Lucene search
K
AlmalinuxRecent

5315 matches found

AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References16
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.5AI score0.0047EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•21 views

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Moderate: luksmeta security update

LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...

4.4CVSS5.8AI score0.00093EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•23 views

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

7.4CVSS7.5AI score0.00444EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•30 views

Important: python3.14 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.5AI score0.00621EPSS
Exploits0References20
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•6 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

9.8CVSS6.8AI score0.00489EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Important: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: giflib update

Please update...

7CVSS7.1AI score0.00144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Moderate: p11-kit security update

The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides certificate anchors and black lists based on configuration files. Security Fixes: p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Moderate: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...

7.5CVSS7AI score0.01729EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Double Free Vulnerability in libssh Key Export Functions CVE-2025-5351 libssh: Use of uninitialized variable in privatekeyfromfile CVE-2025-4878 libssh: Write...

8.2CVSS6.3AI score0.00582EPSS
Exploits0References22
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•20 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.1AI score0.01279EPSS
Exploits1References26
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•4 views

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP:Memo...

7.8CVSS7.6AI score0.00755EPSS
Exploits1References14
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

7.8CVSS7.2AI score0.01761EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•15 views

Critical: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•17 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS6.6AI score0.1096EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bonding: check xdp prog when set bond mode CVE-2025-22105 kernel: block: fix resource leak in blkregisterqueue error path CVE-2025-37980 kernel: dmaengine: idxd: fix memory leak in error...

7.8CVSS5.5AI score0.00286EPSS
Exploits1References30
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

7.5CVSS7.3AI score0.01069EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•18 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in authencesn due to too-short AAD CVE-2026-23060 kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 kernel: crypto: afalg - limit...

8.8CVSS7.2AI score0.96267EPSS
Exploits255References10
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•14 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

8.8CVSS6.7AI score0.00961EPSS
Exploits2References38
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

9.8CVSS6.6AI score0.00746EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.2AI score0.00482EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•5 views

Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Denial of service due to use-after-free vulnerability...

9.8CVSS6.6AI score0.00599EPSS
Exploits7References18
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

3.3CVSS5.8AI score0.00162EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•4 views

Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

7.5CVSS6AI score0.00403EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•15 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-317...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS7.4AI score0.0046EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Moderate: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment CVE-2026-5119 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•15 views

Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...

9.8CVSS6.6AI score0.00754EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Critical: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•20 views

Critical: nginx:1.26 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•25 views

Moderate: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 For more...

7.5CVSS7.1AI score0.00783EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service...

7.5CVSS6.9AI score0.00651EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•25 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•19 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

9.8CVSS6AI score0.04938EPSS
Exploits1References60
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Low: python-jwcrypto security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

5.3CVSS5.8AI score0.00294EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•16 views

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•13 views

Important: libcap security update

Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7CVSS5.8AI score0.00188EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•14 views

Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential...

7.8CVSS5.8AI score0.0038EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 For more details about the security issues,...

7.8CVSS6.2AI score0.00553EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•11 views

Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•12 views

Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

8.8CVSS6.5AI score0.01535EPSS
Exploits5References12
AlmaLinux
AlmaLinux
•added 2026/05/19 12:0 a.m.•10 views

Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References6
Total number of security vulnerabilities5315