Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•7 views

Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling CVE-2025-62168 For more details about the security issues,...

10CVSS6.3AI score0.6332EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•7 views

Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

8.8CVSS7.7AI score0.00768EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•5 views

Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland:...

7.3CVSS7AI score0.00481EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•5 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...

6.7CVSS6.4AI score0.00231EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•6 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•9 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play comman...

8.1CVSS7AI score0.01008EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•5 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

4.1CVSS6.9AI score0.00731EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•6 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

8.4CVSS6.7AI score0.0067EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•5 views

Moderate: open-vm-tools bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section...

6.1CVSS6.3AI score0.00247EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/11/11 12:0 a.m.•6 views

Moderate: qt5-qt3d security update

Qt 3D provides functionality for near-realtime simulation systems with support for 2D and 3D rendering in both Qt C++ and Qt Quick applications. Security Fixes: assimp: Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile heap-based overflow CVE-2025-11277 For more details about the...

7.8CVSS7.1AI score0.00224EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/10 12:0 a.m.•7 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: x86/vmscape: Add conditional IBPB mitigation CVE-2025-40300 kernel: mm: fix zswap writeback race condition CVE-2023-53178 kernel: fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 For...

7.8CVSS6.6AI score0.00331EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/10 12:0 a.m.•4 views

Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

8.6CVSS6.8AI score0.1096EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2025/11/10 12:0 a.m.•8 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: information leak via transient execution vulnerability in some AMD processors CVE-2024-36350 kernel: transient execution vulnerability in some AMD processors CVE-2024-36357 kernel:...

5.6CVSS7.1AI score0.00425EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/10 12:0 a.m.•3 views

Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS5.9AI score0.00238EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/10 12:0 a.m.•6 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: x86/vmscape: Add conditional IBPB mitigation CVE-2025-40300 kernel: mm: fix zswap writeback race condition CVE-2023-53178 kernel:...

7.8CVSS6.7AI score0.00331EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/07 12:0 a.m.•3 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mou...

8.4CVSS7AI score0.0067EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2025/11/06 12:0 a.m.•3 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.3CVSS6.9AI score0.00481EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/06 12:0 a.m.•6 views

Important: mingw-libtiff security update

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...

8.8CVSS5.3AI score0.00739EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/11/05 12:0 a.m.•5 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

8.6CVSS6.8AI score0.00509EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/11/05 12:0 a.m.•9 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

8.6CVSS6.8AI score0.00509EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/11/04 12:0 a.m.•8 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack QueryParser has an unsafe default allowing paramslimit bypass via semicolon-separated parameters CVE-2025-59830 rack: Rack's unbounded multipart preamble...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/11/04 12:0 a.m.•4 views

Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

8.8CVSS7.7AI score0.00768EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/11/04 12:0 a.m.•3 views

Moderate: galera and mariadb security update

Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see repository. For a description of Galera replication engine see web. Security Fixes: mysql: High Privilege Denial of Service...

6.8CVSS5.7AI score0.01236EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/11/04 12:0 a.m.•4 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library CVE-2025-11021 For more details about the...

7.5CVSS6.9AI score0.00594EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/11/04 12:0 a.m.•10 views

Moderate: mariadb:10.5 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

6.8CVSS7.2AI score0.01236EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/11/03 12:0 a.m.•5 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: sr: Fix MAC comparison to be constant-time CVE-2025-39702 kernel: fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-50367 kernel: crypto: xts - Handle EBUSY correctly CVE-2023-53494 F...

7.8CVSS5AI score0.00206EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/03 12:0 a.m.•2 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.3CVSS6.9AI score0.00481EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/03 12:0 a.m.•6 views

Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland:...

7.3CVSS7.2AI score0.00481EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/03 12:0 a.m.•6 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: mac80211: check S1G action frame size CVE-2023-53257 kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 kernel: wifi: cfg80211: fix use-after-free i...

7.8CVSS5AI score0.00152EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/03 12:0 a.m.•6 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: wifi: mac80211: check S1G action frame size CVE-2023-53257 kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets...

7.8CVSS5.4AI score0.00152EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/11/03 12:0 a.m.•4 views

Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal CVE-2025-62230 xorg: xmayland: Value overflow in XkbSetCompatMap...

7.3CVSS6.9AI score0.00481EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/10/30 12:0 a.m.•3 views

Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.9CVSS8.8AI score0.86767EPSS
Exploits15References10
AlmaLinux
AlmaLinux
•added 2025/10/29 12:0 a.m.•7 views

Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Libtiff Write-What-Where CVE-2025-9900 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

8.8CVSS6.9AI score0.00739EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/29 12:0 a.m.•4 views

Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.9CVSS8.7AI score0.86767EPSS
Exploits15References10
AlmaLinux
AlmaLinux
•added 2025/10/29 12:0 a.m.•4 views

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.9CVSS8.7AI score0.86767EPSS
Exploits15References10
AlmaLinux
AlmaLinux
•added 2025/10/27 12:0 a.m.•11 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 kernel: Bluetooth: Fix potentia...

8CVSS6.7AI score0.0033EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/10/27 12:0 a.m.•8 views

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling CVE-2025-62168 For more details about the security issues,...

10CVSS6.6AI score0.6332EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/10/27 12:0 a.m.•7 views

Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 libtiff: Libtiff Write-What-Where CVE-2025-9900 For more details about the security issues, including the impact, a...

8.8CVSS4.9AI score0.00739EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/10/27 12:0 a.m.•8 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in...

8CVSS7.1AI score0.0033EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/10/22 12:0 a.m.•4 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11709 thunderbird: firefox: Cross-process information...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/10/22 12:0 a.m.•3 views

Moderate: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 Bug Fixes: Since the 8.8 release of AlmaLinuxand the 9.2 relea...

7.5CVSS6.9AI score0.00633EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/22 12:0 a.m.•3 views

Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 Bug Fixes: Since the 8.8 release of AlmaLinuxand the 9.2...

7.5CVSS6.9AI score0.00633EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/22 12:0 a.m.•5 views

Moderate: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 JDK: Enhance String Handling CVE-2025-61748 For more details about...

7.5CVSS6.9AI score0.00633EPSS
Exploits0References5
AlmaLinux
AlmaLinux
•added 2025/10/20 12:0 a.m.•5 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11709...

9.8CVSS7.1AI score0.00465EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/10/20 12:0 a.m.•12 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 kernel: sunrpc: fix clien...

7.8CVSS6.8AI score0.00528EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/10/20 12:0 a.m.•4 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: out-of-bounds read in sftphandle CVE-2025-5318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.1CVSS6.9AI score0.02394EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/20 12:0 a.m.•3 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol CVE-2025-39751 kernel: crypto: seqiv - Handle...

7.8CVSS7AI score0.00164EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/10/20 12:0 a.m.•7 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in...

7.8CVSS7.4AI score0.00164EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/10/20 12:0 a.m.•4 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11709 thunderbird: firefox: Cross-process information...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/10/16 12:0 a.m.•4 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: out-of-bounds read in sftphandle CVE-2025-5318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.1CVSS6.9AI score0.02394EPSS
Exploits0References4
Total number of security vulnerabilities5313