Lucene search
K
AlmalinuxRecent

5359 matches found

AlmaLinux
AlmaLinux
•added yesterday•5 views

Important: tomcat security, bug fix, and enhancement update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...

7.5CVSS6.2AI score0.15831EPSS
Exploits6References6
AlmaLinux
AlmaLinux
•added yesterday•4 views

Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle i...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added yesterday•2 views

Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: GStreamer: Heap buffer overflo...

7.6CVSS6.2AI score0.0031EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added yesterday•2 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange CVE-2025-71066 kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN CVE-2026-461...

8.8CVSS6.6AI score0.00176EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2 days ago•4 views

Important: oci-seccomp-bpf-hook security update

OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. Security Fixes: net: golang: Go net package: Denial of Service via long CNAME response in...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2 days ago•5 views

Important: nginx:1.26 security, bug fix, and enhancement update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...

9.2CVSS7.9AI score0.0314EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2 days ago•3 views

Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit...

8.8CVSS6.2AI score0.0053EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2 days ago•6 views

Important: nginx:1.24 security, bug fix, and enhancement update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...

9.2CVSS7.9AI score0.0314EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2 days ago•5 views

Moderate: gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL. Security Fixes: gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header...

7.1CVSS6AI score0.00228EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2 days ago•7 views

Important: tomcat security, bug fix, and enhancement update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: Apache Tomcat: Information disclosure via Padding Oracle vulnerability in EncryptInterceptor CVE-2026-29146 Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive...

7.5CVSS7.2AI score0.15831EPSS
Exploits6References6
AlmaLinux
AlmaLinux
•added 2 days ago•5 views

Low: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling CVE-2025-6170 For more details about the security issues, including the impact, a CVSS score,...

2.5CVSS6.3AI score0.0019EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2 days ago•4 views

Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 For more details about...

7.5CVSS7.3AI score0.00502EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2 days ago•4 views

Moderate: edk2 security, bug fix, and enhancement update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Bug Fixes and Enhancements: FJ8.10 Bug How to Updat...

7.5CVSS6.9AI score0.01744EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2 days ago•4 views

Low: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: libtasn1: Denial of Service via stack-based...

7.5CVSS7.3AI score0.01109EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2 days ago•8 views

Moderate: libsolv security update

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data CVE-2026-48864 For more details about the security issues,...

7.8CVSS6.2AI score0.00205EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2 days ago•4 views

Moderate: python-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.2CVSS6.3AI score0.00527EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2 days ago•6 views

Important: kernel update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eventpoll: defer struct eventpoll free to RCU grace period CVE-2026-43074 kernel: eventpoll: fix epremove struct eventpoll / struct file UAF CVE-2026-46242 kernel: Linux kernel: netfilter...

8.8CVSS7AI score0.00129EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2 days ago•4 views

Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: GStreamer: Heap buffer overflo...

7.6CVSS6.2AI score0.0031EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•4 views

Moderate: aardvark-dns security update

Authoritative DNS server for A/AAAA container records Forwards other request to configured resolvers. Read more about configuration in src/backend/mod.rs. Security Fixes: aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset CVE-2026-35406 For more details...

7.5CVSS5.9AI score0.00383EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•4 views

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: golang crypto/x509: Denial of...

7.5CVSS7.2AI score0.00939EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 3 days ago•3 views

Important: perl-HTTP-Daemon security update

The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. Security Fixes: perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in...

9.1CVSS6.4AI score0.01452EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•3 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 For more details about the security issues, including...

8.8CVSS6.8AI score0.00352EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•8 views

Important: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: Heap buffer overflow in sasliorecv via padded SASL...

8.8CVSS6.2AI score0.0067EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 3 days ago•5 views

Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...

7.5CVSS6.2AI score0.00405EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•4 views

Important: kernel-rt security, bug fix, and enhancement update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: gfs2: Fix use-after-free in iomap inline...

7.8CVSS6.8AI score0.0031EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 3 days ago•4 views

Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...

7.5CVSS6.2AI score0.00405EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•3 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.8CVSS6.6AI score0.00352EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•3 views

Important: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: Heap...

8.8CVSS7.1AI score0.02719EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•4 views

Important: python3.14-pip security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8CVSS6AI score0.0032EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•5 views

Important: nginx security, bug fix, and enhancement update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers CVE-2026-42055 Bug Fixes...

9.2CVSS7.9AI score0.0314EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 3 days ago•5 views

Important: perl-HTTP-Daemon security update

The perl-HTTP-Daemon package includes the HTTP::Daemon class, a subclass of IO::Socket::IP. Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. Security Fixes: perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in...

9.1CVSS6.4AI score0.01452EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 3 days ago•3 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tcp: fix potential race in tcpv6synrecvsock CVE-2026-43198 kernel: netfilter: nfnetlinkcthelper: fix OOB read in nfnlcthelperdumptable CVE-2026-43450 kernel: sctp: revalidate list cursor...

9.8CVSS6.5AI score0.0053EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 3 days ago•3 views

Important: kernel-rt security, bug fix, and enhancement update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tcp: fix potential race in tcpv6synrecvsock CVE-2026-43198 kernel: netfilter: nfnetlinkcthelper: fix OOB read in...

9.8CVSS6.7AI score0.0053EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 4 days ago•3 views

Important: nodejs:22 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References28
AlmaLinux
AlmaLinux
•added 4 days ago•10 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 kernel: net: mana: Fix double destroyworkqueue on service rescan PCI path CVE-2026-43276 kernel: Linux kernel:...

9.3CVSS6.6AI score0.0053EPSS
Exploits1References24
AlmaLinux
AlmaLinux
•added 4 days ago•8 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986...

9.1CVSS6.8AI score0.00651EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 4 days ago•5 views

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS6.6AI score0.00139EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 4 days ago•4 views

Important: nodejs:24 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References32
AlmaLinux
AlmaLinux
•added 4 days ago•3 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 For more details about the security issue...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 4 days ago•5 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 For more details about the security issue...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 4 days ago•4 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 4 days ago•3 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/07/01 12:0 a.m.•6 views

Moderate: rrdtool security update

The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...

7.8CVSS6AI score0.00132EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/07/01 12:0 a.m.•6 views

Important: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

9.8CVSS7.4AI score0.0078EPSS
Exploits1References14
AlmaLinux
AlmaLinux
•added 2026/07/01 12:0 a.m.•7 views

Moderate: rrdtool security update

The round robin database RRD system stores and displays time-series data, such as network bandwidth, machine-room temperature, and server load average. RRDtool is a high performance data logging and graphing utility, which can be easily integrated with shell scripts, or used to create application...

7.8CVSS6AI score0.00132EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/07/01 12:0 a.m.•5 views

Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint CVE-2026-42154 github.com/prometheus/prometheus: Prometheus: Information...

9.6CVSS7.3AI score0.00939EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2026/06/30 12:0 a.m.•5 views

Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References16
AlmaLinux
AlmaLinux
•added 2026/06/30 12:0 a.m.•6 views

Important: mariadb:10.11 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: AlmaLinux8tracker Rebase Galera to 26.4.27 MariaDB:10.11...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/30 12:0 a.m.•16 views

Important: mariadb:11.8 security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: AlmaLinux9 tracker Rebase Galera to 26.4.27 MariaDB:11.8...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/30 12:0 a.m.•5 views

Important: giflib security update

giflib is a library for reading and writing gif images. Security Fixes: giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension CVE-2026-26740 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer ...

8.2CVSS7.5AI score0.00618EPSS
Exploits1References4
Total number of security vulnerabilities5359