Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•19 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2026-28946 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

8.8CVSS5.4AI score0.00693EPSS
Exploits0References34
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•6 views

Important: postfix security update

The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffer over-read via malformed enhanced status code CVE-2026-43964 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•3 views

Important: valkey security update

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS8.1AI score0.02995EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•5 views

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.5AI score0.02995EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•6 views

Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

6.5CVSS7.9AI score0.00323EPSS
Exploits0References46
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•9 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...

7.5CVSS5.3AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•8 views

Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-73...

9.1CVSS5.8AI score0.02719EPSS
Exploits0References32
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•8 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime...

7.5CVSS5.3AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•9 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime...

7.5CVSS5.3AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•15 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

9.8CVSS5.7AI score0.00563EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•18 views

Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.7AI score0.02995EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...

7.8CVSS5.7AI score0.00252EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...

7.8CVSS5.8AI score0.00252EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.2AI score0.0077EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•9 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a CVSS scor...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•11 views

Critical: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781...

9.8CVSS7AI score0.00563EPSS
Exploits0References28
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•14 views

Critical: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781 kernel: nbd: defer config unlock in nbdgenlconnect...

9.8CVSS6.8AI score0.00563EPSS
Exploits0References28
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•5 views

Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

6.5CVSS7.2AI score0.00323EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

9.8CVSS6AI score0.12797EPSS
Exploits8References14
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•7 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

8.7CVSS5.4AI score0.00842EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•9 views

Important: libyang security update

Libyang is YANG data modeling language parser and toolkit written and providing API in C. Security Fixes: libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 For more details about the security issues, including the impact, a CVSS...

7.5CVSS6.2AI score0.00428EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•7 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

10CVSS5.6AI score0.01272EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•5 views

Important: frr10 security update

FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

7.5CVSS5.7AI score0.00389EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•3 views

Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•8 views

Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

7.5CVSS5.4AI score0.00389EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•20 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786 kernel: Linux kernel: smb: client: reject...

8.1CVSS6.6AI score0.00378EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•3 views

Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.1AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•10 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•6 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•7 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

7.5CVSS5.5AI score0.00428EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•8 views

Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•11 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•11 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues,...

7.8CVSS5.4AI score0.00353EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•7 views

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

6.5CVSS7.6AI score0.00323EPSS
Exploits0References46
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•8 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/03 12:0 a.m.•13 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

7.5CVSS5.8AI score0.00428EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/06/03 12:0 a.m.•12 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/03 12:0 a.m.•11 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•10 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•12 views

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: group policy certificate enrollment uses without...

9.8CVSS5.9AI score0.12797EPSS
Exploits7References8
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•7 views

Moderate: libexif security update

The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service and information disclosure via integer...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•8 views

Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•15 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd:...

9.8CVSS6.3AI score0.04409EPSS
Exploits1References14
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•9 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•9 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•9 views

Moderate: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: OpenSSL:...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
Total number of security vulnerabilities5313