Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•7 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firef...

10CVSS5.9AI score0.00604EPSS
Exploits0References78
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•7 views

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang:...

10CVSS6.7AI score0.01945EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•11 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in query...

10CVSS5.6AI score0.01945EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•9 views

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

10CVSS5.6AI score0.01945EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•9 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...

10CVSS5.6AI score0.01945EPSS
Exploits4References10
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•7 views

Important: python-pyasn1 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS5.5AI score0.00679EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•7 views

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-buffer-overflow CVE-2026-22855 freerdp: FreeRDP...

9.1CVSS5.6AI score0.00756EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/02/25 12:0 a.m.•7 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firef...

10CVSS6.1AI score0.00604EPSS
Exploits0References78
AlmaLinux
AlmaLinux
•added 2026/02/24 12:0 a.m.•9 views

Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap...

7.2CVSS6.1AI score0.01038EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/24 12:0 a.m.•8 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 golang: net/url: Memory exhaustion in query parameter parsing in...

10CVSS5.6AI score0.01945EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2026/02/24 12:0 a.m.•8 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url...

10CVSS5.6AI score0.01945EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•7 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 kernel: Linux kernel:A use-after-free in bridge multicast in...

7.8CVSS5.6AI score0.00248EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•7 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption v...

10CVSS5.8AI score0.01945EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•8 views

Important: libpng15 security update

The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG Portable Network Graphics image format files. This version should be used only if you are unable to use the current version of libpng. Security Fixes: libpng: LIBPNG has a heap buffer overflow i...

8.3CVSS5.9AI score0.00955EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•7 views

Important: protobuf security update

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: python: protobuf:...

8.2CVSS5.6AI score0.00613EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•7 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service CVE-2025-38206 For more...

7.8CVSS6.9AI score0.00161EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•10 views

Important: munge security update

MUNGE MUNGE Uid 'N' Gid Emporium is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having...

7.8CVSS6AI score0.00302EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•7 views

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-buffer-overflow CVE-2026-22855 freerdp: FreeRDP...

9.1CVSS5.6AI score0.00756EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•9 views

Important: munge security update

MUNGE MUNGE Uid 'N' Gid Emporium is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having...

7.8CVSS6AI score0.00302EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•8 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 kernel: Linux kernel:A use-after-free in bridge multicast in brmulticastportctxinit CVE-2025-38248 kernel: smc: Fix...

7.8CVSS5.5AI score0.00248EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2026/02/23 12:0 a.m.•15 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419...

7.4CVSS6.2AI score0.00444EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/02/18 12:0 a.m.•7 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 grafana/grafana/pkg/services/dashboards: Grafana...

10CVSS5.6AI score0.01945EPSS
Exploits5References12
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•7 views

Moderate: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images CVE-2025-14177 For more details about the...

8.2CVSS5.8AI score0.00474EPSS
Exploits3References6
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•8 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: Linux kernel Bluetooth: Denial of Service due to...

5.5AI score0.00165EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•7 views

Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS5.6AI score0.03782EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•8 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

8.4CVSS5.7AI score0.00564EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•11 views

Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 For more details about the security issues, includi...

7.5CVSS5.6AI score0.01744EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•6 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS5.6AI score0.03782EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/02/17 12:0 a.m.•7 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS5.6AI score0.03782EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/02/16 12:0 a.m.•7 views

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 cmd/cgo: Potential cod...

10CVSS8.3AI score0.01945EPSS
Exploits2References10
AlmaLinux
AlmaLinux
•added 2026/02/16 12:0 a.m.•12 views

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: heap-base...

7.8CVSS5.8AI score0.00744EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/16 12:0 a.m.•5 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans CVE-2023-53034 kernel: smc: Fix use-after-free in pnetfindbasendev CVE-2025-40064 kernel: Linux kernel: Out-of-bounds wri...

7.5CVSS7.5AI score0.0071EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2026/02/16 12:0 a.m.•9 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 golang: net/url: Memory exhaustion in query parameter parsing in net/u...

10CVSS5.7AI score0.01945EPSS
Exploits2References10
AlmaLinux
AlmaLinux
•added 2026/02/16 12:0 a.m.•10 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in connection handling CVE-2023-53762 kernel: Lin...

8AI score0.00165EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/02/12 12:0 a.m.•5 views

Moderate: gcc-toolset-14-binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

7.8CVSS7.8AI score0.00235EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•7 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

8.2CVSS5.6AI score0.01535EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•12 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps...

7.8CVSS5.6AI score0.0071EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•7 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•9 views

Important: brotli security update

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

7.5CVSS5.6AI score0.00509EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•7 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS6.3AI score0.03782EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•6 views

Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

9.8CVSS6AI score0.02286EPSS
Exploits10References28
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•7 views

Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS6.3AI score0.03782EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/02/10 12:0 a.m.•6 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

9.1CVSS6.3AI score0.03782EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•8 views

Critical: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 For more details about the...

9.8CVSS5.7AI score0.0575EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•18 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: openvswitch: fix nested key length validation in the set action CVE-2025-37789 kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability CVE-2025-37819 kernel: RDMA/core: Fi...

7.8CVSS6.5AI score0.00544EPSS
Exploits3References34
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•10 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response...

8.6CVSS5.6AI score0.00947EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•8 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...

7.5CVSS5.7AI score0.00459EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•9 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response...

8.6CVSS5.6AI score0.00947EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•10 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps CVE-2025-40170 kernel: ipv6: use RCU in ip6xmit...

7.8CVSS7.7AI score0.0071EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2026/02/09 12:0 a.m.•7 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.7,...

9.8CVSS5.6AI score0.0057EPSS
Exploits0References28
Total number of security vulnerabilities5313