Lucene search
K
RosalinuxRecent

1374 matches found

Rosalinux
Rosalinux
•added 2025/05/19 5:10 p.m.•35 views

Advisory ROSA-SA-2025-2862

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 packageevrstring: kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2023-52864 BDU-ID: 2024-10416 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the wmicharopen function of the Linux operating system kernel is related to the driver not binding to a devi...

7.8CVSS10AI score0.28058EPSS
Exploits16
Rosalinux
Rosalinux
•added 2025/05/19 4:10 p.m.•11 views

Advisory ROSA-SA-2025-2861

Software: kernel 4.18.0 OS: ROSA Virtualization 3.0 packageevrstring: kernel-4.18.0-553.40.1.el810 CVE-ID: CVE-2019-13631 BDU-ID: 2019-03626 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parsehidreportdescriptor function of the Linux operating system kernel is related to writing outside buffer...

10CVSS8.7AI score0.07619EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/04/30 8:52 a.m.•35 views

Advisory ROSA-SA-2025-2860

Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-65.rv30.3 CVE-ID: CVE-2016-0736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Apache HTTP Server due to insufficient data encryption in modsessioncrypto, making the server susceptible to padding oracle...

9.8CVSS10AI score0.94999EPSS
Exploits20
Rosalinux
Rosalinux
•added 2025/04/30 8:49 a.m.•47 views

Advisory ROSA-SA-2025-2859

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-65.0.1.rv3.3 CVE-ID: CVE-2016-0736 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Apache HTTP Server due to insufficient data encryption in modsessioncrypto, making the server susceptible to padding oracl...

9.8CVSS10AI score0.94999EPSS
Exploits20
Rosalinux
Rosalinux
•added 2025/04/30 8:30 a.m.•13 views

Advisory ROSA-SA-2025-2858

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

7.5CVSS7.8AI score0.62906EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/04/30 8:25 a.m.•15 views

Advisory ROSA-SA-2025-2857

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

7.5CVSS7.8AI score0.62906EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/04/30 7:46 a.m.•17 views

Advisory ROSA-SA-2025-2856

Software: modauthopenidc 2.4.9.4 OS: ROSA Virtualization 3.0 packageevrstring: modauthopenidc-2.4.9.4-7.rv30 CVE-ID: CVE-2024-24814 BDU-ID: 2024-02794 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is associated...

7.5CVSS6.9AI score0.01261EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/30 7:46 a.m.•23 views

Advisory ROSA-SA-2025-2855

Software: modhttp2 1.15.7 OS: ROSA Virtualization 3.0 packageevrstring: modhttp2-1.15.7-10.rv30.3 CVE-ID: CVE-2024-38477 BDU-ID: 2024-05195 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modproxy module of the Apache HTTP Server web server is related to an incorrect null pointer entry...

7.5CVSS8.5AI score0.03153EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/30 7:46 a.m.•6 views

Advisory ROSA-SA-2025-2854

Software: binutils 2.30 OS: ROSA Virtualization 3.0 packageevrstring: binutils-2.30-125.0.1.rv30 CVE-ID: CVE-2018-1000876 BDU-ID: 2023-01657 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the disassembledata function of the objdump.c component of the GNU Binutils development software tool is...

7.8CVSS7.8AI score0.01234EPSS
Exploits6
Rosalinux
Rosalinux
•added 2025/04/30 7:45 a.m.•17 views

Advisory ROSA-SA-2025-2853

Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-14.0.1.rv3 CVE-ID: CVE-2024-5535 BDU-ID: 2024-06988 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSLselectnextproto function of the TLS and SSL OpenSSL protocol toolkit is related to information disclosure...

9.1CVSS7.1AI score0.05582EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/30 7:45 a.m.•24 views

Advisory ROSA-SA-2025-2852

Software: modhttp2 1.15.7 OS: ROSA Virtualization 2.1 packageevrstring: modhttp2-1.15.7-10.rv3.3 CVE-ID: CVE-2023-25690 BDU-ID: 2023-01738 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the modproxy module of the Apache HTTP Server web server is related to flaws in the handling of the...

9.8CVSS8.5AI score0.99999EPSS
Exploits27
Rosalinux
Rosalinux
•added 2025/04/30 7:45 a.m.•37 views

Advisory ROSA-SA-2025-2851

Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-65.0.1.rv3.3 CVE-ID: CVE-2023-27522 BDU-ID: 2023-02021 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modproxyuwsgi component of the Apache HTTP Server web server is related to flaws in HTTP request handling...

9.8CVSS9AI score0.99957EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•19 views

Advisory ROSA-SA-2025-2849

Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-19.rv3 CVE-ID: CVE-2024-56171 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in libxml2: use-after-free in xmlschemas.c. CVE-STATUS: Vulnerability resolved. CVE-REV: To close the vulnerability, run the...

9.8CVSS7.9AI score0.0113EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•14 views

Advisory ROSA-SA-2025-2850

Software: libX11 1.6.8 OS: ROSA Virtualization 2.1 packageevrstring: libX11-1.6.8-9.0.1.rv3 CVE-ID: CVE-2020-14344 BDU-ID: 2020-03916 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the X Window System libX11 client API provisioning library is caused by an integer overflow. Exploitation of the...

9.8CVSS10AI score0.10634EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•13 views

Advisory ROSA-SA-2025-2848

Software: libsndfile 1.0.28 OS: ROSA Virtualization 2.1 packageevrstring: libsndfile-1.0.28-16.rv3 CVE-ID: CVE-2022-33065 BDU-ID: 2025-03968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the aureadheader function of the src/au.c component of the Libsndfile audio file reading and writing library...

7.8CVSS8.2AI score0.00351EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•5 views

Advisory ROSA-SA-2025-2843

Software: gmp 6.1.2 OS: ROSA Virtualization 2.1 packageevrstring: gmp-6.1.2-11.rv3 CVE-ID: CVE-2021-43618 BDU-ID: 2022-05776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mpz/inpraw.c component of the GMP arithmetic operations library on 32-bit platforms is related to integer overflow...

7.5CVSS7.5AI score0.03425EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•19 views

Advisory ROSA-SA-2025-2840

Software: expat 2.2.5 OS: ROSA Virtualization 2.1 packageevrstring: expat-2.2.5-16.0.1.rv3 CVE-ID: CVE-2021-45960 BDU-ID: 2022-01003 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the storeAtts function of the Expat library involves uncontrolled resource consumption. Exploitation of the vulnerabili...

9.8CVSS9.9AI score0.34174EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•17 views

Advisory ROSA-SA-2025-2838

Software: cups 2.2.6 OS: ROSA Virtualization 2.1 packageevrstring: cups-2.2.6-62.0.1.rv3 CVE-ID: CVE-2024-47175 BDU-ID: 2024-07645 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the ppdCreatePPDFromIPP2 function of the CUPS print server libppd library is related to failure to take measures to...

9.8CVSS8.7AI score0.62474EPSS
Exploits5
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•13 views

Advisory ROSA-SA-2025-2837

Software: bubblewrap 0.4.0 OS: ROSA Virtualization 2.1 packageevrstring: bubblewrap-0.4.0-2.rv3 CVE-ID: CVE-2024-42472 BDU-ID: 2024-06671 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Flatpak application and environment management tool is related to improper neutralization of special output...

10CVSS9.5AI score0.01283EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•27 views

Advisory ROSA-SA-2025-2836

Software: dhcp 4.3.6 OS: ROSA Virtualization 2.1 packageevrstring: dhcp-4.3.6-50.0.1.rv3 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity a...

7.5CVSS7.8AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•34 views

Advisory ROSA-SA-2025-2835

Software: bind-dyndb-ldap 11.6 OS: ROSA Virtualization 2.1 packageevrstring: bind-dyndb-ldap-11.6-5.rv3 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithm...

7.5CVSS7.8AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•24 views

Advisory ROSA-SA-2025-2846

Software: iperf3 3.5 OS: ROSA Virtualization 2.1 packageevrstring: iperf3-3.5-11.rv3 CVE-ID: CVE-2024-53580 BDU-ID: 2024-11145 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Iperf3 network bandwidth measurement tool is related to improper handling of test parameters passed to the server in json...

7.5CVSS7.4AI score0.00908EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•6 views

Advisory ROSA-SA-2025-2847

Software: less 530 OS: ROSA Virtualization 2.1 packageevrstring: less-530-3.rv3 CVE-ID: CVE-2022-48624 BDU-ID: 2024-04438 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the closealtfile filename.c function for UNIX-like Less text terminals is related to the skipping of Shellquote calls for...

8.6CVSS8.9AI score0.01059EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•8 views

Advisory ROSA-SA-2025-2845

Software: harfbuzz 1.7.5 OS: ROSA Virtualization 2.1 packageevrstring: harfbuzz-1.7.5-4.rv3 CVE-ID: CVE-2023-25193 BDU-ID: 2023-06149 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is associated with unrestricted resourc...

7.5CVSS7.4AI score0.01812EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•10 views

Advisory ROSA-SA-2025-2844

Software: gtk3 3.22.30 OS: ROSA Virtualization 2.1 packageevrstring: gtk3-3.22.30-12.rv3 CVE-ID: CVE-2024-6655 BDU-ID: 2024-06447 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GTK graphical user interface creation library GIMP Toolkit is related to mismanagement of code generation...

7CVSS7AI score0.00464EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•14 views

Advisory ROSA-SA-2025-2841

Software: emacs 26.1 OS: ROSA Virtualization 2.1 packageevrstring: emacs-26.1-13.rv3 CVE-ID: CVE-2022-45939 BDU-ID: 2024-05926 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the lib-src/etags.c file of the ctags component of the EMACS text editor is related to improper neutralization of special...

9.8CVSS9.9AI score0.02657EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•22 views

Advisory ROSA-SA-2025-2839

Software: dnsmasq 2.79 OS: ROSA Virtualization 2.1 packageevrstring: dnsmasq-2.79-33.0.1.rv3 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory...

8.3CVSS8.2AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•9 views

Advisory ROSA-SA-2025-2842

Software: gdk-pixbuf2 2.36.12 OS: ROSA Virtualization 2.1 packageevrstring: gdk-pixbuf2-2.36.12-6.0.1.rv3 CVE-ID: CVE-2022-48622 BDU-ID: 2024-06670 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GdkPixbuf image loading library is related to a heap memory corruption in aniloadchunk. Exploitation...

7.8CVSS8AI score0.00415EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•27 views

Advisory ROSA-SA-2025-2834

Software: bind 9.11.36 OS: ROSA Virtualization 2.1 packageevrstring: bind-9.11.36-16.rv3.4 CVE-ID: CVE-2022-3094 BDU-ID: 2023-00580 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the named component of the DNS BIND server is related to the ability to use memory after it has been freed. Exploitation...

7.5CVSS8.4AI score0.99995EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•11 views

Advisory ROSA-SA-2025-2833

Software: binutils 2.30 OS: ROSA Virtualization 2.1 packageevrstring: binutils-2.30-125.0.1.rv3 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.5AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 10:8 p.m.•7 views

Advisory ROSA-SA-2025-2832

Software: avahi 0.7 OS: ROSA Virtualization 2.1 packageevrstring: avahi-0.7-21.0.1.rv3 CVE-ID: CVE-2023-1981 BDU-ID: 2023-03858 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Avahi Local Area Network Service Discovery System involves uncontrolled resource consumption. Exploitation of the...

6.2CVSS7AI score0.0045EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•9 views

Advisory ROSA-SA-2025-2829

Software: postgresql-jdbc 42.2.28 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-jdbc-42.2.28-1.0.1.rv30 CVE-ID: CVE-2024-1597 BDU-ID: 2024-01541 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the JDBC driver pgjdbc for connecting Java programs to a PostgreSQL database is related to...

10CVSS8.3AI score0.0481EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•7 views

Advisory ROSA-SA-2025-2828

Software: postgresql14 14.16 OS: ROSA Virtualization 3.0 packageevrstring: postgresql14-14.16-1PGDG.rv30 CVE-ID: CVE-2024-10976 BDU-ID: 2024-09684 CVE-Crit: LOW CVE-DESC.: A vulnerability in the CREATE POLICY row-protected table security policy of the PostgreSQL database management system is...

8.8CVSS9.2AI score0.89472EPSS
Exploits11
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•15 views

Advisory ROSA-SA-2025-2827

Software: postgresql 13.20 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-13.20-1.rv30 CVE-ID: CVE-2024-10976 BDU-ID: 2024-09684 CVE-Crit: LOW CVE-DESC.: A vulnerability in the CREATE POLICY row-protected table security policy of the PostgreSQL database management system is related to a...

8.8CVSS9.2AI score0.89472EPSS
Exploits11
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•14 views

Advisory ROSA-SA-2025-2824

Software: python3x-dns 1.15.0 OS: ROSA Virtualization 3.0 packageevrstring: python3x-dns-1.15.0-12.rv30 CVE-ID: CVE-2023-29483 BDU-ID: 2025-03301 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Python toolkit dnspython is related to insufficient validation of user input. Exploitation of the...

7CVSS7.4AI score0.01857EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•9 views

Advisory ROSA-SA-2025-2826

Software: python-requests 2.25.8 OS: ROSA Virtualization 3.0 packageevrstring: python-requests-2.25.8-1.rv30 CVE-ID: CVE-2023-32681 BDU-ID: 2023-03874 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient...

6.1CVSS7.2AI score0.02782EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•17 views

Advisory ROSA-SA-2025-2825

Software: python-pip 9.0.3 OS: ROSA Virtualization 3.0 packageevrstring: python-pip-9.0.3-24.rv30 CVE-ID: CVE-2007-4559 BDU-ID: 2022-05975 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extract and extractall functions of the tarfile module of the Python programming language interpreter is...

9.8CVSS7.6AI score0.27095EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•16 views

Advisory ROSA-SA-2025-2823

Software: python-dns 1.15.0 OS: ROSA Virtualization 3.0 packageevrstring: python-dns-1.15.0-12.rv30 CVE-ID: CVE-2023-29483 BDU-ID: 2025-03301 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Python toolkit dnspython is related to insufficient validation of user input. Exploitation of the...

7CVSS7.4AI score0.01857EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•25 views

Advisory ROSA-SA-2025-2830

Software: golang 1.19.13 OS: ROSA Virtualization 3.0 packageevrstring: golang-1.19.13-2.rv30 CVE-ID: CVE-2023-29402 BDU-ID: 2023-03201 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Cgo module of the Go programming language is related to incorrect code generation control when handling directory...

9.8CVSS9AI score0.99999EPSS
Exploits19
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•17 views

Advisory ROSA-SA-2025-2831

Software: grafana 7.5.15 OS: ROSA Virtualization 3.0 packageevrstring: grafana-7.5.15-5.rv30 CVE-ID: CVE-2023-44487 BDU-ID: 2023-06559 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already...

7.5CVSS8.5AI score0.99999EPSS
Exploits19
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•25 views

Advisory ROSA-SA-2025-2814

Software: qemu-kvm 6.2.0 OS: ROSA Virtualization 3.0 packageevrstring: qemu-kvm-6.2.0-53.rv30.2 CVE-ID: CVE-2021-3750 BDU-ID: 2024-04421 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the QEMU hardware emulator is related to a lack of checks to see if the buffer pointer overlaps with the MMIO...

8.2CVSS8.6AI score0.01891EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•7 views

Advisory ROSA-SA-2025-2822

Software: pampkcs11 0.6.13 OS: ROSA Virtualization 3.0 packageevrstring: pampkcs11-0.6.13-1.rv30 CVE-ID: CVE-2025-24032 BDU-ID: None CVE-Crit: DATA LOSSES. CVE-DESC.: The PAM-PKCS11 vulnerability allows an attacker to log in to a user account using a token created by the user. CVE-STATUS: The...

9.2CVSS6.7AI score0.00677EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•11 views

Advisory ROSA-SA-2025-2821

Software: perl-HTTP-Tiny 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-HTTP-Tiny-0.074-3.rv30 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authenticati...

8.1CVSS8.5AI score0.01742EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•9 views

Advisory ROSA-SA-2025-2820

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 packageevrstring: tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2021-41043 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The Use after free vulnerability in tcpslice causes AddressSanitizer, with no other confirmed impact. CVE-STATUS: The vulnerability has been...

5.5CVSS7.3AI score0.0087EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•8 views

Advisory ROSA-SA-2025-2819

Software: squashfs-tools 4.3 OS: ROSA Virtualization 3.0 packageevrstring: squashfs-tools-4.3-21.rv30 CVE-ID: CVE-2021-40153 BDU-ID: 2021-05217 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the squashfsopendir function of the unsquash-1.c component of the Squashfs Squashfs-Tools file system...

8.1CVSS6.9AI score0.025EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•13 views

Advisory ROSA-SA-2025-2818

Software: rsync 3.1.3 OS: ROSA Virtualization 3.0 packageevrstring: rsync-3.1.3-21.rv30 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync file transfer and synchronization utilit...

7.5CVSS7.5AI score0.04575EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•8 views

Advisory ROSA-SA-2025-2817

Software: rpm 4.14.3 OS: ROSA Virtualization 3.0 packageevrstring: rpm-4.14.3-31.rv30 CVE-ID: CVE-2021-35937 BDU-ID: 2021-03555 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RPM Package Manager RPM of Red Hat Enterprise Linux operating systems is caused by a race condition. Exploitation of t...

6.7CVSS7AI score0.00491EPSS
Exploits3
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•9 views

Advisory ROSA-SA-2025-2815

Software: binutils 2.30 OS: ROSA Virtualization 3.0 packageevrstring: binutils-2.30-125.rv30 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.6AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:55 p.m.•7 views

Advisory ROSA-SA-2025-2816

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2024-5535 BDU-ID: 2024-06988 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSLselectnextproto function of the SSL toolkit for the TLS and SSL OpenSSL protocols is related to informatio...

9.1CVSS9.1AI score0.05582EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/04/11 9:49 p.m.•14 views

Advisory ROSA-SA-2025-2809

Software: libsndfile 1.0.28 OS: ROSA Virtualization 3.0 packageevrstring: libsndfile-1.0.28-16.rv30 CVE-ID: CVE-2022-33065 BDU-ID: 2025-03968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the aureadheader function of the src/au.c component of the Libsndfile audio file reading and writing library...

7.8CVSS8.1AI score0.00351EPSS
Exploits2
Total number of security vulnerabilities1374