Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2023/12/13 12:0 a.m.•34 views

Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

8.8CVSS6.3AI score0.04322EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•29 views

Important: tracker-miners security update

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. Security Fixes: tracker-miners: sandbox escape CVE-2023-5557 For more details about the security issues, including th...

7.7CVSS6.9AI score0.00867EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•75 views

Moderate: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: crypto/tls: slow verification of certificate chains containing large RSA keys...

7.5CVSS7.7AI score0.01328EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•39 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: crafted xml can cause global buffer overflow CVE-2023-39615 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

6.5CVSS7.3AI score0.00667EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•54 views

Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS7.8AI score0.01328EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•33 views

Moderate: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

7.5CVSS7.7AI score0.01328EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•63 views

Moderate: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-29409 golang: crypto/tls: panic when processing post-handshake...

7.5CVSS7.7AI score0.01328EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•65 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-29409 golang: html/template:...

7.5CVSS7.8AI score0.01328EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•62 views

Moderate: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: python-certifi: Removal of e-Tugra root certificate CVE-2023-37920...

9.8CVSS7.4AI score0.01207EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/12/12 12:0 a.m.•32 views

Moderate: pixman security update

Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fixes: pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

8.8CVSS7.3AI score0.0144EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/12/11 12:0 a.m.•46 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Arbitrary Remote Code Execution CVE-2023-42917 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.8CVSS8AI score0.0937EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/12/11 12:0 a.m.•58 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Arbitrary Remote Code Execution CVE-2023-42917 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.8CVSS7.8AI score0.0937EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/12/11 12:0 a.m.•45 views

Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

8.8CVSS8.4AI score0.04322EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/12/11 12:0 a.m.•23 views

Moderate: apr security update

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fixes: apr: integer overflow/wraparound in aprencode CVE-2022-24963 For more details about the security issues,...

9.8CVSS6.8AI score0.01472EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/12/11 12:0 a.m.•42 views

Important: tracker-miners security update

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. Security Fixes: tracker-miners: sandbox escape CVE-2023-5557 For more details about the security issues, including th...

7.7CVSS7.3AI score0.00867EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/12/06 12:0 a.m.•63 views

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS against HTTP and HTTPS CVE-2023-5824 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS6.9AI score0.05229EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/29 12:0 a.m.•26 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

8.8CVSS8.4AI score0.04322EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/11/28 12:0 a.m.•94 views

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe CVE-2023-2163 kernel: tun: bugs for oversize packet when napi frags enabled in tunnapiallocfrag...

10CVSS7.7AI score0.09141EPSS
Exploits2References16
AlmaLinux
AlmaLinux
•added 2023/11/27 12:0 a.m.•22 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in MessagePort::Entangled CVE-2023-6205 Mozilla: Clickjacking...

8.8CVSS8AI score0.01406EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/11/27 12:0 a.m.•48 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.5.0 ESR. Security Fixes: Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in...

8.8CVSS8AI score0.01406EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/11/27 12:0 a.m.•59 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.5.0 ESR. Security Fixes: Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in...

8.8CVSS9.6AI score0.01406EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/11/27 12:0 a.m.•40 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in MessagePort::Entangled CVE-2023-6205 Mozilla: Clickjacking...

8.8CVSS9.5AI score0.01406EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2023/11/22 12:0 a.m.•59 views

Moderate: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: smbd allows client access to unix domain sockets ...

9.8CVSS7.3AI score0.02409EPSS
Exploits1References8
AlmaLinux
AlmaLinux
•added 2023/11/22 12:0 a.m.•48 views

Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS against HTTP and HTTPS CVE-2023-5824 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.1AI score0.05229EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•46 views

Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

7.5CVSS7.2AI score0.00667EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•49 views

Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.125 and .NET Runtime 6.0.25...

9.8CVSS7AI score0.12512EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•51 views

Moderate: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14...

9.8CVSS7AI score0.12512EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•36 views

Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

7.5CVSS7AI score0.00667EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•50 views

Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.125 and .NET Runtime 6.0.25...

9.8CVSS7.2AI score0.12512EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•34 views

Moderate: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14...

9.8CVSS7.2AI score0.12512EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•54 views

Moderate: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fixes: dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass...

9.8CVSS7.2AI score0.12512EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/15 12:0 a.m.•45 views

Moderate: dotnet8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fixes: dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass...

9.8CVSS7AI score0.12512EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•33 views

Moderate: java-21-openjdk security and bug fix update

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: OpenJDK: memory corruption issue on x8664 with AVX-512 8317121 CVE-2023-22025 OpenJDK: certificate path validation issue during client authentication...

5.3CVSS7.5AI score0.014EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•55 views

Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.8CVSS6.9AI score0.27095EPSS
Exploits4References6
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•39 views

Moderate: sysstat security and bug fix update

The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity. Security Fixes: sysstat: checkoverflow function can work incorrectly that lead to an overflow CVE-2023-33204 For more details about the security issues,...

7.8CVSS7.4AI score0.00327EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•55 views

Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS7.1AI score0.01327EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•24 views

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

6.5CVSS7.2AI score0.00691EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•25 views

Moderate: xorg-x11-server security and bug fix update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability...

7.8CVSS6.9AI score0.0044EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•52 views

Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused b...

7.5CVSS7.6AI score0.01324EPSS
Exploits1References10
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•28 views

Low: shadow-utils security and bug fix update

The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. Security Fixes: shadow-utils: possible password leak during passwd1 change CVE-2023-4641 For more details about the security...

5.5CVSS7.1AI score0.00257EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•31 views

Low: procps-ng security update

The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fixes: procps: ps buffer overflow CVE-2023-4016 For more details about the security issues, including...

3.3CVSS7.4AI score0.00239EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•33 views

Moderate: librabbitmq security update

The librabbitmq packages provide an Advanced Message Queuing Protocol AMQP client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Security Fixes: rabbitmq-c/librabbitmq: Insecure credentials submission CVE-2023-35789 For more details about the security issue...

5.5CVSS6.9AI score0.00214EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•41 views

Moderate: avahi security update

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...

5.5CVSS6.8AI score0.00392EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•52 views

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

8.2CVSS7AI score0.0053EPSS
Exploits1References6
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•27 views

Moderate: libmicrohttpd security update

GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote DoS CVE-2023-27371 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

5.9CVSS7AI score0.01243EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•51 views

Moderate: ghostscript security and bug fix update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: buffer overflow in base/sbcp.c leading to data corruption CVE-2023-28879...

9.8CVSS7.9AI score0.06341EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•46 views

Moderate: samba security, bug fix, and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version:...

7.5CVSS7AI score0.62606EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•40 views

Low: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: Uninitialized variable usage in munitsPerEm CVE-2023-32573 For more detail...

6.5CVSS7AI score0.00877EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•50 views

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS7AI score0.65692EPSS
Exploits2References10
AlmaLinux
AlmaLinux
•added 2023/11/14 12:0 a.m.•41 views

Moderate: python27:2.7 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

6.1CVSS6.9AI score0.02782EPSS
Exploits1References4
Total number of security vulnerabilities5315