/22 5:35 a.m.•34 views

Advisory ROSA-SA-2023-2264

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0-4.src.rpm CVE-ID: CVE-2022-2868 BDU-ID: 2023-00296 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the tiffcrop utility exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker to...

8.8CVSS7AI score0.01237EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/07/18 11:28 a.m.•34 views

Advisory ROSA-SA-2023-2194

Software: libtasn1 4.13 OS: ROSA Virtualization 2.1 packageevrstring: libtasn1-4.13-4.rv3.src.rpm CVE-ID: CVE-2021-46848 BDU-ID: 2022-06694 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the asn1encodesimpleder function of the Libtasn1 library is related to a single offset error. Exploitation of th...

9.1CVSS6.6AI score0.02062EPSS
Exploits1
Rosalinux
Rosalinux
•added 2022/12/06 10:20 a.m.•34 views

Advisory ROSA-SA-2022-2056

Software: kernel 3.10.0 OS: rosa-server79 packageevrstring: kernel-3.10.0-1160.83.1.el7 CVE-ID: CVE-2022-2078 BDU-ID: 2022-04090 CVE-Crit: Not Relevant CVE-DESC: A vulnerability in the nftsetdescconcatparse function of the Linux operating systems kernel is related to buffer copying without checki...

5.5CVSS7.2AI score0.01013EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:8 p.m.•34 views

Advisory ROSA-SA-2021-1971

Software: snort 2.9.16 OS: Cobalt 7.9 CVE-ID: CVE-2021-1223 CVE-Crit: HIGH CVE-DESC: Several Cisco products are affected by a vulnerability in the Snort discovery engine that could allow an unauthenticated remote attacker to bypass the configured file policy for HTTP. The vulnerability is related...

7.5CVSS6.6AI score0.02005EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:36 p.m.•34 views

Advisory ROSA-SA-2021-1935

Software: openldap 2.4.44 OS: Cobalt 7.9 CVE-ID: CVE-2017-14159 CVE-Crit: MEDIUM CVE-DESC: slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping the privileges of a non-root account, which could allow local users to kill arbitrary processes using access to that non-root account t...

7.5CVSS8.1AI score0.84224EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:32 p.m.•34 views

Advisory ROSA-SA-2021-1926

Software: nasm 2.10.07 OS: Cobalt 7.9 CVE-ID: CVE-2018-1000667 CVE-Crit: MEDIUM CVE-DESC: NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains nasm memory corruption crash while processing a created file due to assemblyfile inname, independentptr function at asm / nasm.c: 482...

7.8CVSS7.1AI score0.05166EPSS
Exploits9
Rosalinux
Rosalinux
•added 2021/07/02 4:56 p.m.•34 views

Advisory ROSA-SA-2021-1846

Software: gnome-shell 3.28.3 OS: Cobalt 7.9 CVE-ID: CVE-2020-17489 CVE-Crit: MEDIUM CVE-DESC: A problem was found in some GNOME gnome-shell configurations through 3.36.4. When logging out of an account, the password field in the login dialog box reappears, but the password is still displayed. If...

4.3CVSS7.1AI score0.00553EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:45 p.m.•34 views

Advisory ROSA-SA-2021-1843

Software: git 1.8.3.1 OS: Cobalt 7.9 CVE-ID: CVE-2015-7545 CVE-Crit: CRITICAL CVE-DESC: 1 git-remote-ext and 2 unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict allowed protocols, which could all...

9.8CVSS8.1AI score0.88644EPSS
Exploits9
Rosalinux
Rosalinux
•added 2021/07/02 4:44 p.m.•34 views

Advisory ROSA-SA-2021-1839

Software: gdb 7.6.1 OS: Cobalt 7.9 CVE-ID: CVE-2019-1010180 CVE-Crit: HIGH CVE-DESC: GNU gdb All versions are affected by: Buffer overflow - accessing a limited amount of memory. Consequences are: denial of service, memory disclosure, and possible code execution. Component: The gdb core module...

7.8CVSS7.8AI score0.02628EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 4:34 p.m.•34 views

Advisory ROSA-SA-2021-1813

Software: clamav 0.102.4 OS: Cobalt 7.9 CVE-ID: CVE-2021-1386 CVE-Crit: HIGH CVE-DESC: A vulnerability in the Dynamic Link Library DLL loading mechanism in Cisco Advanced Malware Protection AMP for Windows Connector endpoints, ClamAV for Windows, and Immunet could allow an authenticated local...

7.8CVSS7.8AI score0.03155EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 1:54 p.m.•33 views

Advisory ROSA-SA-2025-2625

software: postgresql 12.17 WASP: ROSA-CHROME packageevrstring: postgresql-12.17-2 CVE-ID: CVE-2024-0985 BDU-ID: 2024-01121 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the REFRESH MATERIALIZED VIEW CONCURRENTLY function of the PostgreSQL database management system involves privilege management...

8CVSS9.3AI score0.01465EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:49 a.m.•33 views

Advisory ROSA-SA-2025-2584

software: xrdp 0.10.1 OS: ROSA-CHROME packageevrstring: xrdp-0.10.1-2 CVE-ID: CVE-2024-39917 BDU-ID: 2024-10780 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the authentication mechanism of the XRDP remote access tool is related to a flaw in the limitation of authentication attempts governed ...

9.8CVSS9.6AI score0.00602EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 10:9 p.m.•33 views

Advisory ROSA-SA-2024-2497

Software: python-urllib3 1.24.2 OS: ROSA Virtualization 2.1 packageevrstring: python-urllib3-1.24.2-8.rv3 CVE-ID: CVE-2020-26137 BDU-ID: 2021-05230 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the urllib3 module method of the Python programming language interpreter is related to insufficient...

8.1CVSS5.5AI score0.02269EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/07/31 9:50 a.m.•33 views

Advisory ROSA-SA-2024-2460

software: gnuplot 5.4.10 OS: ROSA-CHROME packageevrstring: gnuplot-5.4.10-1 CVE-ID: CVE-2020-25412 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: comline in command.c in gnuplot causes writes outside the memory buffer from strncpy, which may lead to arbitrary code execution. CVE-STATUS: Fixed CVE-REV...

9.8CVSS7.5AI score0.02528EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/07/23 11:11 a.m.•33 views

Advisory ROSA-SA-2024-2454

software: dom4j 2.0.3 AXIS: ROSA-CHROME packageevrstring: dom4j-2.0.3-1 CVE-ID: CVE-2018-1000632 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: The dom4j version contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute, which could lead to an attacker forging XM...

9.8CVSS7.8AI score0.07269EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/24 2:17 p.m.•33 views

Advisory ROSA-SA-2023-2282

Software: dmidecode 3.5 WASP: ROSA-CHROME packageevrstring: dmidecode-3.5-2.src.rpm CVE-ID: CVE-2023-30630 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dmidecode before version 3.5 allows -dump-bin to overwrite the local file. This has security implications because, for example, it is quite possible to...

7.1CVSS7AI score0.00523EPSS
Exploits1
Rosalinux
Rosalinux
•added 2023/10/17 12:52 p.m.•33 views

Advisory ROSA-SA-2023-2247

software: openexr 2.5.8 OS: ROSA-CHROME packageevrstring: openexr-2.5.8-1.src.rpm CVE-ID: CVE-2021-23169 BDU-ID: 2021-04603 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the copyIntoFrameBuffer function of the OpenEXR wide dynamic range luminance image storage software is related to writing beyo...

8.8CVSS6.3AI score0.02291EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/07/04 12:37 p.m.•33 views

Advisory ROSA-SA-2023-2177

Software: libcacard 2.5.2 OS: ROSA-CHROME packageevrstring: libcacard-2.5.2-6.src.rpm CVE-ID: CVE-2017-6414 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A memory leak in the vcardapdunew function in the card7816.c file in libcacard before version 2.5.3 allows local guest OS users to cause a denial of...

6.5CVSS6.5AI score0.00444EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/05/28 9:4 a.m.•33 views

Advisory ROSA-SA-2023-2165

Software: nss 3.53.1 OS: rosa-server79 packageevrstring: 3.53.1-7.res7 CVE-ID: CVE-2023-0767 BDU-ID: 2023-01270 CVE-Crit: HIGH CVE-DESC: A vulnerability in Mozilla Firefox, Mozilla Firefox ESR, and Mozilla Thunderbird email client browsers is related to improper limiting of operations within the...

8.8CVSS9AI score0.00817EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/04/11 1:56 p.m.•33 views

Advisory ROSA-SA-2023-2149

Software: sqlite 3.26.0 OS: ROSA Virtualization 2.1 packageevrstring: 3.26.0 CVE-ID: CVE-2019-19645 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC: Alter.c in SQLite before 3.30.1 allows attackers to trigger infinite recursion using certain types of self-referential views in conjunction with ALTER TABLE...

9.8CVSS8.2AI score0.17981EPSS
Exploits2
Rosalinux
Rosalinux
•added 2023/02/02 8:13 a.m.•33 views

Advisory ROSA-SA-2023-2085

Software: xrdp 0.9.21 OS: rosa-server79 packageevrstring: xrdp-0.9.21 CVE-ID: CVE-2022-23477 BDU-ID: 2022-07224 CVE-Crit: CRITICAL CVE-DESC: A vulnerability in the audinsendopen function of the xrdp server is related to the possibility of a stacked buffer overflow. Exploitation of the vulnerabili...

9.8CVSS9.3AI score0.00847EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 6:19 p.m.•33 views

Advisory ROSA-SA-2021-1994

Software: vorbis-tools 1.4.0 OS: Cobalt 7.9 CVE-ID: CVE-2014-9638 CVE-Crit: MEDIUM CVE-DESC: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service division-by-zero error and crash via a WAV file with the number of channels set to zero. CVE-STATUS: default CVE-REV:...

5.5CVSS5.6AI score0.03793EPSS
Exploits6
Rosalinux
Rosalinux
•added 2021/07/02 6:10 p.m.•33 views

Advisory ROSA-SA-2021-1977

Software: sssd 1.16.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-16883 CVE-Crit: MEDIUM CVE-DESC: sssd versions 1.13.0 through 2.0.0 incorrectly restricted access to the information channel according to the "alloweduids" configuration parameter. If sensitive information was stored in a user's directory, it...

5.5CVSS5.6AI score0.00696EPSS
Exploits0
Rosalinux
Rosalinux
•added 2021/07/02 5:59 p.m.•33 views

Advisory ROSA-SA-2021-1954

Software: postfix 2.10.1 OS: Cobalt 7.9 CVE-ID: CVE-2017-10140 CVE-Crit: HIGH CVE-DESC: Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 may allow local users to gain privileges using undocumented features in Berkeley DB 2. x and later related to reading...

7.8CVSS7.7AI score0.00567EPSS
Exploits1
Rosalinux
Rosalinux
•added 2021/07/02 5:58 p.m.•33 views

Advisory ROSA-SA-2021-1951

Software: pidgin 2.10.11 OS: Cobalt 7.9 CVE-ID: CVE-2016-1000030 CVE-Crit: CRITICAL CVE-DESC: Pidgin version 2.11.0 contains a vulnerability in X.509 certificate import, specifically due to improper validation of return values from gnutlsx509crtinit and gnutlsx509crtimport , which could lead to...

9.8CVSS7.9AI score0.04554EPSS
Exploits17
Rosalinux
Rosalinux
•added 2021/07/02 5:36 p.m.•33 views

Advisory ROSA-SA-2021-1937

Software: openslp 2.0.0 OS: Cobalt 7.9 CVE-ID: CVE-2016-4912 CVE-Crit: HIGH CVE-DESC: The xrealloc function in xlspxmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service dereferencing a null pointer and crashing through a large number of created packets, causing a memory...

9.8CVSS7.3AI score0.12463EPSS
Exploits5
Rosalinux
Rosalinux
•added 2021/07/02 5:35 p.m.•33 views

Advisory ROSA-SA-2021-1932

Software: ntp 4.2.6p5 OS: Cobalt 7.9 CVE-ID: CVE-2015-5146 CVE-Crit: MEDIUM CVE-DESC: ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer trusted to perform remote configuration to cau...

7.1CVSS7.3AI score0.08948EPSS
Exploits3
Rosalinux
Rosalinux
•added 2021/07/02 5:1 p.m.•33 views

Advisory ROSA-SA-2021-1849

Software: grub2 2.02 OS: Cobalt 7.9 CVE-ID: CVE-2020-15706 CVE-Crit: MEDIUM CVE-DESC: GRUB2 contains a race condition in grubscriptfunctioncreate leading to a post-release exploitation vulnerability that can be triggered by overriding a function when the same function is already executing, leadin...

8.2CVSS8.4AI score0.01738EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/06/23 7:23 a.m.•32 views

Advisory ROSA-SA-2025-2898

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-12.0.1.rv30 CVE-ID: CVE-2019-1547 BDU-ID: 2019-04084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the ecerr.c and eclib.c functions of the OpenSSL library is related to the lack of data encryption measures...

10CVSS9.2AI score0.96275EPSS
Exploits15
Rosalinux
Rosalinux
•added 2025/01/28 7:33 p.m.•32 views

Advisory ROSA-SA-2025-2660

Software: tcpdump 4.99.4 OS: ROSA-CHROME packageevrstring: tcpdump-4.99.4-2 CVE-ID: CVE-2018-16301 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in tcpdump: buffer overflow on processing command line arguments. CVE-STATUS: Vulnerability has been resolved. CVE-REV: To close the vulnerabilit...

7.8CVSS7.8AI score0.03071EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:49 a.m.•32 views

Advisory ROSA-SA-2025-2585

software: xorgxrdp 0.10.2 OS: ROSA-CHROME packageevrstring: xorgxrdp-0.10.2-1 CVE-ID: CVE-2024-39917 BDU-ID: 2024-10780 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the authentication mechanism of the XRDP remote access tool is related to a flaw in the limitation of authentication attempts...

9.8CVSS9.6AI score0.00602EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/10/03 10:37 p.m.•32 views

Advisory ROSA-SA-2024-2506

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-5.rv3 CVE-ID: CVE-2020-28493 BDU-ID: 2022-05230 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python programming language interpreter html-template tool jinja2 is related to incorrect resource...

6.1CVSS6.3AI score0.00979EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/07/15 10:14 a.m.•32 views

Advisory ROSA-SA-2024-2453

Software: e2fsprogs 1.46.6 WASP: ROSA-CHROME packageevrstring: e2fsprogs-1.46.6-1 CVE-ID: CVE-2022-1304 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A read/write vulnerability outside the allocated area has been detected in e2fsprogs. This issue leads to a segmentation error and possible execution of...

7.8CVSS7.5AI score0.01382EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/06/27 10:16 a.m.•32 views

Advisory ROSA-SA-2024-2435

software: vim 9.0.2130 WASP: ROSA-CHROME packageevrstring: vim-9.0.2130-1 CVE-ID: CVE-2023-46246 BDU-ID: 2023-07250 CVE-Crit: LOW CVE-DESC.: A vulnerability in the gagrowinner function of the vim text editor, protocol for software Unix is caused by an integer overflow. Exploitation of the...

5.5CVSS6.7AI score0.00366EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/06/17 9:5 a.m.•32 views

Advisory ROSA-SA-2024-2433

software: emacs 28.1 WASP: ROSA-CHROME packageevrstring: emacs-28.1-5 CVE-ID: CVE-2022-48339 BDU-ID: None CVE-Crit: N/A CVE-DESC.: A problem was discovered in GNU Emacs. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and srcdir paramet...

9.8CVSS7.9AI score0.01639EPSS
Exploits0
Rosalinux
Rosalinux
•added 2024/03/12 12:50 p.m.•32 views

Advisory ROSA-SA-2024-2373

Software: pixman 0.38.4 OS: ROSA Virtualization 2.1 packageevrstring: pixman-0.38.4.src.rpm CVE-ID: CVE-2022-44638 BDU-ID: 2022-06667 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rasterizeedges8 function of the Pixman library is related to the ability to write beyond buffer boundaries in...

8.8CVSS8AI score0.0144EPSS
Exploits1
Rosalinux
Rosalinux
•added 2024/02/20 8:36 a.m.•32 views

Advisory ROSA-SA-2024-2346

Software: gstreamer1-plugins-bad-free 1.10.4 OS: rosa-server79 packageevrstring: gstreamer1-plugins-bad-free-1.10.4-4.res7 CVE-ID: CVE-2023-44446 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A post-release usage error was detected in the MXF demultiplexer in GStreamer when processing some MXF video...

8.8CVSS7AI score0.01744EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/12/19 12:8 p.m.•32 views

Advisory ROSA-SA-2023-2314

Software: java-1.8.0-openjdk 1.8.0.392.b08 OS: rosa-server79 packageevrstring: java-1.8.0-openjdk-1.8.0.392.b08-2.res7 CVE-ID: CVE-2020-14779 BDU-ID: 2020-05051 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Serialization component of the Java SE, Java SE Embedded software platforms is related t...

4.3CVSS8.7AI score0.04238EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/12/05 10:31 a.m.•32 views

Advisory ROSA-SA-2023-2300

Software: grub2 2.02 OS: ROSA Virtualization 2.1 packageevrstring: grub2-2.02-106.0.3.rv3.src.rpm CVE-ID: CVE-2020-14372 BDU-ID: 2022-00326 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Secure Boot protocol implementation of the Grub2 operating system boot loader is related to an incorrect...

8.2CVSS8.7AI score0.01738EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/24 2:9 p.m.•32 views

Advisory ROSA-SA-2023-2281

Software: cups 2.2.6 OS: ROSA Virtualization 2.1 packageevrstring: cups-2.2.6-51.0.1.rv3.src.rpm CVE-ID: CVE-2022-26691 BDU-ID: 2022-04718 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CUPS print server is related to flaws in the authorization procedure. Exploitation of the vulnerability cou...

7.2CVSS6.9AI score0.00579EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/10/21 4:3 p.m.•32 views

Advisory ROSA-SA-2023-2256

Software: libmysofa 1.3.1 OS: ROSA-CHROME packageevrstring: libmysofa-1.3.1-1.src.rpm CVE-ID: CVE-2020-36148 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Improper handling of input to theverifyAttribute function in the libmysofa 0.5-1.1 library will result in dereferencing a null pointer and a...

9.8CVSS8.2AI score0.02255EPSS
Exploits6
Rosalinux
Rosalinux
•added 2023/08/01 1:7 p.m.•32 views

Advisory ROSA-SA-2023-2205

Software: libarchive 3.3.3 OS: ROSA Virtualization 2.1 packageevrstring: libarchive-3.3.3.3-5.rv3.src.rpm CVE-ID: CVE-2021-23177 BDU-ID: 2022-01463 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libarchive archiving library is related to symbolic link tracking. Exploitation of the vulnerability...

9.8CVSS7.8AI score0.01936EPSS
Exploits0
Rosalinux
Rosalinux
•added 2023/07/18 11:12 a.m.•32 views

Advisory ROSA-SA-2023-2190

Software: c-ares 1.10.0 OS: rosa-server79 packageevrstring: 1.10.0-3.res7.1 CVE-ID: CVE-2023-32067 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: This problem occurs due to a 0-byte UDP payload that can cause a denial of service. CVE-STATUS: Fixed CVE-REV: To close, run the yum update c-ares command...

7.5CVSS6.8AI score0.01577EPSS
Exploits0
Total number of security vulnerabilities1374