Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•18 views

Important: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName...

7.4CVSS7.6AI score0.59501EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•20 views

Important: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: X.400...

7.4CVSS7.2AI score0.59501EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•22 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Cross-site Scripting XSS in Grafana via Custom Frontend Plugins and Open Redirect CVE-2025-4123 For more details about the security issues, including the impact, ...

7.6CVSS6.2AI score0.97809EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•3 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2025-31205 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-31257 For mor...

6.5CVSS7.2AI score0.01028EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•30 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock: Keep the binding until socket destruction CVE-2025-21756 kernel: dm-flakey: Fix memory corruption in optional corruptbiobyte feature CVE-2025-21966 kernel: net: ppp: Add bound...

7.8CVSS7.2AI score0.00844EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2025/05/19 12:0 a.m.•38 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/15 12:0 a.m.•7 views

Moderate: xdg-utils security update

The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. Security Fixes: xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments CVE-2022-4055 For more details about the security issues...

7.4CVSS7.2AI score0.00652EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/15 12:0 a.m.•7 views

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.5CVSS7.1AI score0.00824EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•7 views

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: NPDL device: Compression buffer overflow CVE-2025-27832 For more details...

9.8CVSS7.9AI score0.00806EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•4 views

Moderate: libjpeg-turbo security update

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fixes: libjpeg-turbo:...

8.1CVSS8.3AI score0.03178EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•12 views

Important: yelp and yelp-xsl security update

Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook. Security Fixes: yelp: Arbitrary file read CVE-2025-3155 For more details...

7.4CVSS6.7AI score0.12592EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•10 views

Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read CVE-2019-19012 rubygem-bundler:...

9.8CVSS8.4AI score0.10539EPSS
Exploits4References6
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•14 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: hwmon: coretemp fix pci device refcount leak in nv1aramnew CVE-2022-49011 kernel: netfilter: ipset: add missing range check in...

7.8CVSS7.7AI score0.00396EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•15 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime...

8CVSS7.6AI score0.011EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•12 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.106 and .NET Runtime 9.0.5.Securi...

8CVSS7.6AI score0.011EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•8 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime...

8CVSS6.6AI score0.011EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•7 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.106 and .NET Runtime 9.0.5.Securi...

8CVSS7AI score0.011EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/14 12:0 a.m.•19 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: hwmon: coretemp fix pci device refcount leak in nv1aramnew CVE-2022-49011 kernel: netfilter: ipset: add missing range check in bitmapipuadt CVE-2024-53141 For more details about the...

7.8CVSS7.5AI score0.00396EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•58 views

Low: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: code execution via OSC 50 input sequences CVE-2022-45063 For more details about the securi...

9.8CVSS7.3AI score0.04949EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•5 views

Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

8.7CVSS6.8AI score0.00369EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•7 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 For more details about the security issues, including t...

8.7CVSS6.8AI score0.00369EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•5 views

Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: crypto/tls: panic when processing post-handshake message on QUIC connections...

9.8CVSS7.3AI score0.01952EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•19 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.7AI score0.00295EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•17 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

6.8CVSS6.9AI score0.06997EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: keylime-agent-rust security update

Rust agent for Keylime Security Fixes: rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...

6.3CVSS7AI score0.0065EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•4 views

Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 X.Org:...

7.8CVSS7.8AI score0.00894EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•9 views

Low: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: use-after-free in function inscomplgetexp in vim/vim CVE-2023-4752 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the...

7.8CVSS6.8AI score0.00559EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•18 views

Moderate: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 php: Streams HTTP wrapper...

9.8CVSS6.9AI score0.00821EPSS
Exploits2References12
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: Inefficient DER Decoding in libtasn1 Leading ...

5.3CVSS7AI score0.01025EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•4 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•3 views

Moderate: gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update

The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on media data. Security Fixes: gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 gstreamer: AV1 Video Parsing Stack-based Buffer Overflow CVE-2024-0444 For more details about the...

8.8CVSS6.9AI score0.01565EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•3 views

Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 X.Org: Xwayland: Use-after-free of the root cursor CVE-2025-26594 xorg: xwayland: Use-after-free in SyncInitTrigger...

7.8CVSS7.9AI score0.00894EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: null pointer dereference leads to denial of service CVE-2025-2487 F...

4.9CVSS6.8AI score0.00553EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•14 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-44192 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-54467...

7.5CVSS6.5AI score0.00827EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•15 views

Moderate: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Memory corruption in the ngxhttpmp4module CVE-2022-41741 nginx: Memory disclosure in the ngxhttpmp4module CVE-2022-41742 nginx: speciall...

7.8CVSS7.4AI score0.01069EPSS
Exploits2References7
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: avahi security update

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...

5.3CVSS6.7AI score0.00681EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•17 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

9.8CVSS7.2AI score0.00718EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•10 views

Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

9.8CVSS7.5AI score0.02286EPSS
Exploits5References18
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: python-requests security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.6CVSS6.9AI score0.0034EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...

5.3CVSS6.9AI score0.01193EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: protobuf security update

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: protobuf: message parsin...

7.5CVSS6.5AI score0.01191EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•4 views

Moderate: openjpeg2 security update

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 For more details about the security issues, including t...

5.6CVSS7.5AI score0.00309EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•6 views

Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.5CVSS7.7AI score0.00824EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•19 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: iouring/sqpoll: zero sqd-thread on tctx errors CVE-2025-21633 kernel: soc: qcom: socinfo: Avoid out of bounds read of serial number CVE-2024-58007 kernel: tpm: Change to kvalloc in...

7.8CVSS7.2AI score0.00223EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

7.5CVSS7.7AI score0.00824EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•19 views

Important: osbuild and osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•9 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•4 views

Moderate: rpm-ostree security update

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...

6.3CVSS7.2AI score0.0065EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

9.8CVSS7.4AI score0.00433EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•10 views

Moderate: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...

8.8CVSS6.7AI score0.00494EPSS
Exploits1References4
Total number of security vulnerabilities5313