Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/06/26 12:0 a.m.•3 views

Moderate: weldr-client security update

Command line utility to control osbuild-composer Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer t...

9.1CVSS8.2AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/26 12:0 a.m.•9 views

Moderate: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: net/http:...

9.1CVSS8.1AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/25 12:0 a.m.•10 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in keytaskpermission CVE-2024-50301 kernel: idpf: fix idpfvccoreini...

7.8CVSS7.5AI score0.00272EPSS
Exploits0References9
AlmaLinux
AlmaLinux
•added 2025/06/25 12:0 a.m.•5 views

Important: perl-File-Find-Rule security update

File::Find::Rule is a friendlier interface to File::Find. It allows you to build rules which specify the desired files and directories. Security Fixes: perl-file-find-rule: File::Find::Rule Arbitrary Code Execution CVE-2011-10007 For more details about the security issues, including the impact, a...

8.8CVSS8.8AI score0.00736EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/25 12:0 a.m.•6 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in...

7.8CVSS7.7AI score0.00272EPSS
Exploits0References9
AlmaLinux
AlmaLinux
•added 2025/06/25 12:0 a.m.•5 views

Moderate: weldr-client security update

Command line utility to control osbuild-composer Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer t...

9.1CVSS8.2AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/25 12:0 a.m.•4 views

Moderate: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: net/http:...

9.1CVSS8.1AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•4 views

Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

5.9CVSS5.8AI score0.00276EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•6 views

Moderate: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 For more details about th...

7.8CVSS7.9AI score0.00526EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•4 views

Important: perl-File-Find-Rule security update

File::Find::Rule is a friendlier interface to File::Find. It allows you to build rules which specify the desired files and directories. Security Fixes: perl-file-find-rule: File::Find::Rule Arbitrary Code Execution CVE-2011-10007 For more details about the security issues, including the impact, a...

8.8CVSS8.8AI score0.00736EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•8 views

Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: linux-pam: Linux-pam directory Traversal CVE-2025-6020 For more details about the security issues, including the impact, a CVSS...

7.8CVSS8AI score0.0039EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•4 views

Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

5.4CVSS5.4AI score0.0026EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•8 views

Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt5: qt6: QtCore Assertion Failure Denial of Service CVE-2025-5455 For more details about the security issues, including the impact, a CVSS...

8.4CVSS6.2AI score0.00309EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•6 views

Moderate: iputils security update

The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping CVE-2025-47268 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.5CVSS6.5AI score0.0141EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/24 12:0 a.m.•9 views

Moderate: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

7.8CVSS4.1AI score0.00329EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•9 views

Important: libblockdev security update

The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Security Fixes: libblockdev: LPE from allowactive ...

7CVSS7.3AI score0.00423EPSS
Exploits18References4
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•5 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•7 views

Important: xorg-x11-server and xorg-x11-server-Xwayland security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•5 views

Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

9.1CVSS7.1AI score0.00368EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•4 views

Important: xorg-x11-server and xorg-x11-server-Xwayland security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•2 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ice: Fix deinitializing VF in error path CVE-2025-21883 kernel: sched/fair: Fix potential memory corruption in childcfsrqonlist CVE-2025-21919 kernel: ibmvnic: Use kernel helpers for hex...

7.8CVSS7.4AI score0.002EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•4 views

Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

9.1CVSS9.2AI score0.00368EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•9 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS7.5AI score0.00299EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•9 views

Important: javapackages-tools:201801 security update

The javapackages-tools packages provide macros and scripts to support Java packaging. Security Fixes: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default CVE-2019-10086 commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses ...

8.8CVSS7.5AI score0.28839EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/06/23 12:0 a.m.•11 views

Important: mod_auth_openidc security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled...

7.5CVSS7.4AI score0.01214EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/20 12:0 a.m.•11 views

Important: libblockdev security update

libblockdev is a C library supporting GObject introspection for manipulation of block devices. It has a plugin-based architecture where each technology like LVM, Btrfs, MD RAID, Swap,... is implemented in a separate plugin, possibly with multiple implementations e.g. using LVM CLI or the new LVM...

7CVSS7.2AI score0.00423EPSS
Exploits18References3
AlmaLinux
AlmaLinux
•added 2025/06/20 12:0 a.m.•16 views

Important: libblockdev security update

libblockdev is a C library supporting GObject introspection for manipulation of block devices. It has a plugin-based architecture where each technology like LVM, Btrfs, MD RAID, Swap,... is implemented in a separate plugin, possibly with multiple implementations e.g. using LVM CLI or the new LVM...

7CVSS7.2AI score0.00423EPSS
Exploits18References3
AlmaLinux
AlmaLinux
•added 2025/06/20 12:0 a.m.•8 views

Moderate: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools:A malicious actor with non-administrative...

6.1CVSS7.1AI score0.00247EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/06/20 12:0 a.m.•71 views

Moderate: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools:A malicious actor with non-administrative...

6.1CVSS8.6AI score0.00247EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•7 views

Moderate: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http...

9.1CVSS7.2AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•5 views

Important: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 For more details...

9.1CVSS9.4AI score0.01827EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•5 views

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: Multiple...

8.8CVSS7.7AI score0.10561EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•4 views

Moderate: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CV...

9.1CVSS8.1AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•8 views

Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-4404 For more details...

9.1CVSS9.4AI score0.01827EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•7 views

Moderate: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•10 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•9 views

Moderate: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

9.1CVSS7.2AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•5 views

Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/17 12:0 a.m.•6 views

Important: gimp:2.8 security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: Multiple...

8.8CVSS7.7AI score0.10561EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/06/16 12:0 a.m.•4 views

Important: apache-commons-beanutils security update

The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fixes: commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 For more detai...

8.8CVSS7.3AI score0.01495EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/16 12:0 a.m.•4 views

Important: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double-free in libvpx encoder CVE-2025-5283 For more details about the security issues, including the impac...

5.4CVSS7.2AI score0.00489EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/16 12:0 a.m.•4 views

Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871...

9.1CVSS8.1AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/16 12:0 a.m.•3 views

Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/16 12:0 a.m.•4 views

Important: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double-free in libvpx encoder CVE-2025-5283 For more details about the security issues, including the impac...

5.4CVSS6.8AI score0.00489EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/16 12:0 a.m.•8 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eth: bnxt: fix truesize for mb-xdp-pass case CVE-2025-21961 kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd CVE-2025-21969 kernel: cifs: Fix integer overflow while...

7.8CVSS7.4AI score0.00187EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•13 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime...

7.5CVSS7.4AI score0.0089EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•20 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...

7.5CVSS7.4AI score0.0089EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•9 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...

7.5CVSS7.5AI score0.0089EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•5 views

Important: mod_security security update

ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.2AI score0.00586EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•4 views

Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in...

9.1CVSS8.2AI score0.00724EPSS
Exploits0References4
Total number of security vulnerabilities5313