Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/01/06 12:0 a.m.•14 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Out-of-Bounds Read in Poppler CVE-2025-32365 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

7.1CVSS6.9AI score0.00218EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/01/06 12:0 a.m.•7 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Out-of-Bounds Read in Poppler CVE-2025-32365 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

7.1CVSS6.2AI score0.00218EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/01/06 12:0 a.m.•7 views

Important: mingw-libpng security update

MinGW Windows Libpng library. Security Fixes: libpng: LIBPNG buffer overflow CVE-2025-64720 libpng: LIBPNG heap buffer overflow CVE-2025-65018 libpng: LIBPNG out-of-bounds read in pngimagereadcomposite CVE-2025-66293 For more details about the security issues, including the impact, a CVSS score,...

7.1CVSS5.9AI score0.00299EPSS
Exploits6References8
AlmaLinux
AlmaLinux
•added 2026/01/06 12:0 a.m.•7 views

Important: mariadb security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 For more details about the security issues, including the impact...

7CVSS8.6AI score0.00414EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/01/05 12:0 a.m.•5 views

Moderate: gcc-toolset-14-binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

7.8CVSS6.8AI score0.00235EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/01/05 12:0 a.m.•3 views

Moderate: tar security update

The GNU tar program can save multiple files in an archive and restore files from an archive. Security Fixes: tar: Tar path traversal CVE-2025-45582 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page...

4.1CVSS6.9AI score0.00433EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/01/05 12:0 a.m.•8 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC: Signaling component CVE-2025-14321 firefox: JIT...

9.8CVSS7.7AI score0.00498EPSS
Exploits2References22
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•8 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...

8.3CVSS6.6AI score0.01527EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•4 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...

8.3CVSS7AI score0.01527EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•8 views

Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

7.5CVSS6.9AI score0.00417EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•2 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC: Signaling component CVE-2025-14321 firefox: JIT...

9.8CVSS7.4AI score0.00498EPSS
Exploits2References22
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•5 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...

8.6CVSS7.1AI score0.00707EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•7 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...

8.6CVSS4.8AI score0.00707EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/22 12:0 a.m.•6 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...

4.3CVSS6.9AI score0.00419EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/21 12:0 a.m.•5 views

Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS6.6AI score0.00377EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/18 12:0 a.m.•14 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkitgtk: Use-after-free due to improper memory management CVE-2025-43529 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2025-43501...

8.8CVSS7.8AI score0.32EPSS
Exploits8References14
AlmaLinux
AlmaLinux
•added 2025/12/18 12:0 a.m.•9 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkitgtk: Use-after-free due to improper memory management CVE-2025-43529 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2025-43501...

8.8CVSS6.9AI score0.32EPSS
Exploits8References14
AlmaLinux
AlmaLinux
•added 2025/12/17 12:0 a.m.•29 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...

3.6CVSS9.6AI score0.00211EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/12/17 12:0 a.m.•13 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 For more details about the security issues,...

7.5CVSS7AI score0.00523EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/17 12:0 a.m.•6 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend CVE-2025-5987 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS7.1AI score0.0144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/17 12:0 a.m.•4 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...

3.6CVSS7.6AI score0.00211EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/12/17 12:0 a.m.•9 views

Important: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.4CVSS7AI score0.01499EPSS
Exploits14References26
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•6 views

Moderate: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: GNU Binutils Linker...

7.8CVSS7.1AI score0.00235EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•13 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file descriptors CVE-2025-39966 kernel: tls: wait for...

7CVSS6.3AI score0.00166EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•4 views

Moderate: gcc-toolset-13-binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

7.8CVSS6.8AI score0.00235EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•11 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

4.3CVSS6.9AI score0.00353EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•5 views

Moderate: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...

7.5CVSS6.7AI score0.00953EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•3 views

Moderate: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: GNU Binutils Linker...

7.8CVSS7.1AI score0.00235EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•3 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues,...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•10 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: libcurl: Curl out of bounds read for cookie path CVE-2025-9086 For more details about the security issues, including...

7.5CVSS7.5AI score0.01301EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•7 views

Moderate: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For...

4.3CVSS6.9AI score0.00419EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/16 12:0 a.m.•4 views

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.5CVSS6.7AI score0.00744EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/12/15 12:0 a.m.•8 views

Important: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration CVE-2025-13609 For more details about the security issues, including the impact, a CVSS...

8.2CVSS7.1AI score0.0038EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•5 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

9.8CVSS7.6AI score0.00498EPSS
Exploits2References22
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•9 views

Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044...

5.5CVSS7.3AI score0.00533EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•7 views

Important: wireshark security update

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fixes: wireshark: Access of Uninitialized Pointer in Wireshark CVE-2025-13499 For more details about the security issues, including the impact, a CVSS score,...

7.8CVSS6.9AI score0.00101EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•15 views

Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044...

5.5CVSS7.3AI score0.00533EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•2 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score,...

4.3CVSS6.9AI score0.00419EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•9 views

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044...

5.5CVSS7.3AI score0.00533EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•8 views

Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044...

5.5CVSS7.3AI score0.00533EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•5 views

Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

4.4CVSS7AI score0.00093EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•8 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE...

9.8CVSS6.9AI score0.66535EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•6 views

Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 For more details about the...

7.5CVSS6.5AI score0.00539EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•8 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE...

9.8CVSS6.9AI score0.66535EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•4 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

9.8CVSS7.6AI score0.00498EPSS
Exploits2References22
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•4 views

Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 For more details about the...

7.5CVSS6.5AI score0.00539EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•6 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in...

7.8CVSS6.9AI score0.00151EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•8 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...

8.8CVSS6.4AI score0.03955EPSS
Exploits1References38
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•7 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...

8.8CVSS6.4AI score0.03955EPSS
Exploits1References38
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•4 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925 kernel: net/mlx5: fs, fix UAF in flow counter release CVE-2025-39979 For more details about the security issues,...

5.5CVSS5.9AI score0.00168EPSS
Exploits0References6
Total number of security vulnerabilities5313