Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•18 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime...

7.5CVSS7.4AI score0.0089EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•4 views

Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in...

9.1CVSS7.3AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•12 views

Important: mod_security security update

ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.2AI score0.00586EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/11 12:0 a.m.•3 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32414 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

7.5CVSS6.7AI score0.0033EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/10 12:0 a.m.•9 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: um: Fix out-of-bounds read in LDT setup CVE-2022-49395 For more details about the security issues, including the impact, a CVSS...

7.1CVSS6.3AI score0.00264EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/10 12:0 a.m.•7 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: um: Fix out-of-bounds read in LDT setup CVE-2022-49395 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refe...

7.1CVSS6.2AI score0.00264EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/10 12:0 a.m.•5 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in Thunderbird CVE-2025-3875 thunderbird: Unsolicited File Download,...

9.8CVSS8.5AI score0.08917EPSS
Exploits1References26
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•5 views

Important: perl-FCGI security update

FastCGI Perl bindings. Security Fixes: perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library CVE-2025-40907 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

5.3CVSS7.2AI score0.00516EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•8 views

Moderate: libxslt security update

libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlying data using the standard XSLT stylesheet transformation mechanism. Security Fixes: libxslt: Processing web content may disclose sensitive informati...

6.5CVSS7.1AI score0.01092EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•17 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS...

9.1CVSS8.3AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•6 views

Important: perl-FCGI:0.78 security update

The perl-FCGI package provides a Perl module for writing FastCGI applications. FastCGI is a more efficient alternative to traditional CGI, as it keeps application processes persistent across multiple requests. This module allows Perl web applications to handle requests faster and with lower...

5.3CVSS5.7AI score0.00516EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•5 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS...

9.1CVSS7.2AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•14 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.8CVSS7.3AI score0.0039EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•9 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.8CVSS7.2AI score0.0039EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/09 12:0 a.m.•32 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: gso: fix ownership in udpgsosegment CVE-2025-21926 kernel: vlan: enforce underlying device type CVE-2025-21920 kernel: xsk: fix an integer overflow in xpcreateandassignumem...

7.8CVSS8AI score0.00226EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/06/05 12:0 a.m.•5 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: thunderbird: Out-of-bounds access when optimizing linear sums CVE-2025-4919 firefox: thunderbird: Clickjacking...

9.8CVSS8.2AI score0.08917EPSS
Exploits1References19
AlmaLinux
AlmaLinux
•added 2025/06/04 12:0 a.m.•12 views

Moderate: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

9.1CVSS9.4AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/04 12:0 a.m.•15 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score...

9.1CVSS9.5AI score0.00724EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/04 12:0 a.m.•9 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.3AI score0.00763EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/04 12:0 a.m.•12 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.3AI score0.00763EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•9 views

Moderate: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...

8.8CVSS6.7AI score0.00494EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•9 views

Low: python36:3.6 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.1CVSS7.1AI score0.00663EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•7 views

Moderate: perl-CPAN security update

The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fixes: perl-CPAN: Bypass of verification of signatures in CHECKSUMS files CVE-2020-16156 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS7.9AI score0.00791EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•6 views

Moderate: pandoc security update

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. It can read several dialects of Markdown and subsets of HTML, reStructuredText, LaTeX, DocBook, JATS, MediaWiki markup, TWiki markup, TikiWiki markup, Creole 1.0, Haddock...

7.5CVSS7.6AI score0.01027EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•8 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.7AI score0.00763EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•10 views

Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

5.9CVSS7AI score0.00276EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•3 views

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: NPDL device: Compression buffer overflow CVE-2025-27832 For more details...

9.8CVSS8.1AI score0.00806EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/03 12:0 a.m.•9 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.7AI score0.00763EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/02 12:0 a.m.•4 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Use after Free in grusetcontextoption leading to kernel panic CVE-2022-3424 kernel: ndisc: use RCU protection in ndiscallocskb CVE-2025-21764 For more details about the security issues,...

7.8CVSS6.3AI score0.00238EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/06/02 12:0 a.m.•7 views

Important: varnish security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: request smuggling attacks CVE-2025-47905 For more details about the...

5.4CVSS6.8AI score0.003EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/02 12:0 a.m.•20 views

Low: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

8.8CVSS7.2AI score0.04793EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/06/02 12:0 a.m.•3 views

Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: varnish: request smuggling attacks CVE-2025-47905 For more details about the...

5.4CVSS5.8AI score0.003EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/29 12:0 a.m.•17 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local code execution ...

8.1CVSS7.4AI score0.00398EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/05/29 12:0 a.m.•14 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local code execution ...

8.1CVSS7.4AI score0.00398EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/05/29 12:0 a.m.•15 views

Important: mingw-freetype security update

MinGW Windows Freetype library. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 libsoup: Integer overflow in appendparamquoted CVE-2025-32050 libsoup: Heap buffer overflow in sniffunknown...

9CVSS8.3AI score0.26049EPSS
Exploits1References22
AlmaLinux
AlmaLinux
•added 2025/05/28 12:0 a.m.•8 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: wifi: rtw89: Fix array index mistake in rtw89stainfogetiter CVE-2024-43842 For more details about the security issues, including t...

7.8CVSS7.6AI score0.00218EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/05/28 12:0 a.m.•10 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser CVE-2025-46727 tornado: Tornado Multipart Form-Data Denial of Service CVE-2025-47287 For more details about the securit...

7.5CVSS5.8AI score0.00911EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/28 12:0 a.m.•8 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: rtw89: Fix array index mistake in rtw89stainfogetiter CVE-2024-43842 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

7.8CVSS7.4AI score0.00218EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/05/27 12:0 a.m.•8 views

Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution...

8.8CVSS7.5AI score0.00708EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/27 12:0 a.m.•9 views

Important: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution...

8.8CVSS7.5AI score0.00708EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/26 12:0 a.m.•26 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: OOB Read on libsoup through function...

7.5CVSS7.7AI score0.00764EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2025/05/26 12:0 a.m.•15 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: OOB Read on libsoup through function...

7.5CVSS7.7AI score0.00764EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2025/05/26 12:0 a.m.•11 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: Fix integer overflow while processing acregmax mount option CVE-2025-21964 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

5.5CVSS7.4AI score0.00178EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/26 12:0 a.m.•10 views

Important: python-tornado security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.8AI score0.00667EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/21 12:0 a.m.•20 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/mlx5: Always stop health timer during driver removal CVE-2024-40906 kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink CVE-2024-44970 kernel: vsock: Keep the binding until...

7.8CVSS7.1AI score0.00844EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2025/05/21 12:0 a.m.•9 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919 For more details about...

9.8CVSS7AI score0.08917EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/05/21 12:0 a.m.•22 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: net/mlx5: Always stop health timer during driver removal CVE-2024-40906 kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unli...

7.8CVSS7.2AI score0.00844EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2025/05/20 12:0 a.m.•14 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2025-31205 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-31257 For mor...

6.5CVSS7.2AI score0.01028EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/20 12:0 a.m.•11 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919 For more details about...

9.8CVSS6.9AI score0.08917EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•18 views

Important: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName...

7.4CVSS7.6AI score0.59501EPSS
Exploits0References4
Total number of security vulnerabilities5313