Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•15 views

Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•31 views

Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•10 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•10 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•19 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

10CVSS7.7AI score0.0168EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•15 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

10CVSS7.7AI score0.0168EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•17 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS5.5AI score0.00514EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•30 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

9.4CVSS6.6AI score0.00514EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•24 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...

9.4CVSS6AI score0.00514EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•13 views

Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS7.2AI score0.01016EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•23 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•15 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•13 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•16 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•16 views

Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS5.9AI score0.01016EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•24 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due to missing null-termination...

9.8CVSS6.3AI score0.01325EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•23 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•14 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•14 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•10 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•44 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•19 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•16 views

Important: compat-libtiff3 security update

The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF Tagged Image File Format image format files. This version should be used only if you are unable to use the current version of libtiff. Security Fixes: libtiff: libtiff: Arbitrary code execution or...

7.8CVSS6.2AI score0.00553EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•14 views

Important: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•20 views

Important: gnutls security update

Please update the gnutls packages to provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassemb...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References19
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•18 views

Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

7.5CVSS6AI score0.00403EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•25 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.5CVSS5.9AI score0.00357EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•15 views

Moderate: libexif security update

The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service and information disclosure via integer...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•4 views

Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

9.1CVSS6.8AI score0.01127EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•4 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.5CVSS6.4AI score0.00357EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•4 views

Important: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram...

9.8CVSS6.6AI score0.01335EPSS
Exploits2References21
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•21 views

Important: ruby:4.0 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary...

9.1CVSS6.7AI score0.01131EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•15 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•17 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•13 views

Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

8.8CVSS6AI score0.07237EPSS
Exploits3References12
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•18 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in th...

7.8CVSS6.1AI score0.03663EPSS
Exploits17References6
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•12 views

Important: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in imareaderinit CVE-2026-37555 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.2CVSS5.9AI score0.00504EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•13 views

Important: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in imareaderinit CVE-2026-37555 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.2CVSS5.9AI score0.00504EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•12 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...

9.8CVSS6.1AI score0.93235EPSS
Exploits45References36
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•15 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•12 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-46300 kernel: Read root-owned fil...

7.8CVSS6.1AI score0.03663EPSS
Exploits17References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Moderate: libvirt security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

5.5CVSS6.6AI score0.00185EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS6.9AI score0.00651EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

8.8CVSS6AI score0.07237EPSS
Exploits3References12
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•19 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

9.8CVSS6AI score0.04938EPSS
Exploits1References60
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•14 views

Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

7.8CVSS5.9AI score0.00173EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•9 views

Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•21 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•23 views

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References8
Total number of security vulnerabilities5313