Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2025/01/09 12:0 a.m.•92 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 CVE-2025-0243 firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134,...

6.5CVSS7.2AI score0.1307EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/09 12:0 a.m.•38 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54479 webkit: Processing maliciously crafted web content may lead to an unexpected process...

8.8CVSS8.9AI score0.14492EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2025/01/09 12:0 a.m.•16 views

Important: dpdk security update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library CVE-2024-11614 For more details about the security...

7.4CVSS7.5AI score0.00551EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2025/01/09 12:0 a.m.•29 views

Important: iperf3 security update

Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss. Security Fixes: iperf: Denial of Service in iperf Due to Improper JSON Handling CVE-2024-53580 For more details about the securit...

7.5CVSS7.6AI score0.00908EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2025/01/08 12:0 a.m.•29 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: i40e: fix race condition by adding filter's intermediate sync state CVE-2024-53088 kernel: mptcp: cope racing subflow creation in mptcprcvspaceadjust CVE-2024-53122 For more details about...

5.5CVSS5.4AI score0.00199EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/08 12:0 a.m.•12 views

Low: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: libppd: remote command injection via attacker controlled data in PPD file CVE-2024-47175 For more details about the security issues, including the impact, ...

9.8CVSS7.7AI score0.62474EPSS
Exploits5References4
AlmaLinux
AlmaLinux
•added 2025/01/08 12:0 a.m.•22 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: i40e: fix race condition by adding filter's intermediate sync state CVE-2024-53088 kernel: mptcp: cope racing subflow creation in...

5.5CVSS5.5AI score0.00199EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2025/01/08 12:0 a.m.•29 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: perf/aux: Fix AUX buffer serialization CVE-2024-46713 kernel: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages CVE-2024-50208 kernel: mlxsw: spectrumipip: Fix memory leak when...

7.8CVSS7.3AI score0.00299EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2025/01/08 12:0 a.m.•21 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241 firefox: Alt-Svc ALPN...

7.7CVSS7.5AI score0.1307EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2025/01/02 12:0 a.m.•19 views

Moderate: python-requests security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.6CVSS6.8AI score0.0034EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/19 12:0 a.m.•29 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout CVE-2024-27399 kernel: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE CVE-2024-38564 kernel: bpf: Fix a...

7.8CVSS7.6AI score0.00301EPSS
Exploits1References36
AlmaLinux
AlmaLinux
•added 2024/12/18 12:0 a.m.•24 views

Important: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in...

9.8CVSS7.2AI score0.01248EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•14 views

Moderate: tuned security update

The tuned packages provide a service that tunes system settings according to a selected profile. Security Fixes: tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS6.8AI score0.00298EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•14 views

Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 For more details about the security issues, including the...

4.2CVSS7.1AI score0.00544EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•17 views

Moderate: edk2:20220126gitbb1bba3d77 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 For more details about the security issues, including th...

5.9CVSS6.7AI score0.0037EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•12 views

Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...

9.8CVSS6.8AI score0.01344EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•35 views

Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 For more details about the security issues, including the...

4.2CVSS8.3AI score0.00544EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•12 views

Moderate: mpg123:1.32.9 security update

The mpg123 packages contain real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2, and 3 most commonly MPEG 1.0 layer 3 also known as MP3, as well as re-usable decoding and output libraries. Security Fixes: mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 For more...

6.7CVSS7.1AI score0.00348EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•10 views

Moderate: edk2:20240524 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 For more details about the security issues, including th...

5.9CVSS6.7AI score0.0037EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•21 views

Moderate: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 For more details about the security issues, including the...

4.7CVSS7.1AI score0.00265EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•11 views

Moderate: libsndfile:1.0.31 security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS6.8AI score0.00308EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•13 views

Moderate: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

7.5CVSS8AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•17 views

Moderate: unbound:1.16.2 security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

5.3CVSS6.7AI score0.00806EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•20 views

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack...

7.5CVSS8.1AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•15 views

Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS6.8AI score0.00308EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•8 views

Moderate: mpg123 security update

The mpg123 packages contain real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2, and 3 most commonly MPEG 1.0 layer 3 also known as MP3, as well as re-usable decoding and output libraries. Security Fixes: mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 For more...

6.7CVSS7.1AI score0.00348EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/17 12:0 a.m.•26 views

Moderate: bluez security update

The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Security Fixes: bluez: unauthorized HID device connections allows keystroke injection and arbitrary...

6.3CVSS7.7AI score0.07879EPSS
Exploits8References4
AlmaLinux
AlmaLinux
•added 2024/12/16 12:0 a.m.•24 views

Important: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...

9.8CVSS6.8AI score0.01344EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/12/16 12:0 a.m.•16 views

Important: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in...

9.8CVSS7.2AI score0.01248EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/12/16 12:0 a.m.•27 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.5AI score0.00647EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/12 12:0 a.m.•8 views

Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: sinatra: Open Redirect Vulnerability in Sinatra via X-Forwarded-Host Header CVE-2024-21510 For more details about the security issues, including the impact, a CVSS score,...

5.4CVSS7.3AI score0.00476EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/12 12:0 a.m.•25 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.7CVSS6.5AI score0.0188EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/12/12 12:0 a.m.•38 views

Moderate: python3.9:3.9.21 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.6AI score0.0067EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/12/12 12:0 a.m.•20 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.4AI score0.00647EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/12 12:0 a.m.•23 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.7CVSS6.5AI score0.0188EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•14 views

Important: python36:3.6 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.4CVSS7.3AI score0.01557EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•40 views

Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

9.8CVSS7.1AI score0.3786EPSS
Exploits11References24
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•28 views

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in...

7.8CVSS6.7AI score0.00352EPSS
Exploits1References20
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•40 views

Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS6.5AI score0.49336EPSS
Exploits7References14
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•21 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in qdiscpktleninit with UFO CVE-2024-49949 kernel: blk-rq-qos: f...

7.8CVSS6.6AI score0.00352EPSS
Exploits1References20
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•35 views

Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS7.6AI score0.49336EPSS
Exploits7References14
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•27 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/smc: fix illegal rmbdesc access in SMC-D connection dump CVE-2024-26615 kernel: block: initialize integrity buffer to zero before writing it to media CVE-2024-43854 kernel: iommu:...

6.2CVSS7.8AI score0.00529EPSS
Exploits1References15
AlmaLinux
AlmaLinux
•added 2024/12/11 12:0 a.m.•27 views

Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk CVE-2024-3096 php: Filter bypass in filtervar...

7.5CVSS7.6AI score0.49336EPSS
Exploits7References14
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•13 views

Important: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10979 postgresq...

8.8CVSS8AI score0.04422EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•26 views

Important: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: REXML ReDoS vulnerability CVE-2024-49761 For more details about the security issues, including the impact, a CVSS score,...

8.7CVSS6.1AI score0.01429EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•15 views

Important: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: REXML ReDoS vulnerability CVE-2024-49761 For more details about the security issues, including the impact, a CVSS score,...

8.7CVSS6.1AI score0.01429EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•21 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10979 postgresq...

8.8CVSS8AI score0.04422EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•21 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10979 postgresq...

8.8CVSS8AI score0.04422EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•18 views

Important: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: REXML ReDoS vulnerability CVE-2024-49761 For more details about the security issues, including the impact, a CVSS score,...

8.7CVSS6.1AI score0.01429EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/12/05 12:0 a.m.•20 views

Important: ruby:3.1 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: REXML ReDoS vulnerability CVE-2024-49761 For more details about the security issues, including the impact, a CVSS score,...

8.7CVSS6.1AI score0.01429EPSS
Exploits0References4
Total number of security vulnerabilities5313