Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2024/08/19 12:0 a.m.•30 views

Important: python3.12-setuptools security update

Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software...

8.8CVSS9.2AI score0.01939EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/19 12:0 a.m.•39 views

Important: python3.12-setuptools security update

Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software...

8.8CVSS9.2AI score0.01939EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/19 12:0 a.m.•15 views

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS7.7AI score0.00238EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/19 12:0 a.m.•25 views

Important: python-setuptools security update

The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Security Fixes: pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools...

8.8CVSS9.1AI score0.01939EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/15 12:0 a.m.•26 views

Important: bind and bind-dyndb-ldap security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.2AI score0.02114EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/08/15 12:0 a.m.•29 views

Important: python3.11-setuptools security update

Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software...

8.8CVSS9.2AI score0.01939EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/15 12:0 a.m.•78 views

Moderate: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.108 and .NET Runtime 8.0.8...

6.5CVSS6.3AI score0.0131EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/15 12:0 a.m.•55 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shar...

9.8CVSS9.6AI score0.00602EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2024/08/14 12:0 a.m.•81 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: phy: CVE-2024-26600 kernel: netfilter: multiple flaws CVE-2024-26808, CVE-2024-27065, CVE-2024-35899, CVE-2024-36005 kernel: cifs: CVE-2024-26828 kernel: wifi: multiple flaws...

9.1CVSS7.2AI score0.02701EPSS
Exploits2References94
AlmaLinux
AlmaLinux
•added 2024/08/14 12:0 a.m.•48 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozilla: Type...

9.8CVSS9.5AI score0.00602EPSS
Exploits0References22
AlmaLinux
AlmaLinux
•added 2024/08/14 12:0 a.m.•36 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shar...

9.8CVSS9.6AI score0.00602EPSS
Exploits0References24
AlmaLinux
AlmaLinux
•added 2024/08/14 12:0 a.m.•22 views

Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.7AI score0.02114EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/08/14 12:0 a.m.•58 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: EMBARGOED Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozill...

9.8CVSS9.5AI score0.00602EPSS
Exploits0References22
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•56 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in Request.ParseMultipartForm...

8.3CVSS7.3AI score0.01533EPSS
Exploits0References18
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•40 views

Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

7.5CVSS6.9AI score0.02085EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•35 views

Moderate: orc security update

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic...

7CVSS7.3AI score0.00379EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•46 views

Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Predictable TCP Initial Sequence Numbers CVE-2023-45236 edk2: Use of a Weak PseudoRandom Number Generator CVE-2023-452...

7.5CVSS6.8AI score0.00986EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•23 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7.5CVSS6.8AI score0.00785EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•32 views

Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating...

7.5CVSS7.1AI score0.01261EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•35 views

Moderate: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip:...

9.8CVSS7.8AI score0.01952EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•27 views

Moderate: gnome-shell security update

GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and...

6.5CVSS7.4AI score0.00299EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•30 views

Low: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: REXML: DoS parsing an XML with many s in an attribute value CVE-2024-35176 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

5.3CVSS6.9AI score0.02064EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•35 views

Moderate: wget security update

The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fixes: wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

9.1CVSS6.8AI score0.00672EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•75 views

Moderate: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.108 and .NET Runtime 8.0.8...

6.5CVSS6.3AI score0.0131EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•62 views

Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 For more details about the security issues, including the impact, a...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/08/13 12:0 a.m.•36 views

Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

9.1CVSS7AI score0.01863EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/08/12 12:0 a.m.•38 views

Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: Malformed userPassword hash may cause Denial of Service CVE-2024-59...

6.5CVSS7.1AI score0.00923EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/08/12 12:0 a.m.•49 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 For more details about the security issues, including the impact,...

9.8CVSS6.9AI score0.41611EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/08 12:0 a.m.•82 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure traceclockglobal to...

9.8CVSS7.8AI score0.01358EPSS
Exploits1References300
AlmaLinux
AlmaLinux
•added 2024/08/08 12:0 a.m.•50 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 For more details about the security issues, including the impact,...

9.8CVSS6.9AI score0.41611EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/08/08 12:0 a.m.•136 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: powerpc: Fix access beyond end of drmem array CVE-2023-52451 kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure...

9.8CVSS7.6AI score0.01358EPSS
Exploits2References322
AlmaLinux
AlmaLinux
•added 2024/08/07 12:0 a.m.•37 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tifdirread.c CVE-2018-15209 libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c CVE-2023-25433...

8.8CVSS7.7AI score0.03969EPSS
Exploits2References10
AlmaLinux
AlmaLinux
•added 2024/07/31 12:0 a.m.•109 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned CVE-2023-52458 kernel: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfoun...

7.8CVSS7.2AI score0.00888EPSS
Exploits0References36
AlmaLinux
AlmaLinux
•added 2024/07/31 12:0 a.m.•24 views

Important: freeradius:3.0 security update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: forgery attack CVE-2024-3596 For more details about the security issues...

9CVSS7.2AI score0.14859EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2024/07/31 12:0 a.m.•22 views

Important: freeradius security update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: forgery attack CVE-2024-3596 For more details about the security issues...

9CVSS7.2AI score0.14859EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2024/07/25 12:0 a.m.•42 views

Moderate: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Out-of-bounds write error may lead to Denial of Service...

6.5CVSS6.9AI score0.6005EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•56 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Encoding problem in modproxy CVE-2024-38473 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: Improper escaping of output in modrewrite CVE-2024-38475...

9.8CVSS9.3AI score0.99957EPSS
Exploits2References12
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•19 views

Moderate: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

6.7CVSS7.4AI score0.02421EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•22 views

Low: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.2AI score0.01034EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•28 views

Low: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.2AI score0.01034EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•23 views

Moderate: libvirt security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

6.2CVSS7.3AI score0.00486EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•29 views

Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

7.5CVSS7.5AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•19 views

Moderate: libuv security update

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.3CVSS7.3AI score0.02003EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•20 views

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

6.5CVSS7.4AI score0.01008EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•90 views

Moderate: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: kernel: Reserved fields in guest message responses may not be zero initialized CVE-2023-31346 For more details about the security issues, including the impact, a CVSS...

6CVSS7AI score0.00309EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•63 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer dereference in modproxy...

9.8CVSS7.3AI score0.99957EPSS
Exploits2References12
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•28 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 For more details about the security issues, including the impact...

7.5CVSS7.4AI score0.01533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/23 12:0 a.m.•38 views

Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: EDK2: integer overflow in CreateHob could lead to HOB OOB R/W CVE-2022-36765 edk2: Predictable TCP Initial Sequence Numbers...

7.8CVSS7.5AI score0.00986EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•42 views

Important: libndp security update

Libndp is a library used by NetworkManager that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. Security Fixes: libndp: buffer overflow in route information length field CVE-2024-5564 For more details about...

8.1CVSS8.5AI score0.01165EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/07/18 12:0 a.m.•31 views

Important: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 For more details about the security issues,...

8.6CVSS7.3AI score0.00494EPSS
Exploits0References4
Total number of security vulnerabilities5315