Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•13 views

Moderate: doxygen security update

Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...

6.9CVSS7.6AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•22 views

Moderate: gcc security update

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including...

6.9CVSS7.2AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•15 views

Moderate: gcc-toolset-13-gcc security update

The gcc-toolset-13-gcc13 package contains the GNU Compiler Collection version 13. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/11 12:0 a.m.•25 views

Moderate: doxygen security update

Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/10 12:0 a.m.•22 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 For more details about the security...

7.8CVSS7.8AI score0.03301EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/02/10 12:0 a.m.•11 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-free in Custom Highlight CVE-2025-1010 firefox:...

9.8CVSS9AI score0.01331EPSS
Exploits0References22
AlmaLinux
AlmaLinux
•added 2025/02/10 12:0 a.m.•10 views

Moderate: tbb security update

Threading Building Blocks TBB is a C++ runtime library that abstracts the low-level threading details necessary for optimal multi-core performance. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the securit...

6.9CVSS7.7AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/10 12:0 a.m.•22 views

Moderate: tbb security update

Threading Building Blocks TBB is a C++ runtime library that abstracts the low-level threading details necessary for optimal multi-core performance. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the securit...

6.9CVSS7.6AI score0.8383EPSS
Exploits6References4
AlmaLinux
AlmaLinux
•added 2025/02/05 12:0 a.m.•12 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: core: Fix unremoved procfs host directory regression CVE-2024-26935 kernel: arm64/sve: Discard stale CPU state when handling SVE traps CVE-2024-50275 For more details about the...

7CVSS6.9AI score0.00242EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/02/05 12:0 a.m.•10 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-fr...

9.8CVSS9.4AI score0.01196EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2025/02/05 12:0 a.m.•23 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: scsi: core: Fix unremoved procfs host directory regression CVE-2024-26935 kernel: arm64/sve: Discard stale CPU state when handling...

7CVSS7.1AI score0.00242EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•10 views

Moderate: keepalived security update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

9.8CVSS6.9AI score0.00616EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•9 views

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

8.6CVSS8.6AI score0.00358EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•8 views

Moderate: mingw-glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: buffer overflow in...

9.8CVSS7.3AI score0.01263EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•13 views

Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

4.9CVSS5.6AI score0.00424EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•32 views

Moderate: galera and mariadb security update

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...

4.9CVSS5.8AI score0.01782EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•12 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: buildah: Container breakout by using --jobs=2 and a race condition when building ...

8.6CVSS8.6AI score0.00358EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/02/04 12:0 a.m.•12 views

Moderate: bzip2 security update

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: bzip2: Data integrity error when decompressing with data integrity test...

9.8CVSS7.1AI score0.08042EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/30 12:0 a.m.•12 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.4CVSS9.3AI score0.00679EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/01/30 12:0 a.m.•15 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...

8.5CVSS8.1AI score0.0104EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/30 12:0 a.m.•13 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation CVE-2024-1488 unbound: Unbounded name compression could lead to Denial of Service...

8CVSS6.9AI score0.00806EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/29 12:0 a.m.•8 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.4CVSS8.7AI score0.00679EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/01/28 12:0 a.m.•10 views

Important: gimp:2.8 security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: PSD buffe...

7.8CVSS7.9AI score0.93639EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/01/28 12:0 a.m.•63 views

Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

4.9CVSS5.6AI score0.00424EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/28 12:0 a.m.•10 views

Moderate: keepalived security update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

9.8CVSS6.9AI score0.00616EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/28 12:0 a.m.•33 views

Moderate: mariadb:10.5 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Oct 2023 CVE-2023-22084 mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 For more details about the security...

4.9CVSS6.5AI score0.01782EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/28 12:0 a.m.•11 views

Moderate: bzip2 security update

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: bzip2: Data integrity error when decompressing with data integrity test...

9.8CVSS7.1AI score0.08042EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/27 12:0 a.m.•24 views

Important: python-jinja2 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.8AI score0.005EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/27 12:0 a.m.•21 views

Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.8CVSS7.9AI score0.4292EPSS
Exploits4References12
AlmaLinux
AlmaLinux
•added 2025/01/27 12:0 a.m.•20 views

Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.8CVSS9.3AI score0.07802EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2025/01/23 12:0 a.m.•12 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...

8.5CVSS6.9AI score0.0104EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/23 12:0 a.m.•14 views

Important: python-jinja2 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.8AI score0.005EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/22 12:0 a.m.•39 views

Moderate: java-21-openjdk security update for AlmaLinux 8.10, 9.4 and 9.5

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

4.8CVSS5.1AI score0.00971EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/01/22 12:0 a.m.•13 views

Moderate: java-17-openjdk security update for AlmaLinux 8.6, 8.8, 8.10, 9.4 and 9.5

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 Bug Fixes: The AlmaLinux OpenJDK packages rely on the copy-jdk-configs package to transfer configuration files ...

4.8CVSS5.1AI score0.00971EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2025/01/22 12:0 a.m.•31 views

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

9.8CVSS8.9AI score0.69355EPSS
Exploits4References22
AlmaLinux
AlmaLinux
•added 2025/01/22 12:0 a.m.•25 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 kernel: arm64/sve: Discard stale CPU state when handling SVE traps CVE-2024-50275 kernel: i40e: fix race condition by...

7.8CVSS6.8AI score0.00241EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/01/20 12:0 a.m.•25 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: go-git: argument injection via the URL field CVE-2025-21613 go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies CVE-2025-21614 For more...

9.8CVSS7.3AI score0.0124EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/16 12:0 a.m.•24 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.102 and .NET Runtime 9.0.1...

8.8CVSS8.8AI score0.02262EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/01/16 12:0 a.m.•9 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.112 and .NET Runtime 8.0.1.12...

8.8CVSS8.8AI score0.02262EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2025/01/16 12:0 a.m.•30 views

Moderate: Security and bug fixes for NetworkManager

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

7.6CVSS6.7AI score0.04063EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2025/01/15 12:0 a.m.•20 views

Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

7.5CVSS8.7AI score0.09353EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2025/01/15 12:0 a.m.•56 views

Moderate: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 For more details about t...

5.5CVSS6.8AI score0.00226EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/15 12:0 a.m.•18 views

Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

7.5CVSS8.7AI score0.09353EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2025/01/14 12:0 a.m.•9 views

Important: raptor2 security update

Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fixes: raptor: integer underflow when normalizing a URI with the turtle parser CVE-2024-57823 For more details about the security issues, including th...

9.3CVSS9.3AI score0.00315EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/01/14 12:0 a.m.•14 views

Important: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: fence-agents: Jinja has a sandbox breakout through indirect reference t...

8.8CVSS7AI score0.005EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/14 12:0 a.m.•24 views

Important: raptor2 security update

Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fixes: raptor: integer underflow when normalizing a URI with the turtle parser CVE-2024-57823 For more details about the security issues, including th...

9.3CVSS9.3AI score0.00315EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/01/13 12:0 a.m.•32 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 CVE-2025-0243 firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134,...

6.5CVSS7.8AI score0.1307EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/13 12:0 a.m.•40 views

Moderate: Bug fix of NetworkManager

Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:AlmaLinux-73051 VPN connections do not support ipv4.routing-rules settings...

7.6CVSS7AI score0.04063EPSS
Exploits1References3
AlmaLinux
AlmaLinux
•added 2025/01/09 12:0 a.m.•8 views

Important: iperf3 security update

Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss. Security Fixes: iperf: Denial of Service in iperf Due to Improper JSON Handling CVE-2024-53580 For more details about the securit...

7.5CVSS7.6AI score0.00908EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/01/09 12:0 a.m.•10 views

Important: dpdk security update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library CVE-2024-11614 For more details about the security...

7.4CVSS7.5AI score0.00551EPSS
Exploits0References4
Total number of security vulnerabilities5315