Lucene search
K
AlmalinuxMost viewed

5397 matches found

AlmaLinux
AlmaLinux
•added 2022/02/16 8:26 a.m.•119 views

Important: ruby:2.6 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc:...

9.3CVSS7.9AI score0.06307EPSS
Exploits5References7
AlmaLinux
AlmaLinux
•added 2021/05/18 5:35 a.m.•119 views

Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of AlmaLinux. The following packages have been upgraded to a later upstream version: accountsservice 0.6.55, webkit2gtk3 2.30.4. BZ1846376, BZ1883304 Security Fixes: webkitgtk: type confusion may lead to arbitrary code execution CVE-2020-9948 webkitgtk:...

8.8CVSS9.2AI score0.04528EPSS
Exploits3References13
AlmaLinux
AlmaLinux
•added 2024/09/11 12:0 a.m.•117 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: nfsd: fix RELEASELOCKOWNER CVE-2024-26629 kernel: mm: cachestat: fix folio read-after-free in cac...

9.1CVSS7.5AI score0.00923EPSS
Exploits0References56
AlmaLinux
AlmaLinux
•added 2023/10/05 12:0 a.m.•117 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.8CVSS7.8AI score0.81422EPSS
Exploits29References10
AlmaLinux
AlmaLinux
•added 2023/06/21 12:0 a.m.•117 views

Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Possible DoS translating ASN.1 object identifiers CVE-2023-2650 openssl: Denial of service by...

7.5CVSS7AI score0.75116EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/07/31 12:0 a.m.•116 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned CVE-2023-52458 kernel: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfoun...

7.8CVSS7.2AI score0.00888EPSS
Exploits0References36
AlmaLinux
AlmaLinux
•added 2022/04/26 1:49 p.m.•115 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: use after free in utfptr2char CVE-2022-1154...

7.8CVSS3.5AI score0.01462EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•114 views

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. Additional...

10CVSS6.8AI score0.07619EPSS
Exploits13References97
AlmaLinux
AlmaLinux
•added 2021/08/05 2:6 p.m.•114 views

Important: ruby:2.7 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc:...

9.3CVSS7.9AI score0.06307EPSS
Exploits3References5
AlmaLinux
AlmaLinux
•added 2024/07/17 12:0 a.m.•113 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbypo...

9.8CVSS8.7AI score0.01358EPSS
Exploits1References36
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•113 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...

8.1CVSS7.2AI score0.8833EPSS
Exploits16References12
AlmaLinux
AlmaLinux
•added 2021/05/18 6:30 a.m.•113 views

Moderate: mingw packages security and bug fix update

MinGW is a free and open source software development environment to create Microsoft Windows applications. The following packages have been upgraded to a later upstream version: mingw-sqlite 3.26.0.0. BZ1845475 Security Fixes: sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c...

7CVSS7.5AI score0.04253EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2021/02/16 7:34 a.m.•113 views

Moderate: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.20.1, nodejs-nodemon 2.0.3. Security Fixes: nodejs-mixin-deep: prototype pollutio...

9.8CVSS8.9AI score0.16296EPSS
Exploits8References8
AlmaLinux
AlmaLinux
•added 2023/11/07 12:0 a.m.•112 views

Moderate: frr security and bug fix update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: Reachable assertion in peekforas4capability function CVE-2022-36440 frr: denial of service by crafting a BGP OPEN message...

7.5CVSS7.2AI score0.02107EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2022/10/25 12:0 a.m.•112 views

Moderate: zlib security update

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 For more details about the...

9.8CVSS9.9AI score0.16004EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2022/03/10 2:43 p.m.•112 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2036888 Security Fixes: kernel: improper initialization of the "flags" member of the new pipebuffer CVE-2022-0847 kernel: U...

9CVSS8.4AI score0.89063EPSS
Exploits119References8
AlmaLinux
AlmaLinux
•added 2022/08/01 12:0 a.m.•111 views

Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-41817 ruby: Cookie prefix spoofing in...

7.5CVSS1.1AI score0.03222EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2021/08/10 11:56 a.m.•111 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: race condition in net/can/bcm.c leads to local privilege escalation CVE-2021-3609 kernel: Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks CVE-2021-22543 kernel:...

8.7CVSS8AI score0.78684EPSS
Exploits23References3
AlmaLinux
AlmaLinux
•added 2020/11/03 12:33 p.m.•111 views

Moderate: tcpdump security, bug fix, and enhancement update

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. The following packages have been upgraded to a later upstream version: tcpdump 4.9.3. BZ1804063...

7.5CVSS0.7AI score0.06816EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2020/11/03 12:33 p.m.•111 views

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: modhttp2 1.15.7. BZ1814236 Security Fixes: httpd: memory corruption on early pushes CVE-2019-10081 httpd: read-after-free in ...

9.1CVSS7.5AI score0.81466EPSS
Exploits6References11
AlmaLinux
AlmaLinux
•added 2022/03/24 10:44 a.m.•110 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 For more details about the security issues, including the impact, a CV...

9.8CVSS9.4AI score0.28189EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2024/05/07 12:0 a.m.•109 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...

7.3CVSS8.3AI score0.8833EPSS
Exploits16References4
AlmaLinux
AlmaLinux
•added 2024/04/30 12:0 a.m.•109 views

Moderate: mod_jk and mod_proxy_cluster security update

The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: httpd: Apache Tomcat Connectors modjk Information Disclosure...

7.5CVSS6.1AI score0.02242EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2023/10/05 12:0 a.m.•109 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.8CVSS7.8AI score0.81422EPSS
Exploits29References10
AlmaLinux
AlmaLinux
•added 2022/05/10 6:24 a.m.•108 views

Moderate: webkit2gtk3 security, bug fix, and enhancement update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. The following packages have been upgraded to a later upstream version: webkit2gtk3 2.34.6. BZ1985042 Security Fixes: webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use...

9.3CVSS9.2AI score0.16342EPSS
Exploits4References31
AlmaLinux
AlmaLinux
•added 2022/02/01 8:8 p.m.•108 views

Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.18.2, nodejs-nodemon 2.0.15. BZ2027609 Security Fixes: nodejs-json-schema:...

9.8CVSS8.7AI score0.04456EPSS
Exploits6References10
AlmaLinux
AlmaLinux
•added 2020/11/03 12:9 p.m.•108 views

Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: expat: large number of colons in input makes parser consume high amount of resources, leading to DoS CVE-2018-20843 expat: heap-based buffer over-read via crafted XML input CVE-2019-15903 For more details about the security issues,...

7.8CVSS1.1AI score0.07107EPSS
Exploits2References2
AlmaLinux
AlmaLinux
•added 2023/10/16 12:0 a.m.•106 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...

7.5CVSS7AI score0.99999EPSS
Exploits19References6
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•106 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 4.18.0. BZ2122230, BZ2122267 Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564...

8.8CVSS8.1AI score0.03763EPSS
Exploits17References80
AlmaLinux
AlmaLinux
•added 2022/08/30 12:0 a.m.•106 views

Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: crehash script allows command injection CVE-2022-1292 openssl: Signer certificate verification...

10CVSS8.8AI score0.96275EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2021/11/09 8:42 a.m.•106 views

Moderate: php:7.4 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.4.19. BZ1944110 Security Fixes: php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 php: FILTERVALIDATEURL...

7.5CVSS6.9AI score0.05029EPSS
Exploits3References6
AlmaLinux
AlmaLinux
•added 2021/05/18 6:6 a.m.•106 views

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference CVE-2020-29652 podman: Remote traffic to rootless containers is seen as orginati...

7.5CVSS7.2AI score0.03228EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2020/09/14 12:23 p.m.•105 views

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.21. Security Fixes: mysql: Server: Security: Privileges multiple...

7.2CVSS7.2AI score0.03726EPSS
Exploits1References110
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•104 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2023-6040 CVE-2024-26595 CVE-2024-26600 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605 CVE-2024-26638 CVE-2024-26645 CVE-2024-26665...

8.8CVSS7.1AI score0.01028EPSS
Exploits2References292
AlmaLinux
AlmaLinux
•added 2024/03/25 12:0 a.m.•104 views

Critical: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fixes: nss: timing attack against RSA decryption CVE-2023-5388 Mozilla: Crash in NSS TLS method CVE-2024-0743 Mozilla: JIT...

8.8CVSS8.6AI score0.047EPSS
Exploits4References22
AlmaLinux
AlmaLinux
•added 2024/03/05 12:0 a.m.•104 views

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023...

7.5CVSS7.5AI score0.01782EPSS
Exploits0References152
AlmaLinux
AlmaLinux
•added 2023/06/27 12:0 a.m.•104 views

Moderate: ruby:2.7 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.7. BZ2189465 Security Fixes: ruby/cgi-gem: HTTP response splitting i...

8.8CVSS6.9AI score0.02637EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2022/08/09 12:0 a.m.•104 views

Moderate: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera 26.4.11, mariadb 10.5.16, mysql-selinux 1.0.5. Security Fixes: mariadb: MariaDB through 10.5.9 allows attackers to trigge...

7.8CVSS8AI score0.02458EPSS
Exploits29References74
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•103 views

Low: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Incorrect handling of control code characters in cookies CVE-2022-35252 curl: Use-after-free triggered by an HTTP pro...

5.9CVSS7.1AI score0.02511EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/04/02 12:0 a.m.•102 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vmwgfx: NULL pointer dereference in vmwcmddxdefinequery CVE-2022-38096 kernel: Out of boundary write in perfreadgroup as result of overflow a perfevent's readsize CVE-2023-6931 kernel: GS...

7.8CVSS8.7AI score0.28058EPSS
Exploits17References16
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•102 views

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.8CVSS7AI score0.27095EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2022/11/15 12:0 a.m.•102 views

Moderate: podman security and bug fix update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

7.5CVSS8.3AI score0.06975EPSS
Exploits7References18
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•101 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: uio: Fix use-after-free in uioopen CVE-2023-52439 kernel: net/sched: actmirred: don't override retval if we already lost the skb CVE-2024-26739 kernel: ARM: 9359/1: flush: check if the...

7.8CVSS7.8AI score0.01003EPSS
Exploits0References43
AlmaLinux
AlmaLinux
•added 2021/11/09 8:46 a.m.•101 views

Moderate: grafana security, bug fix, and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana 7.5.9. BZ1921191 Security Fixes: golang: crypto/elliptic: incorrect operations on the P-224 curve...

7.5CVSS7.3AI score0.83042EPSS
Exploits3References5
AlmaLinux
AlmaLinux
•added 2020/10/19 7:13 a.m.•101 views

Moderate: nodejs:12 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.18.4. Security Fixes: nodejs-dot-prop: prototype pollution CVE-2020-8116 nodejs:...

7.8CVSS7.5AI score0.05093EPSS
Exploits1References5
AlmaLinux
AlmaLinux
•added 2022/11/15 12:0 a.m.•100 views

Moderate: skopeo security and bug fix update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: containers/storage: DoS via malicious image CVE-2021-20291 golang: math/big.Rat: may cause a panic or an unrecoverable fatal erro...

7.5CVSS7.5AI score0.034EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2019/11/05 5:41 p.m.•100 views

Important: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: slirp: heap buffer overflow during packet reassembly CVE-2019-14378 containers/image: not enforcing TLS when sending username+password credentials to token serve...

8.8CVSS2.4AI score0.16658EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•99 views

Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 ruby...

8.8CVSS6.7AI score0.04127EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2022/03/15 9:11 a.m.•99 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Heap-based buffer overflow in blockinsert in src/ops.c CVE-2022-0261 vim: Heap-based buffer overflow in utfheadoff in mbyte.c CVE-2022-0318 vim: Heap-based buffer overflow in initccline in exgetln.c...

9.8CVSS2.2AI score0.02086EPSS
Exploits6References7
AlmaLinux
AlmaLinux
•added 2022/02/24 12:0 a.m.•99 views

Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect...

7.4CVSS7.7AI score0.0305EPSS
Exploits2References12
Total number of security vulnerabilities5000