Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•11 views

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: dds buffe...

7.8CVSS7.5AI score0.93639EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Important: yelp security update

Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook. Security Fixes: yelp: Arbitrary file read CVE-2025-3155 For more details...

7.4CVSS6.7AI score0.12592EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•9 views

Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 php: Streams HTTP wrapper...

9.8CVSS7AI score0.01263EPSS
Exploits3References14
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•7 views

Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: OOB-read in...

9.1CVSS6.8AI score0.01139EPSS
Exploits0References36
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•18 views

Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...

7.5CVSS7AI score0.01569EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•25 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer overflow in appendparamquoted CVE-2025-32050 libsoup: Heap buffer overflow in sniffunknown CVE-2025-32052 libsoup: Heap buffer overflows in snifffeedorhtml and skipinsignificantspace...

9CVSS7.8AI score0.00832EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•7 views

Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

7.1CVSS7.3AI score0.00606EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•6 views

Moderate: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

7.5CVSS7AI score0.04575EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•11 views

Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference...

9.1CVSS7AI score0.01298EPSS
Exploits2References10
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•27 views

Important: libxslt security update

libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlying data using the standard XSLT stylesheet transformation mechanism. Security Fixes: libxslt: Use-After-Free in libxslt xsltGetInheritedNsList...

7.8CVSS7AI score0.00324EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•9 views

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript...

8.4CVSS7.7AI score0.0153EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•11 views

Moderate: rust-bootupd security update

Bootloader updater Security Fixes: rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section...

6.3CVSS7AI score0.0065EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•8 views

Moderate: python3.12-cryptography security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.3CVSS7AI score0.0065EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•5 views

Moderate: perl-Module-ScanDeps security update

This module scans potential modules used by perl programs and returns a hash reference. Its keys are the module names as they appear in %INC e.g. Test/More.pm. The values are hash references. Security Fixes: module-scandeps: local privilege escalation via unsanitized input CVE-2024-10224 For more...

7.8CVSS7AI score0.08598EPSS
Exploits3References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•4 views

Moderate: microcode_ctl security update

The microcodectl packages provide microcode updates for Intel and AMD processors. Security Fixes: microcodectl: Improper input validation in UEFI firmware CVE-2024-28047 microcodectl: Insufficient granularity of access control in UEFI firmware CVE-2024-39279 microcodectl: mproper initialization i...

6.8CVSS7AI score0.00237EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•7 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: reader/jpe...

6.7CVSS7.3AI score0.00673EPSS
Exploits1References18
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•6 views

Moderate: iptraf-ng security update

IPTraf-ng is a console-based network monitoring utility which includes an IP traffic monitor, a TCP and UDP service monitor, and a LAN statistics module. It supports Ethernet, FDDI, ISDN, SLIP, PPP, and loopback interfaces as well as the built-in raw socket interface of the Linux kernel. Security...

7.5CVSS7.5AI score0.00727EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•6 views

Moderate: aardvark-dns security update

Authoritative DNS server for A/AAAA container records Forwards other request to configured resolvers. Read more about configuration in src/backend/mod.rs. Security Fixes: containers/aardvark-dns: TCP Query Handling Flaw in Aardvark-dns Leading to Denial of Service CVE-2024-8418 For more details...

7.5CVSS6.9AI score0.00759EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•6 views

Moderate: bootc security update

Bootable container system Security Fixes: rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...

6.3CVSS7AI score0.0065EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•10 views

Important: mod_auth_openidc security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak...

8.2CVSS6.9AI score0.00542EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•9 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox:...

9.1CVSS8.2AI score0.00538EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•11 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7.2AI score0.00693EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/13 12:0 a.m.•9 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/12 12:0 a.m.•27 views

Moderate: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.7AI score0.0069EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/12 12:0 a.m.•18 views

Moderate: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 For more details about th...

7.8CVSS7.1AI score0.00526EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/12 12:0 a.m.•13 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox: thunderbird: Process isolation bypass using...

9.1CVSS8.2AI score0.00538EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/05/07 12:0 a.m.•21 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service CVE-2017-17095 For more details about the security issues, including the impact, a CVSS...

8.8CVSS8.9AI score0.10639EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/05/07 12:0 a.m.•12 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.7AI score0.00295EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/05/07 12:0 a.m.•14 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/06 12:0 a.m.•35 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer overflow in appendparamquoted CVE-2025-32050 libsoup: Heap buffer overflow in sniffunknown CVE-2025-32052 libsoup: Heap buffer overflows in snifffeedorhtml and skipinsignificantspace...

9CVSS9.6AI score0.00832EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/05/06 12:0 a.m.•20 views

Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled...

7.5CVSS5.5AI score0.01214EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/06 12:0 a.m.•11 views

Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: null pointer dereference leads to denial of service CVE-2025-2487 F...

4.9CVSS6.8AI score0.00553EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/06 12:0 a.m.•11 views

Moderate: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS6.5AI score0.01493EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/05/05 12:0 a.m.•18 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox:...

9.1CVSS10AI score0.00538EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/05/05 12:0 a.m.•19 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox: thunderbird: Process isolation bypass using...

9.1CVSS10AI score0.00538EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/05/05 12:0 a.m.•10 views

Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

8.3CVSS6.5AI score0.00555EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/05/05 12:0 a.m.•40 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

9.8CVSS6.7AI score0.00718EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/05/05 12:0 a.m.•19 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox:...

9.1CVSS10AI score0.00538EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/04/30 12:0 a.m.•19 views

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: heap buffer over write vulnerability in GhostScript's lp8000printpage in...

8.4CVSS7.9AI score0.0153EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/04/28 12:0 a.m.•13 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.4AI score0.00295EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/04/28 12:0 a.m.•29 views

Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

9.8CVSS7.4AI score0.02286EPSS
Exploits5References18
AlmaLinux
AlmaLinux
•added 2025/04/28 12:0 a.m.•28 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

6.2CVSS7.3AI score0.00349EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/04/24 12:0 a.m.•13 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3029 firefox: thunderbird: Use-after-free triggered by XSLTProcessor CVE-2025-3028 firefox: thunderbird: Memory safety bugs fixed in Firefo...

8.1CVSS7.8AI score0.00824EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2025/04/24 12:0 a.m.•8 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3029 firefox: thunderbird: Use-after-free triggered by XSLTProcessor CVE-2025-3028 firefox: thunderbird: Memory safety bugs fixed in Firefo...

8.1CVSS7.8AI score0.00824EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2025/04/22 12:0 a.m.•5 views

Moderate: xmlrpc-c security update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

7.5CVSS6.9AI score0.01569EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/04/22 12:0 a.m.•6 views

Moderate: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: Inefficient DER Decoding in libtasn1 Leading ...

5.3CVSS6.8AI score0.01025EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/04/22 12:0 a.m.•21 views

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...

5.3CVSS6.7AI score0.01193EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/04/22 12:0 a.m.•22 views

Moderate: bluez security update

The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Security Fixes: BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution...

8CVSS7.1AI score0.01427EPSS
Exploits0References6
Total number of security vulnerabilities5313