Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/03/11 12:0 a.m.•16 views

Important: .NET 8.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.114 and .NET Runtime...

7CVSS6.7AI score0.00911EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/03/11 12:0 a.m.•11 views

Important: .NET 9.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.104 and .NET Runtime 9.0.3.Securi...

7CVSS6.7AI score0.00911EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/03/11 12:0 a.m.•19 views

Important: .NET 8.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.114 and .NET Runtime...

7CVSS6.7AI score0.00911EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/03/11 12:0 a.m.•15 views

Important: .NET 9.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.104 and .NET Runtime 9.0.3.Securi...

7CVSS6.7AI score0.00911EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/03/11 12:0 a.m.•39 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ACPI: extlog: fix NULL pointer dereference check CVE-2023-52605 kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 kernel: HID: core:...

7.8CVSS8AI score0.03558EPSS
Exploits1References14
AlmaLinux
AlmaLinux
•added 2025/03/10 12:0 a.m.•13 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS7.5AI score0.00485EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/03/10 12:0 a.m.•35 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS7.5AI score0.00485EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/03/10 12:0 a.m.•28 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: core: zero-initialize the report buffer CVE-2024-50302 kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices CVE-2024-53197 kernel: scsi:...

7.8CVSS7.9AI score0.03558EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/03/10 12:0 a.m.•23 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: HID: core: zero-initialize the report buffer CVE-2024-50302 kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extig...

7.8CVSS8.1AI score0.03558EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/03/06 12:0 a.m.•39 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1930 firefox:...

8.8CVSS8AI score0.00519EPSS
Exploits1References20
AlmaLinux
AlmaLinux
•added 2025/03/05 12:0 a.m.•16 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1930 firefox:...

8.8CVSS8.5AI score0.00519EPSS
Exploits1References20
AlmaLinux
AlmaLinux
•added 2025/03/03 12:0 a.m.•11 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to memory corruption CVE-2024-54543 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user CVE-2025-24143...

8.8CVSS9.2AI score0.02902EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/03/03 12:0 a.m.•16 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to memory corruption CVE-2024-54543 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user CVE-2025-24143...

8.8CVSS9.2AI score0.02902EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2025/02/27 12:0 a.m.•14 views

Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme CVE-2025-1244 For...

8.8CVSS8.6AI score0.02657EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/27 12:0 a.m.•18 views

Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme CVE-2025-1244 For...

8.8CVSS8.6AI score0.02657EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•15 views

Important: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•24 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•13 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•14 views

Important: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•12 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•22 views

Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•21 views

Important: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security...

8.1CVSS8.3AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/20 12:0 a.m.•21 views

Important: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS7.1AI score0.89472EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•9 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.4AI score0.14614EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•11 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.4AI score0.14614EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•14 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS6.8AI score0.14614EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•13 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: migrate: fix getting incorrect page mapping during page migration CVE-2023-52490 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

5.5CVSS6.7AI score0.00276EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•20 views

Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS6.8AI score0.16182EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•47 views

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

9.1CVSS6.4AI score0.16212EPSS
Exploits3References100
AlmaLinux
AlmaLinux
•added 2025/02/19 12:0 a.m.•40 views

Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

9.1CVSS10AI score0.16212EPSS
Exploits3References100
AlmaLinux
AlmaLinux
•added 2025/02/17 12:0 a.m.•15 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.8AI score0.01282EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/02/17 12:0 a.m.•12 views

Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...

6.8CVSS6.7AI score0.01282EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/02/17 12:0 a.m.•30 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.1CVSS6.8AI score0.00257EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/17 12:0 a.m.•12 views

Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.8AI score0.01282EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/02/13 12:0 a.m.•11 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile CVE-2024-11218 For more details about the security...

8.6CVSS6.8AI score0.00358EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/13 12:0 a.m.•22 views

Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...

6.8CVSS6.7AI score0.01282EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/02/13 12:0 a.m.•21 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.8AI score0.01282EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/02/12 12:0 a.m.•18 views

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.8AI score0.01282EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/02/12 12:0 a.m.•11 views

Moderate: gcc-toolset-14-gcc security update

The gcc-toolset-14-gcc package contains the GNU Compiler Collection version 14. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/12 12:0 a.m.•20 views

Moderate: gcc security update

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including...

6.9CVSS7.2AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/12 12:0 a.m.•16 views

Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.1CVSS6.8AI score0.00257EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•37 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.8CVSS7.6AI score0.03301EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•41 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.8CVSS7.1AI score0.03301EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•19 views

Moderate: gcc-toolset-13-gcc security update

The gcc-toolset-13-gcc package contains the GNU Compiler Collection version 13. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•22 views

Moderate: gcc security update

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including...

6.9CVSS7.2AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•25 views

Moderate: doxygen security update

Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•27 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-fr...

9.8CVSS9.4AI score0.01196EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•37 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-free in Custom Highlight CVE-2025-1010 firefox:...

9.8CVSS9AI score0.01331EPSS
Exploits0References22
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•13 views

Moderate: doxygen security update

Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...

6.9CVSS7.6AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•15 views

Moderate: gcc-toolset-13-gcc security update

The gcc-toolset-13-gcc13 package contains the GNU Compiler Collection version 13. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References4
Total number of security vulnerabilities5313