Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•4 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime...

9.9CVSS6.4AI score0.66258EPSS
Exploits5References8
AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•4 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11709...

9.8CVSS7.1AI score0.00465EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•9 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime...

9.9CVSS6.4AI score0.66258EPSS
Exploits5References8
AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•4 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

9.8CVSS6.5AI score0.00952EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•4 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2025-43343 For more details about the security issues, including the impact, a CVSS score,...

9.8CVSS6.9AI score0.00718EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•4 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime...

9.9CVSS6.4AI score0.66258EPSS
Exploits5References8
AlmaLinux
AlmaLinux
•added 2025/10/15 12:0 a.m.•9 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime...

9.9CVSS6.4AI score0.66258EPSS
Exploits5References8
AlmaLinux
AlmaLinux
•added 2025/10/13 12:0 a.m.•2 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

4.1CVSS6.9AI score0.00731EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/10/13 12:0 a.m.•5 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 kernel: eventpoll: Fix semi-unbounded recursion CVE-2025-38614 kernel: ALSA: usb-audio: Validate UAC3 cluster segment...

7.8CVSS6.5AI score0.00164EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/10/13 12:0 a.m.•5 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 CVE-2022-50228 kernel: Bluetooth: L2CAP: Fix use-after-free...

7.8CVSS8.7AI score0.00219EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/10/13 12:0 a.m.•4 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

9.8CVSS6.5AI score0.00952EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/10/13 12:0 a.m.•9 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 CVE-2022-50228 kernel: Bluetooth: L2CAP: Fix use-after-free CVE-2023-53305 For more details about the security issues,...

7.8CVSS7.9AI score0.00219EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/10/09 12:0 a.m.•4 views

Important: compat-libtiff3 security update

The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF Tagged Image File Format image format files. This version should be used only if you are unable to use the current version of libtiff. Security Fixes: libtiff: Libtiff Write-What-Where CVE-2025-9900...

8.8CVSS4.6AI score0.00739EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/09 12:0 a.m.•5 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

4.1CVSS7.7AI score0.00731EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/10/08 12:0 a.m.•4 views

Moderate: iputils security update

The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: iputils integer overflow CVE-2025-48964 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE...

6.5CVSS6.8AI score0.00322EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/07 12:0 a.m.•6 views

Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: Local privilege escalation in open-vm-tools...

7.8CVSS7.1AI score0.0788EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2025/10/07 12:0 a.m.•9 views

Moderate: gnutls security, bug fix, and enhancement update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN...

8.2CVSS6.8AI score0.01185EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/10/07 12:0 a.m.•6 views

Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: Local privilege escalation in open-vm-tools...

7.8CVSS7AI score0.0788EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2025/10/06 12:0 a.m.•6 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: security/keys: fix slab-out-of-bounds in keytaskpermission CVE-2024-50301 kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush CVE-2025-38351 kernel: wifi: ath12k:...

7.1CVSS8AI score0.00272EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/10/06 12:0 a.m.•8 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry...

7.8CVSS6.9AI score0.00181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/10/06 12:0 a.m.•4 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry CVE-2025-39730 For more details about the security issues,...

7.8CVSS6.5AI score0.00181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/10/01 12:0 a.m.•5 views

Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 For more details...

9.1CVSS7AI score0.00523EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/01 12:0 a.m.•7 views

Moderate: perl-JSON-XS security update

This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C. Security Fixes: JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON CVE-2025-40928 For...

7.5CVSS7.3AI score0.00603EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/10/01 12:0 a.m.•4 views

Moderate: perl-JSON-XS security update

This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C. Security Fixes: JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON CVE-2025-40928 For...

7.5CVSS7.3AI score0.00603EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/30 12:0 a.m.•4 views

Important: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 For more details...

9.1CVSS7AI score0.00523EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/29 12:0 a.m.•4 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nfconntrack: fix crash due to removal of uninitialised entry CVE-2025-38472 kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: sctp: linearize...

8.8CVSS6.3AI score0.00179EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2025/09/29 12:0 a.m.•4 views

Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: mysqldump unspecified vulnerability CPU Apr 2025 CVE-2025-30722 mysql: Optimizer unspecified vulnerability CPU Apr 2025...

6.8CVSS7.1AI score0.00855EPSS
Exploits1References104
AlmaLinux
AlmaLinux
•added 2025/09/29 12:0 a.m.•8 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: netsched: hfsc: Fix a UAF vulnerability in class...

7.8CVSS8.8AI score0.00174EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/09/29 12:0 a.m.•5 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: netsched: hfsc: Fix a UAF vulnerability in class handling CVE-2025-37797 kernel: firmware: armscpi: Ensure...

7.8CVSS7.9AI score0.00174EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/09/25 12:0 a.m.•3 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

6.8CVSS6.9AI score0.06997EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2025/09/24 12:0 a.m.•5 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component CVE-2025-10532 firefox:...

8.8CVSS7.5AI score0.00687EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/09/22 12:0 a.m.•7 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: usb: smsc75xx: Limit packet length to skb-len CVE-2023-53125 kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length CVE-2025-37810 kernel: dochangetype...

7.8CVSS6.7AI score0.00184EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/09/22 12:0 a.m.•6 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

8.8CVSS7.5AI score0.00687EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/09/22 12:0 a.m.•9 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock: Fix transport TOCTOU CVE-2025-38461 For more details about the security issues, including the impact, a CVSS score,...

4.7CVSS6.8AI score0.00113EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/22 12:0 a.m.•8 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock: Fix transport TOCTOU CVE-2025-38461 kernel: dochangetype: refuse to operate on unmounted/not ours mounts CVE-2025-38498 kernel: HID: core: Harden s32ton against conversion to 0 bit...

7.1CVSS6.5AI score0.00162EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/09/18 12:0 a.m.•4 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component CVE-2025-10532 firefox:...

8.8CVSS7.5AI score0.00687EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/09/17 12:0 a.m.•6 views

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: mysqldump unspecified vulnerability CPU Apr 2025 CVE-2025-30722 mysql: Optimizer unspecified vulnerability CPU Apr 2025...

6.8CVSS7.1AI score0.00855EPSS
Exploits1References104
AlmaLinux
AlmaLinux
•added 2025/09/17 12:0 a.m.•6 views

Moderate: gnutls security, bug fix, and enhancement update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...

8.2CVSS6.8AI score0.01185EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/09/17 12:0 a.m.•17 views

Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: Timing side-channel in ECDSA signature computation CVE-2024-13176 mysql: mysqldump unspecified vulnerability CPU Apr 2025...

7.5CVSS7.1AI score0.01226EPSS
Exploits2References107
AlmaLinux
AlmaLinux
•added 2025/09/17 12:0 a.m.•5 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

8.8CVSS7.5AI score0.00687EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/09/16 12:0 a.m.•4 views

Moderate: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

6.8CVSS6.8AI score0.0056EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/16 12:0 a.m.•5 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: Podman kube play command may overwrite host files CVE-2025-9566 For more details...

8.1CVSS7AI score0.01008EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/16 12:0 a.m.•5 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: Podman kube play command may overwrite host files CVE-2025-9566 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

8.1CVSS7AI score0.01008EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/16 12:0 a.m.•6 views

Moderate: python-cryptography security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.9AI score0.00985EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/09/15 12:0 a.m.•3 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: mcast: Delay put pmc-idev in mlddeldelrec CVE-2025-38550 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS6.2AI score0.00144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/09/15 12:0 a.m.•7 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: net/sched: Always pass notifications when child class becomes empty CVE-2025-38350 kernel: idpf: convert control queue mutex to a...

7.8CVSS6.8AI score0.0018EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/09/15 12:0 a.m.•4 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: usb: smsc75xx: Limit packet length to skb-len CVE-2023-53125 kernel: net/sched: Always pass notifications when child class becomes empty CVE-2025-38350 kernel: idpf: convert control...

7.8CVSS6.5AI score0.0018EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/09/11 12:0 a.m.•8 views

Important: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS CVE-2025-58364 cups: Authentication Bypass in CUPS Authorization Handling CVE-2025-58060 F...

8CVSS6.9AI score0.01063EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/09/11 12:0 a.m.•9 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: scsi: lpfc: Use memcpy for BIOS version CVE-2025-38332 kernel: posix-cpu-timers: fix race between...

7.8CVSS6.5AI score0.01345EPSS
Exploits8References10
AlmaLinux
AlmaLinux
•added 2025/09/11 12:0 a.m.•4 views

Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

9.8CVSS7.2AI score0.02286EPSS
Exploits5References18
Total number of security vulnerabilities5313