Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2024/10/14 12:0 a.m.•24 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

9.8CVSS7.2AI score0.32568EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/10/10 12:0 a.m.•17 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 For more details about the security issues, including the impact, a CVSS score,...

9.8CVSS7.2AI score0.32568EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/10/10 12:0 a.m.•16 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 For more details about the security issues, including the impact, a CVSS score,...

9.8CVSS7.2AI score0.32568EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/10/09 12:0 a.m.•29 views

Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35...

7.5CVSS7.8AI score0.03009EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/10/09 12:0 a.m.•21 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.110 and .NET Runtime 8.0.10...

8.1CVSS7.7AI score0.03009EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/10/09 12:0 a.m.•30 views

Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35...

7.5CVSS7.8AI score0.03009EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/10/09 12:0 a.m.•29 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.110 and .NET Runtime 8.0.10...

8.1CVSS7.8AI score0.03009EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/10/09 12:0 a.m.•38 views

Low: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 For more details about the security issues,...

9.1CVSS7.1AI score0.05582EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/10/07 12:0 a.m.•30 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131...

9.8CVSS8.2AI score0.00738EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2024/10/07 12:0 a.m.•22 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: 115.16/128.3 ESR firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird: Memory safety...

9.8CVSS8.2AI score0.00738EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2024/10/02 12:0 a.m.•17 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.5CVSS7.4AI score0.00297EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/10/02 12:0 a.m.•23 views

Moderate: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in t...

6.5CVSS7.4AI score0.00297EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/10/02 12:0 a.m.•24 views

Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity CVE-2023-20584 kernel: hw: amd:Incomplete system memory cleanup in SE...

6CVSS7.4AI score0.00199EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/10/02 12:0 a.m.•20 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: 115.16/128.3 ESR firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3...

9.8CVSS7.9AI score0.00738EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/10/02 12:0 a.m.•20 views

Moderate: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity CVE-2023-20584 kernel: hw: amd:Incomplete system memory cleanup in SE...

6CVSS7.4AI score0.00199EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/10/02 12:0 a.m.•25 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131...

9.8CVSS8.2AI score0.00738EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2024/10/01 12:0 a.m.•26 views

Moderate: mod_jk bug fix update

The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:AlmaLinux-58855 Security fixes: modjk: information Disclosure / DoS CVE-2024-46544 JIRA:AlmaLinux-59800...

5.9CVSS7AI score0.00326EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/10/01 12:0 a.m.•30 views

Important: cups-filters security update

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System CUPS distribution but is now maintained independently. Security Fixes: cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source...

9.8CVSS7.5AI score0.76959EPSS
Exploits16References8
AlmaLinux
AlmaLinux
•added 2024/09/30 12:0 a.m.•21 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 For more details about the security issues, including the impact, a CVSS score...

7.5CVSS7.3AI score0.01414EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/27 12:0 a.m.•30 views

Important: cups-filters security update

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System CUPS distribution but is now maintained independently. Security Fixes: cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source...

8.6CVSS7.5AI score0.76959EPSS
Exploits15References8
AlmaLinux
AlmaLinux
•added 2024/09/26 12:0 a.m.•29 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.9AI score0.01533EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/09/26 12:0 a.m.•21 views

Moderate: net-snmp security update

The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command...

8.8CVSS7.5AI score0.01299EPSS
Exploits0References14
AlmaLinux
AlmaLinux
•added 2024/09/26 12:0 a.m.•31 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.8AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/25 12:0 a.m.•24 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...

7.5CVSS7.3AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/25 12:0 a.m.•29 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...

7.5CVSS7.3AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•101 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2023-6040 CVE-2024-26595 CVE-2024-26600 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605 CVE-2024-26638 CVE-2024-26645 CVE-2024-26665...

8.8CVSS7.1AI score0.01028EPSS
Exploits2References292
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•29 views

Moderate: gtk3 security update

The GTK+ library provides a multi-platform toolkit for creating graphical user interfaces. The gtk3 packages contain GTK+ version 3. Security Fixes: gtk3: gtk2: Library injection from CWD CVE-2024-6655 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

7CVSS7.6AI score0.00464EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•31 views

Moderate: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS8AI score0.01284EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•29 views

Moderate: python3.12 security update

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

8.7CVSS7.7AI score0.01275EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•47 views

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.6AI score0.02203EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•27 views

Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: Negative Length Parsing Vulnerability in libexpat CVE-2024-45490 libexpat: Integer Overflow or Wraparound CVE-2024-45491 libexpat: integer overflow CVE-2024-45492 For more details about the security issues, including the...

9.8CVSS7.3AI score0.01686EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•31 views

Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

8.2CVSS7.2AI score0.01027EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•143 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: CVE-2023-6040 CVE-2024-26595 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605...

8.8CVSS9.6AI score0.01028EPSS
Exploits2References260
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•58 views

Moderate: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Gnus treats inline MIME contents as trusted CVE-2024-30203 emacs: Org mode considers...

9.8CVSS7.1AI score0.01323EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•52 views

Moderate: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: crypto/x509: Verify panics on certificates with an unknown public key algorith...

7.5CVSS6.9AI score0.01414EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•24 views

Low: nano security update

GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...

6.7CVSS7.2AI score0.00346EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•26 views

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.7CVSS7.5AI score0.01275EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/09/24 12:0 a.m.•86 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: uio: Fix use-after-free in uioopen CVE-2023-52439 kernel: net/sched: actmirred: don't override retval if we already lost the skb CVE-2024-26739 kernel: ARM: 9359/1: flush: check if the...

7.8CVSS7.8AI score0.01003EPSS
Exploits0References43
AlmaLinux
AlmaLinux
•added 2024/09/23 12:0 a.m.•36 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions containing deeply nested...

7.5CVSS7.2AI score0.01414EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/09/23 12:0 a.m.•40 views

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion...

7.5CVSS7.2AI score0.01414EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/09/23 12:0 a.m.•25 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 For more details...

7.5CVSS7.2AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/23 12:0 a.m.•36 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deepl...

7.5CVSS7.2AI score0.01127EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/19 12:0 a.m.•17 views

Important: pcp security update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...

5.5CVSS6.1AI score0.00288EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/09/19 12:0 a.m.•13 views

Important: pcp security update

Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fixes: pcp:...

5.5CVSS7.5AI score0.00288EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/09/18 12:0 a.m.•31 views

Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS7AI score0.01493EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/09/18 12:0 a.m.•28 views

Moderate: libnbd security update

Network Block Device NBD is a protocol for accessing Block Devices hard disks and disk-like devices over a Network. The libnbd is a userspace client library for writing NBD clients. Security Fixes: libnbd: NBD server improper certificate validation CVE-2024-7383 For more details about the securit...

7.4CVSS7.3AI score0.0039EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/18 12:0 a.m.•33 views

Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: Negative Length Parsing Vulnerability in libexpat CVE-2024-45490 libexpat: Integer Overflow or Wraparound CVE-2024-45491 libexpat: integer overflow CVE-2024-45492 For more details about the security issues, including the...

9.8CVSS7.6AI score0.01686EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/09/18 12:0 a.m.•39 views

Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS6.6AI score0.01493EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/09/18 12:0 a.m.•48 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Possible denial of service in X.509 name checks CVE-2024-6119 For more details about the security...

7.5CVSS7.2AI score0.66594EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/09/17 12:0 a.m.•16 views

Important: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: pypa/setuptools: Remote code execution via download functions in the...

8.8CVSS8AI score0.01939EPSS
Exploits0References4
Total number of security vulnerabilities5315