Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•41 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•77 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868 For more details about th...

7.5CVSS7.2AI score0.99995EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•26 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•41 views

Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Side-channel leaks while stripping...

5.9CVSS7.3AI score0.01156EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•35 views

Important: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•70 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...

8.1CVSS8.1AI score0.00937EPSS
Exploits1References18
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•35 views

Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•67 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868 For more details about th...

7.5CVSS7.2AI score0.99995EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•33 views

Moderate: opensc security update

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. Security Fixes: OpenSC: Side-channel leaks while stripping...

5.9CVSS7.3AI score0.01156EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/02/26 12:0 a.m.•55 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547 Mozilla: Memory...

8.1CVSS8AI score0.00937EPSS
Exploits1References18
AlmaLinux
AlmaLinux
•added 2024/02/22 12:0 a.m.•34 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/22 12:0 a.m.•41 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...

8.1CVSS8.1AI score0.00937EPSS
Exploits1References18
AlmaLinux
AlmaLinux
•added 2024/02/22 12:0 a.m.•44 views

Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/20 12:0 a.m.•64 views

Moderate: oniguruma security update

Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: Use-after-free in onignewdeluxe in regext.c CVE-2019-13224 oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c CVE-2019-16163 oniguruma: integer overflow i...

9.8CVSS7.7AI score0.10539EPSS
Exploits6References12
AlmaLinux
AlmaLinux
•added 2024/02/20 12:0 a.m.•55 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326 golang: cmd/go: Protocol Fallback when fetching modules CVE-2023-452...

7.5CVSS6.8AI score0.01208EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/20 12:0 a.m.•49 views

Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023...

7.5CVSS8AI score0.01782EPSS
Exploits0References152
AlmaLinux
AlmaLinux
•added 2024/02/20 12:0 a.m.•30 views

Low: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 For more details about the security issues,...

5.3CVSS9.5AI score0.05533EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/20 12:0 a.m.•47 views

Important: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 For mor...

8.1CVSS7.3AI score0.01703EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/20 12:0 a.m.•136 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: schhfsc UAF CVE-2023-4623 kernel: use-after-free in schqfq network scheduler CVE-2023-4921 kernel: inactive elements in nftpipapowalk CVE-2023-6817 kernel: IGB driver inadequat...

7.8CVSS9.9AI score0.01549EPSS
Exploits3References40
AlmaLinux
AlmaLinux
•added 2024/02/19 12:0 a.m.•38 views

Important: gimp:2.8 security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: PSD buffe...

7.8CVSS7.3AI score0.61427EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/15 12:0 a.m.•49 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.102 and .NET Runtime 8.0.2...

7.5CVSS7AI score0.02707EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/15 12:0 a.m.•44 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.102 and .NET Runtime 8.0.2...

7.5CVSS7AI score0.02707EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/14 12:0 a.m.•57 views

Moderate: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Bug Fixes and Enhancements: CVE-2023-28487 sudo: Sudo does no...

7CVSS7.2AI score0.00953EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2024/02/13 12:0 a.m.•59 views

Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.116 and .NET Runtime 7.0.16...

7.5CVSS7.3AI score0.02707EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/13 12:0 a.m.•47 views

Important: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.127 and .NET Runtime 6.0.27...

7.5CVSS7.3AI score0.02707EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/13 12:0 a.m.•26 views

Important: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.127 and .NET Runtime 6.0.27...

7.5CVSS7.3AI score0.02707EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/13 12:0 a.m.•49 views

Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.116 and .NET Runtime 7.0.16...

7.5CVSS7.3AI score0.02707EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2024/02/12 12:0 a.m.•35 views

Moderate: tcpdump security update

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Security Fixes: tcpslice: use-after-free in extractslice CVE-2021-41043 For more details about th...

5.5CVSS7.3AI score0.0087EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/02/12 12:0 a.m.•46 views

Moderate: nss security update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: vulnerable to Minerva side-channel information leak CVE-2023-6135 For more details about the security issues, including t...

4.3CVSS6.9AI score0.00714EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/12 12:0 a.m.•32 views

Moderate: libmaxminddb security update

The libmaxminddb package contains the MaxMind DB library. Security Fixes: libmaxminddb: improper initialization in dumpentrydatalist in maxminddb.c CVE-2020-28241 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer ...

6.5CVSS7.2AI score0.02133EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/02/12 12:0 a.m.•43 views

Moderate: nss security update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: vulnerable to Minerva side-channel information leak CVE-2023-6135 For more details about the security issues, including t...

4.3CVSS6.9AI score0.00714EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/02/08 12:0 a.m.•54 views

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: file descriptor leak CVE-2024-21626 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related informatio...

8.6CVSS7.2AI score0.18087EPSS
Exploits18References4
AlmaLinux
AlmaLinux
•added 2024/02/08 12:0 a.m.•83 views

Important: container-tools:4.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: file descriptor leak "Leaky Vessels" CVE-2024-21626 A AlmaLinux Security Bulletin which addresses further details about the Leaky Vessels flaw is available in th...

8.6CVSS7.2AI score0.18087EPSS
Exploits18References8
AlmaLinux
AlmaLinux
•added 2024/02/05 12:0 a.m.•54 views

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: dds buffe...

7.8CVSS7.3AI score0.93639EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/02/02 12:0 a.m.•39 views

Important: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: runc: file descriptor leak CVE-2024-21626 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.6CVSS7.2AI score0.18087EPSS
Exploits18References4
AlmaLinux
AlmaLinux
•added 2024/02/01 12:0 a.m.•75 views

Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

6.7CVSS6.8AI score0.00491EPSS
Exploits3References8
AlmaLinux
AlmaLinux
•added 2024/01/31 12:0 a.m.•58 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 For more details about the security issues, including the impact, a CVSS score,...

5.9CVSS7.2AI score0.9378EPSS
Exploits4References4
AlmaLinux
AlmaLinux
•added 2024/01/31 12:0 a.m.•48 views

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: incomplete fix for CVE-2023-5981 CVE-2024-0553 For more details about the security issues, including the impact,...

7.5CVSS7.2AI score0.01614EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•45 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printers on Linux...

8.8CVSS8.1AI score0.02155EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•40 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.7.0 ESR. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742...

8.8CVSS8.2AI score0.02155EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•37 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

9.8CVSS9.8AI score0.02106EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•53 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

9.8CVSS9.8AI score0.02106EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•293 views

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential...

6.5CVSS7.9AI score0.9378EPSS
Exploits12References6
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•38 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.7.0 ESR. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742...

8.8CVSS8.2AI score0.02155EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2024/01/30 12:0 a.m.•52 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printers on Linux...

8.8CVSS8.1AI score0.02155EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2024/01/29 12:0 a.m.•44 views

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: HTTP request smuggling via malformed trailer headers CVE-2023-46589 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

7.5CVSS7.6AI score0.02651EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/01/29 12:0 a.m.•54 views

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the RSA-PSK authentication CVE-2023-5981 gnutls: incomplete fix for CVE-2023-5981...

7.5CVSS9.7AI score0.01614EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2024/01/25 12:0 a.m.•59 views

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.3CVSS6.8AI score0.02507EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2024/01/25 12:0 a.m.•35 views

Moderate: grub2 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: bypass the...

6.8CVSS7AI score0.00542EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2024/01/25 12:0 a.m.•96 views

Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 urllib3: Request body not stripped after redirect from 303 status changes...

8.1CVSS7AI score0.01207EPSS
Exploits0References6
Total number of security vulnerabilities5315