Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2024/05/30 12:0 a.m.•28 views

Important: less security update

The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors. Security Fixes: less: OS command injection...

8.6CVSS6.9AI score0.00628EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/29 12:0 a.m.•106 views

Important: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.6AI score0.01386EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•47 views

Important: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: Apache Tomcat: HTTP/2 header handling DoS CVE-2024-24549 Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 Bug Fixes and Enhancements: Rebase tomcat to...

7.5CVSS6.7AI score0.23072EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•26 views

Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout CVE-2024-26643 kernel: netfilter: nftables: disallow anonymous set with timeout flag CVE-2024-26642 kernel:...

7.1CVSS7.2AI score0.00983EPSS
Exploits0References11
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•113 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...

8.1CVSS7.2AI score0.8833EPSS
Exploits16References12
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•54 views

Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.8AI score0.00333EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•27 views

Important: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19...

6.3CVSS6.5AI score0.01688EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•66 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5...

6.3CVSS6.5AI score0.01688EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•53 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

8.1CVSS7.4AI score0.0131EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•61 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288...

7.5CVSS6.9AI score0.91969EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•22 views

Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice CVE-2024-31081 xorg-x11-server: Use-after-free in...

7.8CVSS6.9AI score0.01843EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/05/23 12:0 a.m.•52 views

Moderate: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf2: heap memory corruption on gdk-pixbuf CVE-2022-48622 For more details about the security issues,...

7.8CVSS7.1AI score0.00415EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•31 views

Moderate: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with corrupted colormap CVE-2023-43789 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

5.5CVSS6.4AI score0.00365EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•35 views

Moderate: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

4.7CVSS6.3AI score0.00715EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•139 views

Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For more details about the...

7.5CVSS7.8AI score0.99999EPSS
Exploits20References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•49 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2:...

7.8CVSS6.6AI score0.00536EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•34 views

Low: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

7.5CVSS7AI score0.01128EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•57 views

Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367...

7.8CVSS7.3AI score0.01631EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c CVE-2022-4645 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

6.8CVSS6.5AI score0.00425EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•46 views

Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: missing length check in bgpattrpsidsub can lead do DoS CVE-2023-31490 frr: processes invalid NLRIs if attribute length is...

7.5CVSS6.7AI score0.02152EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•63 views

Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: HTML attribute injection when passing user input as keys to xmlattr...

6.1CVSS6.4AI score0.00892EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•48 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: full container escape at build time CVE-2024-1753 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang...

8.6CVSS6.9AI score0.01956EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•45 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313 For more details...

7.5CVSS6.8AI score0.01533EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

5.9CVSS6.6AI score0.00849EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•44 views

Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...

5.3CVSS6.8AI score0.01421EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•102 views

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. Additional...

10CVSS6.8AI score0.07619EPSS
Exploits13References97
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•39 views

Moderate: gmp security update

The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...

7.5CVSS7.3AI score0.03425EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•56 views

Moderate: python-dns security update

The python-dns package contains the dnslib module that implements a DNS client and additional modules that define certain symbolic constants used by DNS, such as dnstype, dnsclass and dnsopcode. Security Fixes: dnspython: denial of service in stub resolver CVE-2023-29483 For more details about th...

7CVSS6.8AI score0.01857EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•48 views

Important: bind and dhcp security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The Dynamic Hos...

7.5CVSS6.8AI score0.99995EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•34 views

Moderate: motif security update

The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with...

5.5CVSS6.4AI score0.00365EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•27 views

Moderate: perl-CPAN security update

The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fixes: perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS CVE-2023-31484 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS6.6AI score0.01561EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•23 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS6.8AI score0.01843EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•29 views

Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference in FoFiType1C::convertToType1 CVE-2020-36024 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

5.5CVSS6.5AI score0.00517EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•29 views

Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: stack buffer overflow in LibRawbufferdatastream::gets in src/librawdatastream.cpp CVE-2021-32142 For more details about the security issues, including the...

7.8CVSS7.1AI score0.00424EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•22 views

Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS CVE-2022-33065 For more details about the security issues, including the impact, a CVSS score,...

7.8CVSS6.9AI score0.00351EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•38 views

Moderate: exempi security update

Exempi provides a library for easy parsing of XMP metadata. Security Fixes: exempi: denial of service via opening of crafted audio file with ID3V2 frame CVE-2020-18651 exempi: denial of service via opening of crafted webp file CVE-2020-18652 For more details about the security issues, including t...

6.5CVSS6.8AI score0.00998EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•46 views

Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...

7.3CVSS7.9AI score0.8833EPSS
Exploits16References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•30 views

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

7.5CVSS6.5AI score0.01038EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•23 views

Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

8.1CVSS6.7AI score0.01121EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•21 views

Moderate: zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

5.5CVSS6.5AI score0.00317EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•32 views

Moderate: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1CVSS7.2AI score0.01033EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•33 views

Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...

7.5CVSS6.2AI score0.00985EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•27 views

Moderate: mutt security update

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: null pointer dereference CVE-2023-4874 mutt: null pointer dereference...

6.5CVSS6.5AI score0.00719EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•51 views

Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 xorg-x11-server: out-of-bounds...

9.8CVSS7.3AI score0.02106EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•46 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References14
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•23 views

Moderate: 389-ds:1.4 security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: a heap overflow leading to denail-of-servce while writing a value...

5.5CVSS6.9AI score0.00304EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•27 views

Moderate: vorbis-tools security update

The vorbis-tools packages provide an encoder, a decoder, a playback tool, and a comment editor for Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format. Security Fixes: vorbis-tools: Buffer Overflow vulnerability CVE-2023-43361...

7.8CVSS6.6AI score0.00448EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•48 views

Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...

8.8CVSS6.8AI score0.02084EPSS
Exploits1References18
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•36 views

Moderate: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-25126 rubygem-rack: Possible DoS Vulnerability with Range Header in Rack CVE-2024-26141...

7.5CVSS6.6AI score0.35376EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2024/05/22 12:0 a.m.•29 views

Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer-plugins-good: integer overflow leading to hea...

8.8CVSS6.8AI score0.01537EPSS
Exploits0References4
Total number of security vulnerabilities5315