Lucene search
K
AlmalinuxRecent

5323 matches found

AlmaLinux
AlmaLinux
•added 2025/12/11 12:0 a.m.•10 views

Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044...

5.5CVSS7.3AI score0.00533EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•9 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE...

9.8CVSS6.9AI score0.66535EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•6 views

Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 For more details about the...

7.5CVSS6.5AI score0.00539EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•5 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

9.8CVSS7.6AI score0.00498EPSS
Exploits2References22
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•6 views

Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 For more details about the...

7.5CVSS6.5AI score0.00539EPSS
Exploits0References7
AlmaLinux
AlmaLinux
•added 2025/12/10 12:0 a.m.•9 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE...

9.8CVSS6.9AI score0.66535EPSS
Exploits5References6
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•8 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...

8.8CVSS6.4AI score0.03955EPSS
Exploits1References38
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•8 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...

8.8CVSS6.4AI score0.03955EPSS
Exploits1References38
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•4 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925 kernel: net/mlx5: fs, fix UAF in flow counter release CVE-2025-39979 For more details about the security issues,...

5.5CVSS5.9AI score0.00168EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•6 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in...

7.8CVSS6.9AI score0.00151EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/12/08 12:0 a.m.•5 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in rxerequester CVE-2023-53539 kernel: RDMA/rxe: Fix mr-map...

7.8CVSS6.5AI score0.00151EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/12/04 12:0 a.m.•7 views

Important: abrt security update

The Automatic Bug Reporting Tool ABRT recognizes defects in applications and creates bug reports that help maintainers fix the defects. ABRT uses a plug-in system to extend its functionality. Security Fixes: abrt: Command-injection in ABRT leading to local privilege escalation CVE-2025-12744 For...

8.8CVSS6.8AI score0.00585EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/03 12:0 a.m.•10 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: os/exec: Unexpected paths returned from LookPath in os/exec CVE-2025-47906 golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more detail...

6.5CVSS6.8AI score0.00489EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/12/03 12:0 a.m.•5 views

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

4.7CVSS6.5AI score0.00641EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/12/01 12:0 a.m.•6 views

Important: gimp:2.8 security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP DCM...

7.8CVSS7.3AI score0.02751EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/12/01 12:0 a.m.•9 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens...

7.8CVSS6.9AI score0.00163EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/12/01 12:0 a.m.•7 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 For more details about the security issues, including the impact, a CVSS...

6.2CVSS7AI score0.00144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/12/01 12:0 a.m.•6 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary...

8.8CVSS6.8AI score0.0041EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2025/12/01 12:0 a.m.•15 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: wifi: cfg80211: fix use-after-free in cmpbss CVE-2025-39864 kernel: e1000e: fix heap overflow in...

7.8CVSS6.8AI score0.00194EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/12/01 12:0 a.m.•11 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2 CVE-2025-39825 kernel: mm/memory-failure: fix...

7.8CVSS6.5AI score0.00163EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/11/26 12:0 a.m.•7 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS7AI score0.01279EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/25 12:0 a.m.•4 views

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS7AI score0.00523EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/11/25 12:0 a.m.•9 views

Moderate: go-rpm-macros security update

This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only. Security Fixes: os/exec: Unexpected paths returned from LookPath in os/exec...

6.5CVSS6.8AI score0.00489EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/25 12:0 a.m.•6 views

Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS CVE-2025-58364 For more details about the security issues, including the impact, a CVSS...

6.5CVSS6.9AI score0.01063EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•5 views

Important: mingw-expat security update

Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. Security Fixes: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 For more...

7.5CVSS6.9AI score0.01279EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•5 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-39971 For more details about the security issues, including t...

4.7CVSS6.4AI score0.00193EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•9 views

Important: valkey security update

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.9CVSS8.7AI score0.86767EPSS
Exploits15References10
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•6 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: slub: avoid wake up kswapd in settrackprepare CVE-2025-39843 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

5.5CVSS6.5AI score0.00107EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•4 views

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP DCM...

7.8CVSS7.3AI score0.02751EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•6 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-3997...

4.7CVSS7.1AI score0.00193EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/24 12:0 a.m.•6 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

8.8CVSS7.1AI score0.00407EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/20 12:0 a.m.•8 views

Moderate: delve and golang security update

The Go Programming Language. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

4.3CVSS6.8AI score0.00419EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/20 12:0 a.m.•7 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary conditions in the JavaScript: WebAssembly compone...

8.8CVSS6.8AI score0.0041EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2025/11/19 12:0 a.m.•2 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS7AI score0.01279EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/18 12:0 a.m.•5 views

Important: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: denial of service vulnerability in HAProxy mjson library CVE-2025-11230 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS6.5AI score0.00469EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/18 12:0 a.m.•8 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

7.5CVSS6.4AI score0.00523EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/17 12:0 a.m.•7 views

Critical: lasso security update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...

9.8CVSS6.6AI score0.00824EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/17 12:0 a.m.•5 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 For more details about the security issues, including...

5.5CVSS6.8AI score0.00137EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/17 12:0 a.m.•5 views

Critical: lasso security update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...

9.8CVSS6.9AI score0.00824EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/17 12:0 a.m.•6 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

5.5CVSS6.5AI score0.00137EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/13 12:0 a.m.•6 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mount and...

8.4CVSS6.9AI score0.0067EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2025/11/13 12:0 a.m.•8 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary...

8.8CVSS6.8AI score0.0041EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2025/11/13 12:0 a.m.•5 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 For more details about the securi...

7.5CVSS6.9AI score0.01744EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/12 12:0 a.m.•13 views

Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remot...

8.6CVSS6.9AI score0.00463EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/12 12:0 a.m.•6 views

Important: python-kdcproxy security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.6CVSS7AI score0.00463EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/12 12:0 a.m.•7 views

Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

8.6CVSS6.8AI score0.1096EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2025/11/12 12:0 a.m.•8 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

8.6CVSS6.8AI score0.00509EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•9 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play comman...

8.1CVSS7AI score0.01008EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•7 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

8.4CVSS6.7AI score0.0067EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•7 views

Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

8.8CVSS7.7AI score0.00756EPSS
Exploits0References4
Total number of security vulnerabilities5323