Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•10 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•13 views

Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•10 views

Moderate: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: OpenSSL:...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/06/01 12:0 a.m.•16 views

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd:...

9.8CVSS6.3AI score0.04409EPSS
Exploits1References14
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•13 views

Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS7.2AI score0.01016EPSS
Exploits0References3
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•30 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

9.4CVSS6.6AI score0.00514EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•17 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS5.5AI score0.00514EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•15 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

10CVSS7.7AI score0.0168EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•19 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

10CVSS7.7AI score0.0168EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/28 12:0 a.m.•24 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...

9.4CVSS6AI score0.00514EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•10 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•44 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•16 views

Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS5.9AI score0.01016EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•23 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•15 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•13 views

Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•14 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References40
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•23 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•24 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due to missing null-termination...

9.8CVSS6.3AI score0.01325EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•14 views

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/27 12:0 a.m.•14 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•20 views

Important: gnutls security update

Please update the gnutls packages to provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassemb...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References19
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•25 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.5CVSS5.9AI score0.00357EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•21 views

Important: ruby:4.0 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary...

9.1CVSS6.7AI score0.01131EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•19 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•4 views

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7.5CVSS6.4AI score0.00357EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•4 views

Important: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram...

9.8CVSS6.6AI score0.01335EPSS
Exploits2References21
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•18 views

Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

7.5CVSS6AI score0.00403EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•4 views

Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

9.1CVSS6.8AI score0.01127EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•16 views

Important: compat-libtiff3 security update

The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF Tagged Image File Format image format files. This version should be used only if you are unable to use the current version of libtiff. Security Fixes: libtiff: libtiff: Arbitrary code execution or...

7.8CVSS6.2AI score0.00553EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•14 views

Important: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•15 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•13 views

Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

8.8CVSS6AI score0.07237EPSS
Exploits3References12
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•17 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/26 12:0 a.m.•15 views

Moderate: libexif security update

The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service and information disclosure via integer...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•18 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in th...

7.8CVSS6.1AI score0.03663EPSS
Exploits17References6
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•13 views

Important: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in imareaderinit CVE-2026-37555 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.2CVSS5.9AI score0.00504EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•12 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...

9.8CVSS6.1AI score0.93235EPSS
Exploits45References36
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•12 views

Important: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in imareaderinit CVE-2026-37555 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.2CVSS5.9AI score0.00504EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•12 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-46300 kernel: Read root-owned fil...

7.8CVSS6.1AI score0.03663EPSS
Exploits17References6
AlmaLinux
AlmaLinux
•added 2026/05/20 12:0 a.m.•15 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•19 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.1AI score0.01279EPSS
Exploits1References26
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•9 views

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•17 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS6.6AI score0.1096EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•9 views

Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

4.4CVSS5.8AI score0.00093EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

7.4CVSS7.5AI score0.00444EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Double Free Vulnerability in libssh Key Export Functions CVE-2025-5351 libssh: Use of uninitialized variable in privatekeyfromfile CVE-2025-4878 libssh: Write...

8.2CVSS6.3AI score0.00582EPSS
Exploits0References22
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

7.5CVSS7.3AI score0.01069EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•15 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-317...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

9.8CVSS6.6AI score0.00746EPSS
Exploits2References6
Total number of security vulnerabilities5313