Lucene search
K
RosalinuxRecent

1374 matches found

Rosalinux
Rosalinux
•added 2025/01/28 11:31 a.m.•23 views

Advisory ROSA-SA-2025-2609

software: shadow-utils 4.10 WASP: ROSA-CHROME packageevrstring: shadow-utils-4.10-7 CVE-ID: CVE-2023-4641 BDU-ID: 2024-02776 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the shadow-utils package involves requesting a password twice and failing to clear the memory buffer. Exploitation of the...

5.5CVSS7.2AI score0.00257EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 11:14 a.m.•12 views

Advisory ROSA-SA-2025-2608

software: pam 1.5.1 OS: ROSA-CHROME packageevrstring: pam-1.5.1-5 CVE-ID: CVE-2024-22365 BDU-ID: 2024-00829 CVE-Crit: LOW CVE-DESC.: A vulnerability in the protectdir pamnamespace.so function of the Linux-PAM authentication module is related to incorrect resource sweep or release. Exploitation of...

5.5CVSS7.1AI score0.00455EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 11:11 a.m.•10 views

Advisory ROSA-SA-2025-2607

software: gnutls 3.8.4 OS: ROSA-CHROME packageevrstring: gnutls-3.8.4-1 CVE-ID: CVE-2024-0553 BDU-ID: 2024-00707 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GnuTLS transport layer cryptographic library is related to a difference in response time when processing an RSA ciphertext in a...

7.5CVSS7.3AI score0.01614EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/28 11:8 a.m.•23 views

Advisory ROSA-SA-2025-2606

software: grub2 2.06 WASP: ROSA-CHROME packageevrstring: grub2-2.06-22 CVE-ID: CVE-2023-4692 BDU-ID: 2023-06822 CVE-Crit: LOW CVE-DESC.: A vulnerability in the fs/ntfs.c component of the Grub2 operating systems loader is related to a buffer overflow in dynamic memory. Exploitation of the...

7.8CVSS8.2AI score0.00536EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/28 11:6 a.m.•7 views

Advisory ROSA-SA-2025-2605

software: libuv 1.44.2 OS: ROSA-CHROME packageevrstring: libuv-1.44.2-2 CVE-ID: CVE-2024-24806 BDU-ID: 2024-02979 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the uvgetaddrinfo function src/unix/getaddrinfo.c, src/win/getaddrinfo.c of the libuv asynchronous I/O library is related to insufficient...

7.3CVSS6.9AI score0.02003EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/28 11:4 a.m.•8 views

Advisory ROSA-SA-2025-2604

software: expat 2.6.2 OS: ROSA-CHROME packageevrstring: expat-2.6.2-1 CVE-ID: CVE-2023-52426 BDU-ID: 2024-04334 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to improper restriction of recursive object references in DTDs. Exploitation of the...

7.5CVSS7.8AI score0.02006EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/28 10:54 a.m.•25 views

Advisory ROSA-SA-2025-2603

software: dbus 1.12.20 WASP: ROSA-CHROME packageevrstring: dbus-1.12.20-8 CVE-ID: CVE-2022-42010 BDU-ID: 2022-06389 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug assemblies caused by a syntactical...

6.5CVSS7AI score0.01417EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/01/28 10:46 a.m.•18 views

Advisory ROSA-SA-2025-2602

software: glib2.0 2.72.3 OS: ROSA-CHROME packageevrstring: glib2.0-2.72.3-2 CVE-ID: CVE-2023-32665 BDU-ID: 2023-07655 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Glib library is related to the recovery of invalid data in memory. Exploitation of the vulnerability could allow an attacker to...

5.5CVSS6.7AI score0.00389EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/28 10:42 a.m.•20 views

Advisory ROSA-SA-2025-2601

software: qt5-qtbase 5.15.10 OS: ROSA-CHROME packageevrstring: qt5-qtbase-5.15.10-3 CVE-ID: CVE-2024-39936 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in HTTP2 in Qt: security decision may be executed too early due to encrypted signal. CVE-STATUS: The vulnerability has been resolved...

8.6CVSS7.1AI score0.00494EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 2:1 p.m.•23 views

Advisory ROSA-SA-2025-2600

software: qt5-qtnetworkauth 5.15.10 WASP: ROSA-CHROME packageevrstring: qt5-qtnetworkauth-5.15.10-2 CVE-ID: CVE-2024-36048 BDU-ID: None CVE-Crit: DATA LOSS. CVE-DESC.: Vulnerability in Qt Network Authorization allows guessing values due to using only time for PRNG initialization. CVE-STATUS: The...

9.8CVSS7.1AI score0.0097EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 1:49 p.m.•19 views

Advisory ROSA-SA-2025-2599

software: binutils 2.38 WASP: ROSA-CHROME packageevrstring: binutils-2.38-5 CVE-ID: CVE-2022-35205 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Binutils allows attackers to perform a denial of service via displaydebugnames. CVE-STATUS: The vulnerability has been resolved CVE-REV: T...

5.5CVSS6.8AI score0.00397EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 1:43 p.m.•7 views

Advisory ROSA-SA-2025-2598

software: glib2.0 2.72.3 OS: ROSA-CHROME packageevrstring: glib2.0-2.72.3-4 CVE-ID: CVE-2023-29499 BDU-ID: 2023-07646 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the isnormal function of the Glib library is associated with uncontrolled resource consumption. Exploitation of the vulnerability coul...

7.8CVSS7.9AI score0.00761EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 12:42 p.m.•36 views

Advisory ROSA-SA-2025-2597

software: packagekit 1.1.13 OS: ROSA-CHROME packageevrstring: packagekit-1.1.13-4 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory. CVE-STATUS: The vulnerability has been resolved. CVE-REV: To close...

3.3CVSS6.8AI score0.00228EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 12:39 p.m.•5 views

Advisory ROSA-SA-2025-2596

software: procps-ng 3.3.17 OS: ROSA-CHROME packageevrstring: procps-ng-3.3.17-4 CVE-ID: CVE-2023-4016 BDU-ID: 2023-07117 CVE-Crit: LOW CVE-DESC.: A vulnerability in the running processes information collection utility ps of the procps-ng command line utility set is related to an operation exceedi...

3.3CVSS7.1AI score0.00239EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 12:36 p.m.•11 views

Advisory ROSA-SA-2025-2595

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-5 CVE-ID: CVE-2024-23638 BDU-ID: 2024-00895 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker...

8.6CVSS8.4AI score0.6005EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 12:26 p.m.•16 views

Advisory ROSA-SA-2025-2594

software: freerdp 2.11.7 OS: ROSA-CHROME packageevrstring: freerdp-2.11.7-1 CVE-ID: CVE-2024-22211 BDU-ID: 2024-00706 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the freerdpbitmapplanarcontextreset function of the FreeRDP RDP client is related to an integer overflow when processing the...

9.8CVSS6.9AI score0.01085EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 12:23 p.m.•17 views

Advisory ROSA-SA-2025-2593

software: qpdf 11.9.1 OS: ROSA-CHROME packageevrstring: qpdf-11.9.1-1 CVE-ID: CVE-2024-24246 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A heap buffer overflow vulnerability in qpdf allows attackers to cause application crashes via the std::sharedcount function in sharedptrbase.h. CVE-STATUS: The...

5.5CVSS7.3AI score0.00436EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 12:11 p.m.•20 views

Advisory ROSA-SA-2025-2592

software: traceroute 2.1.5 WASP: ROSA-CHROME packageevrstring: traceroute-2.1.5-1 CVE-ID: CVE-2023-46316 BDU-ID: 2023-07542 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the buc Traceroute utility is related to improper handling of lines of code. Exploitation of the vulnerability could allow ...

5.5CVSS7.4AI score0.00367EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/27 11:51 a.m.•29 views

Advisory ROSA-SA-2025-2591

software: postfix 3.5.25 OS: ROSA-CHROME packageevrstring: postfix-3.5.25-1 CVE-ID: CVE-2023-51764 BDU-ID: 2024-00106 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the smtpd daemon of the Postfix mail server is related to insufficient data authentication when processing string endings other tha...

5.3CVSS7.2AI score0.02598EPSS
Exploits4
Rosalinux
Rosalinux
•added 2025/01/27 11:49 a.m.•4 views

Advisory ROSA-SA-2025-2590

software: vim 9.1.0754 WASP: ROSA-CHROME packageevrstring: vim-9.1.0754-1 CVE-ID: CVE-2024-41957 BDU-ID: 2024-06478 CVE-Crit: LOW CVE-DESC.: A vulnerability in the tagstackclearentry function of the src/alloc.c file of the vim text editor exists due to a bug in the use of pointers after memory...

5.5CVSS6.7AI score0.00363EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 11:27 a.m.•17 views

Advisory ROSA-SA-2025-2589

software: postgresql 12.20 WASP: ROSA-CHROME packageevrstring: postgresql-12.20-1 CVE-ID: CVE-2024-7348 BDU-ID: 2024-06153 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to...

8.8CVSS9.1AI score0.01565EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 11:23 a.m.•4 views

Advisory ROSA-SA-2025-2588

software: assimp 5.0.1 OS: ROSA-CHROME packageevrstring: assimp-5.0.1.1-4 CVE-ID: CVE-2024-40724 BDU-ID: 2024-06186 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the File Handler component of the 3D model import library Open Asset Import Library Assimp is related to a heap buffer overflow...

8.4CVSS7.8AI score0.00281EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 11:18 a.m.•18 views

Advisory ROSA-SA-2025-2587

software: orc 0.4.40 WASP: ROSA-CHROME packageevrstring: orc-0.4.40-1 CVE-ID: CVE-2024-40897 BDU-ID: 2024-06669 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the orcparse.c file of the library for compiling and executing programs that operate on GStreamer ORC data arrays is related to a...

7CVSS6.9AI score0.00379EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:56 a.m.•8 views

Advisory ROSA-SA-2025-2586

software: nano 8.2 OS: ROSA-CHROME packageevrstring: nano-8.2-3 CVE-ID: CVE-2024-5742 BDU-ID: 2024-06879 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Nano text editor is related to temporary file handling errors. Exploitation of the vulnerability could allow an attacker to impact data integrit...

6.7CVSS6.7AI score0.00346EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:49 a.m.•31 views

Advisory ROSA-SA-2025-2584

software: xrdp 0.10.1 OS: ROSA-CHROME packageevrstring: xrdp-0.10.1-2 CVE-ID: CVE-2024-39917 BDU-ID: 2024-10780 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the authentication mechanism of the XRDP remote access tool is related to a flaw in the limitation of authentication attempts governed ...

9.8CVSS9.6AI score0.00602EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:49 a.m.•30 views

Advisory ROSA-SA-2025-2585

software: xorgxrdp 0.10.2 OS: ROSA-CHROME packageevrstring: xorgxrdp-0.10.2-1 CVE-ID: CVE-2024-39917 BDU-ID: 2024-10780 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the authentication mechanism of the XRDP remote access tool is related to a flaw in the limitation of authentication attempts...

9.8CVSS9.6AI score0.00602EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:47 a.m.•7 views

Advisory ROSA-SA-2025-2583

Software: libarchive 3.6.2 OS: ROSA-CHROME packageevrstring: libarchive-3.6.2 CVE-ID: CVE-2024-48957 BDU-ID: 2024-09446 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the executefilteraudio function of the archivereadsupportformatrar.c component of the Libarchive archiving library is related to...

7.8CVSS7.1AI score0.00551EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/27 10:44 a.m.•20 views

Advisory ROSA-SA-2025-2582

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0-8 CVE-ID: CVE-2024-7006 BDU-ID: 2024-06610 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the LibTIFF library involves null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.7AI score0.01516EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:40 a.m.•33 views

Advisory ROSA-SA-2025-2581

software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-4 CVE-ID: CVE-2024-1454 BDU-ID: 2024-03243 CVE-Crit: LOW CVE-DESC.: A vulnerability in the AuthentIC driver of the OpenSC smart card software toolkit and libraries is related to memory usage after it has been freed...

3.4CVSS6.7AI score0.00422EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:38 a.m.•15 views

Advisory ROSA-SA-2025-2580

software: opensc 0.23.0 OS: ROSA-CHROME packageevrstring: opensc-0.23.0-2 CVE-ID: CVE-2023-40660 BDU-ID: 2024-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSC smart card software toolkit and libraries is related to the fact that token/card authentication by one process can perform...

6.6CVSS7.4AI score0.01174EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:34 a.m.•13 views

Advisory ROSA-SA-2025-2579

software: suricata 6.0.20 WASP: ROSA-CHROME packageevrstring: suricata-6.0.20-2 CVE-ID: CVE-2024-45796 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Suricata allows an attacker to cause a failure in the reassembly of traffic fragments. CVE-STATUS: The vulnerability has been resolved...

5.3CVSS6.7AI score0.00479EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:24 a.m.•18 views

Advisory ROSA-SA-2025-2578

software: suricata 6.0.20 WASP: ROSA-CHROME packageevrstring: suricata-6.0.20-1 CVE-ID: CVE-2024-38535 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in Suricata parsing HTTP/2 traffic. CVE-STATUS: Vulnerability has been resolved. CVE-REV: To close the vulnerability, run the command: dnf...

7.5CVSS6.8AI score0.01172EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:17 a.m.•16 views

Advisory ROSA-SA-2025-2577

Software: wpasupplicant 2.11 WASP: ROSA-CHROME packageevrstring: wpasupplicant-2.11-3 CVE-ID: CVE-2023-52160 BDU-ID: 2024-01426 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Protected Extensible Authentication Protocol PEAP implementation of the Wi-Fi WPA Supplicant secure access client is...

6.5CVSS6.7AI score0.01177EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:13 a.m.•6 views

Advisory ROSA-SA-2025-2576

software: xwayland 23.2.7 WASP: ROSA-CHROME packageevrstring: xwayland-23.2.7-1 CVE-ID: CVE-2024-9632 BDU-ID: 2024-09084 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic memor...

9.8CVSS9.3AI score0.02106EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 10:13 a.m.•13 views

Advisory ROSA-SA-2025-2575

software: x11-server 1.20.14 OS: ROSA-CHROME packageevrstring: x11-server-1.20.14-11 CVE-ID: CVE-2024-9632 BDU-ID: 2024-09084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in dynamic...

9.8CVSS9.3AI score0.02106EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 8:55 a.m.•18 views

Advisory ROSA-SA-2025-2574

software: libsndfile 1.1.0 OS: ROSA-CHROME packageevrstring: libsndfile-1.1.0-4 CVE-ID: CVE-2024-50612 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in libsndfile library: read outside array in oggvorbis.c. CVE-STATUS: The vulnerability has been resolved CVE-REV: To close the...

5.5CVSS6.8AI score0.00308EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 8:27 a.m.•33 views

Advisory ROSA-SA-2025-2573

Software: qbittorrent 4.6.7 OS: ROSA-CHROME packageevrstring: qbittorrent-4.6.7-1 CVE-ID: CVE-2024-51774 BDU-ID: 2024-09433 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cross-platform BitTorrent client qBittorrent is related to improper SSL/TLS certificate authentication. Exploitation of the...

8.1CVSS6.7AI score0.03295EPSS
Exploits2
Rosalinux
Rosalinux
•added 2025/01/27 8:23 a.m.•15 views

Advisory ROSA-SA-2025-2572

software: squid 5.10 OS: ROSA-CHROME packageevrstring: squid-5.10-1 CVE-ID: CVE-2024-45802 BDU-ID: 2024-08860 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to input processing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cau...

7.5CVSS7.3AI score0.45289EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 8:19 a.m.•8 views

Advisory ROSA-SA-2025-2571

software: ghostscript 9.56.1 OS: ROSA-CHROME packageevrstring: ghostscript-9.56.1-1 CVE-ID: CVE-2024-46956 BDU-ID: 2024-09737 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the psi/zfile.c component of the Ghostscript document processing, conversion, and generation software suite involves reading...

7.8CVSS7.5AI score0.00388EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 8:3 a.m.•15 views

Advisory ROSA-SA-2025-2570

software: php 7.4.33 WASP: ROSA-CHROME packageevrstring: php-7.4.33-11 CVE-ID: CVE-2022-4900 BDU-ID: 2023-02666 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the phpcliserverstartupworkers sapi/cli/phpcliserver.c function of the PHP programming language interpreter is related to an operation...

6.2CVSS6.9AI score0.00367EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 7:57 a.m.•6 views

Advisory ROSA-SA-2025-2569

software: curl 8.7.1 OS: ROSA-CHROME packageevrstring: curl-8.7.1-2 CVE-ID: CVE-2024-9681 BDU-ID: 2024-09106 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability exists in the implementation of the HSTS HTTP Strict Transport Security mechanism of the curl command line utility due to a bug in the...

6.5CVSS6.7AI score0.0197EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/27 7:51 a.m.•45 views

Advisory ROSA-SA-2025-2568

software: dnsmasq 2.90 WASP: ROSA-CHROME packageevrstring: dnsmasq-2.90-1 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithmic complexity and unrestricted...

7.5CVSS7.7AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/27 7:47 a.m.•21 views

Advisory ROSA-SA-2025-2567

software: curl 8.7.1 OS: ROSA-CHROME packageevrstring: curl-8.7.1-1 CVE-ID: CVE-2024-0853 BDU-ID: 2024-01014 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TLS protocol implementation of the cURL command line utility is related to erroneous storage of the session ID as a result of a lack of...

5.3CVSS7.1AI score0.01102EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/13 10:26 a.m.•8 views

Advisory ROSA-SA-2025-2566

software: x11-server 1.20.14 OS: ROSA-CHROME packageevrstring: x11-server-1.20.14-6 CVE-ID: CVE-2023-6377 BDU-ID: 2024-00457 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the xorg-x11-server package is related to the use of memory after it has been freed when processing Button Action objects...

7.8CVSS8.1AI score0.01631EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:26 a.m.•7 views

Advisory ROSA-SA-2025-2565

software: mcpp 2.7.2 OS: ROSA-CHROME packageevrstring: mcpp-2.7.2-14 CVE-ID: CVE-2019-14274 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Heap-based buffer overflow vulnerability in MCPP in domsg in support.c. CVE-STATUS: The vulnerability has been resolved CVE-REV: To close the vulnerability, run the...

5.5CVSS7.4AI score0.01569EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•13 views

Advisory ROSA-SA-2025-2564

Software: thunderbird 115.9.0 OS: rosa-server79 packageevrstring: thunderbird-115.9.0-1.0.1.res7 CVE-ID: CVE-2023-44488 BDU-ID: 2023-06350 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libvpx multimedia library is related to incorrect handling of exceptional states when processing certain...

7.5CVSS9AI score0.01936EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•23 views

Advisory ROSA-SA-2025-2563

Software: firefox 128.4.0 OS: rosa-server79 packageevrstring: firefox-128.4.0-1.0.1.res7 CVE-ID: CVE-2023-44488 BDU-ID: 2023-06350 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special form...

9.8CVSS8AI score0.01936EPSS
Exploits1
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•9 views

Advisory ROSA-SA-2025-2562

Software: xerces-c 3.1.1 OS: rosa-server79 packageevrstring: xerces-c-3.1.1-10.0.1.res7 CVE-ID: CVE-2023-37536 BDU-ID: 2023-06960 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Heerces C++ library of the BigFix Platform IT Collaborative Management Platform is caused by an integer overflow...

8.8CVSS7.6AI score0.01381EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•12 views

Advisory ROSA-SA-2025-2561

Software: tuned 2.11.0 OS: rosa-server79 packageevrstring: tuned-2.11.0-12.0.1.res7 CVE-ID: CVE-2024-52337 BDU-ID: 2024-10906 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the instancecreate method of the tuned system device monitoring and adaptive tuning program is related to insufficient input...

5.5CVSS6.7AI score0.00298EPSS
Exploits0
Rosalinux
Rosalinux
•added 2025/01/13 10:19 a.m.•15 views

Advisory ROSA-SA-2025-2560

Software: squid 3.5.20 OS: rosa-server79 packageevrstring: squid-3.5.20-17.0.5.res7.10 CVE-ID: CVE-2024-45802 BDU-ID: 2024-08860 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to input processing errors. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.6AI score0.45289EPSS
Exploits0
Total number of security vulnerabilities1374