Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•6 views

Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

6.5CVSS7.9AI score0.00323EPSS
Exploits0References46
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•19 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2026-28946 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

8.8CVSS5.4AI score0.00693EPSS
Exploits0References34
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•4 views

Important: valkey security update

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS8.1AI score0.02995EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•5 views

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.5AI score0.02995EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/15 12:0 a.m.•7 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2026-28946 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

8.8CVSS6.7AI score0.00693EPSS
Exploits0References34
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•18 views

Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.7AI score0.02995EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•15 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

9.8CVSS5.7AI score0.00563EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•8 views

Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-73...

9.1CVSS5.8AI score0.02719EPSS
Exploits0References32
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•11 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...

7.5CVSS5.3AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•9 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime...

7.5CVSS5.3AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/11 12:0 a.m.•8 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime...

7.5CVSS5.3AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•9 views

Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.2AI score0.0077EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•11 views

Critical: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781...

9.8CVSS7AI score0.00563EPSS
Exploits0References28
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•9 views

Important: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...

7.8CVSS5.8AI score0.00252EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•6 views

Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

6.5CVSS7.2AI score0.00323EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•9 views

Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

9.8CVSS6AI score0.12797EPSS
Exploits8References14
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•9 views

Important: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...

7.8CVSS5.7AI score0.00252EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•8 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.109 and .NET Runtime...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•15 views

Critical: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781 kernel: nbd: defer config unlock in nbdgenlconnect...

9.8CVSS6.8AI score0.00563EPSS
Exploits0References28
AlmaLinux
AlmaLinux
•added 2026/06/10 12:0 a.m.•9 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 For more details about the security issues, including the impact, a CVSS scor...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References4
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•7 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

8.7CVSS5.4AI score0.00842EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•7 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

10CVSS5.6AI score0.01272EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•4 views

Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•6 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•5 views

Important: frr10 security update

FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

7.5CVSS5.7AI score0.00389EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•4 views

Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.1AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•20 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786 kernel: Linux kernel: smb: client: reject...

8.1CVSS6.6AI score0.00378EPSS
Exploits4References8
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•8 views

Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

7.5CVSS5.4AI score0.00389EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•10 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/08 12:0 a.m.•9 views

Important: libyang security update

Libyang is YANG data modeling language parser and toolkit written and providing API in C. Security Fixes: libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 For more details about the security issues, including the impact, a CVSS...

7.5CVSS6.2AI score0.00428EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•11 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues,...

7.8CVSS5.4AI score0.00353EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•7 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

7.5CVSS5.5AI score0.00428EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•8 views

Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•8 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS5.5AI score0.0181EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•12 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2026/06/04 12:0 a.m.•8 views

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

6.5CVSS7.6AI score0.00323EPSS
Exploits0References46
AlmaLinux
AlmaLinux
•added 2026/06/03 12:0 a.m.•14 views

Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

7.5CVSS5.8AI score0.00428EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/06/03 12:0 a.m.•12 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/03 12:0 a.m.•11 views

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•8 views

Moderate: libexif security update

The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service and information disclosure via integer...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•8 views

Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•12 views

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: group policy certificate enrollment uses without...

9.8CVSS5.9AI score0.12797EPSS
Exploits7References8
AlmaLinux
AlmaLinux
•added 2026/06/02 12:0 a.m.•11 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•15 views

Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•10 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•31 views

Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•3 views

Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.1AI score0.0077EPSS
Exploits0References4
Total number of security vulnerabilities5313