Lucene search
+L
AlmalinuxMost viewed

5404 matches found

AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•30 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Mozilla: Race condition in permission assignment CVE-2024-6601 Mozilla: Memory corruption in thread creation CVE-2024-6603 Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13...

7.5CVSS8AI score0.0054EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/02 12:0 a.m.•30 views

Moderate: fontforge security update

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: command injection via crafted filenames CVE-2024-25081...

6.5CVSS7.9AI score0.0187EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/06/06 12:0 a.m.•30 views

Moderate: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...

7.3CVSS7.5AI score0.01181EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

5.5CVSS6.5AI score0.00517EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c CVE-2022-4645 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

6.8CVSS6.5AI score0.00425EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: freeglut security update

freeglut is a completely open source alternative to the OpenGL Utility Toolkit GLUT library with an OSI approved free software license. Security Fixes: freeglut: memory leak via glutAddSubMenu function CVE-2024-24258 freeglut: memory leak via glutAddMenuEntry function CVE-2024-24259 For more...

7.5CVSS6.2AI score0.01147EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

5.9CVSS6.6AI score0.00849EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/04/30 12:0 a.m.•30 views

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

6.5CVSS7.1AI score0.00944EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/04/02 12:0 a.m.•30 views

Important: grafana-pcp security and bug fix update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloa...

7.5CVSS7.6AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/01/10 12:0 a.m.•30 views

Moderate: pixman security update

Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fixes: pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.8CVSS7.7AI score0.0144EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•30 views

Important: tracker-miners security update

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. Security Fixes: tracker-miners: sandbox escape CVE-2023-5557 For more details about the security issues, including th...

7.7CVSS6.9AI score0.00867EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/11/07 12:0 a.m.•30 views

Moderate: xorg-x11-server security and bug fix update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/02 12:0 a.m.•30 views

Critical: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:3 squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 SQUID-2023:1 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 Fo...

9.3CVSS7.4AI score0.85944EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/08/14 12:0 a.m.•30 views

Important: rust-toolset:rhel8 security update

Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, and required libraries. Security Fixes: rust-cargo: cargo does not respect the umask when extracting dependencies CVE-2023-38497 For more details about the security issues, including t...

7.9CVSS6.9AI score0.00763EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/06/14 12:0 a.m.•30 views

Important: python3.11 security update

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fixes: python: urllib.parse url blocklisting bypass...

7.5CVSS7.2AI score0.20459EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2023/05/18 12:0 a.m.•30 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Security Fixes: Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential permissions reques...

8.8CVSS8.3AI score0.00753EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•30 views

Moderate: tigervnc security and bug fix update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

8.8CVSS7AI score0.02685EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2023/05/16 12:0 a.m.•30 views

Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...

7.5CVSS7.4AI score0.00985EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2023/05/02 12:0 a.m.•30 views

Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: command injection vulnerability in org-mode CVE-2023-28617 For more details about the...

7.8CVSS8.2AI score0.00469EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/02/21 12:0 a.m.•30 views

Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: Reflected File Download attack CVE-2022-45442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS8.6AI score0.00642EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/01/18 12:0 a.m.•30 views

Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742 CVE-2023-21843 Fo...

5.3CVSS6.2AI score0.01836EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/01/12 12:0 a.m.•30 views

Moderate: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: Out-of-bound access in ETYPEOK CVE-2021-46848...

9.1CVSS2.5AI score0.02062EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2022/12/15 12:0 a.m.•30 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.6.0 ESR. Security Fixes: Mozilla: Arbitrary file read from a compromised content process CVE-2022-46872 Mozilla: Memory safety bugs fixed in...

9.8CVSS9.9AI score0.00921EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2022/11/15 12:0 a.m.•30 views

Moderate: qt5 security and bug fix update

The Qt5 libraries packages provide Qt 5, version 5 of the Qt cross-platform application framework. Security Fixes: qt: QProcess could execute a binary from the current working directory when not found in the PATH CVE-2022-25255 For more details about the security issues, including the impact, a...

7.8CVSS7.7AI score0.00334EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2022/11/15 12:0 a.m.•30 views

Low: openjpeg2 security update

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: openjpeg: segmentation fault in opj2decompress due to uninitialized pointer CVE-2022-1122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

5.5CVSS5.9AI score0.01078EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2022/11/15 12:0 a.m.•30 views

Moderate: dnsmasq security and bug fix update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: Heap use after free in dhcp6norelay CVE-2022-0934 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS7.9AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2022/11/15 12:0 a.m.•30 views

Low: wavpack security update

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wavpack: Heap out-of-bounds read in WavpackPackSamples CVE-2021-44269 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS5.4AI score0.01155EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2022/10/18 12:0 a.m.•30 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fixes: expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 For more details about the security...

8.1CVSS8.6AI score0.0176EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2022/09/26 12:0 a.m.•30 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fixes: Mozilla: Bypassing FeaturePolicy restrictions on transient pages CVE-2022-40959 Mozilla: Data-race when parsing...

8.8CVSS8.9AI score0.01342EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2022/09/13 12:0 a.m.•30 views

Moderate: gnupg2 security update

The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: gpg: Signature spoofing via status line injection CVE-2022-34903 For more details about the security issues, including the impact, a CVSS...

6.5CVSS7.3AI score0.02551EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2022/08/29 12:0 a.m.•30 views

Important: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

9.8CVSS9.3AI score0.01091EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2022/05/10 8:18 a.m.•30 views

xmlrpc-c bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/05/10 8:2 a.m.•30 views

gcc-toolset-11-elfutils bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/05/10 8:1 a.m.•30 views

Moderate: compat-exiv2-026 security update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Security Fixes: exiv2: stack exhaustion issue...

6.5CVSS6.6AI score0.01432EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2022/05/10 6:38 a.m.•30 views

Moderate: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: out-of-bounds write may lead to DoS CVE-2021-45930 For more details about...

5.5CVSS1.1AI score0.01343EPSS
Exploits1References2
AlmaLinux
AlmaLinux
•added 2022/05/10 6:23 a.m.•30 views

pcp bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
AlmaLinux
AlmaLinux
•added 2022/04/26 1:51 p.m.•30 views

gdm bug fix and enhancement update

The GNOME Display Manager GDM provides the graphical login screen. The screen is shown shortly after boot, after log out, and when switching the current user. Bug Fixes and Enhancements: "DisallowTCP=false" option is not being used by /etc/gdm/custom.conf file BZ2029202...

0.8AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/11/09 9:19 a.m.•30 views

Moderate: tpm2-tools security and enhancement update

The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module TPM 2.0 devices from user space. Security Fixes: tpm2-tools: fixed AES wrapping key in tpm2import CVE-2021-3565 For more details about the security issues, including the impact, a CVSS score,...

5.9CVSS5.9AI score0.01327EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2021/10/12 7:35 p.m.•30 views

Important: .NET 5.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.208 and .NET Runtime 5.0.11...

5.7CVSS1.2AI score0.20342EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/09/14 3:40 p.m.•30 views

.NET Core 3.1 bugfix update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Bug Fixes and Enhancements: Update .NET Core 3.1 to SDK 3.1.119 and Runtime 3.1.19 BZ2000459...

1.3AI score
Exploits0
AlmaLinux
AlmaLinux
•added 2021/09/13 6:57 a.m.•30 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.14.0. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 CVE-2021-38493 For more details about the security issues, including the...

6.8CVSS2AI score0.01205EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2021/05/18 6:9 a.m.•30 views

Moderate: libvncserver security update

LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: uninitialized memory contents are vulnerable to Information Leak CVE-2018-21247 libvncserver: buffer overflow in ConnectClientToUnixSock CVE-2019-20839 libvncserver:...

7.5CVSS7.7AI score0.03589EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2020/11/03 12:25 p.m.•30 views

Moderate: mailman:2.1 security and bug fix update

Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: XSS via file attachments in list archives CVE-2020-12137 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page...

4.3CVSS0.2AI score0.02288EPSS
Exploits0References1
AlmaLinux
AlmaLinux
•added 2020/11/03 12:21 p.m.•30 views

Low: libreoffice security, bug fix, and enhancement update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

6.5CVSS6.4AI score0.01944EPSS
Exploits0References2
AlmaLinux
AlmaLinux
•added 2020/11/03 12:7 p.m.•30 views

Low: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: denial of service v...

4.3CVSS2AI score0.02752EPSS
Exploits1References1
AlmaLinux
AlmaLinux
•added 2026/06/16 12:0 a.m.•29 views

Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

8.1CVSS5.4AI score0.0078EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/28 12:0 a.m.•29 views

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

9.8CVSS6.3AI score0.00746EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/12/17 12:0 a.m.•29 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...

3.6CVSS9.6AI score0.00284EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•29 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime...

7.5CVSS7.4AI score0.0089EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/05 12:0 a.m.•29 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: scsi: core: Fix unremoved procfs host directory regression CVE-2024-26935 kernel: arm64/sve: Discard stale CPU state when handling...

7CVSS7.1AI score0.00242EPSS
Exploits0References6
Total number of security vulnerabilities5000