Lucene search
K
AlmalinuxRecent

5313 matches found

AlmaLinux
AlmaLinux
•added 2026/05/04 12:0 a.m.•8 views

Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

8.1CVSS5.9AI score0.00419EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2026/05/04 12:0 a.m.•11 views

Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

8.1CVSS6.2AI score0.00419EPSS
Exploits0References12
AlmaLinux
AlmaLinux
•added 2026/05/04 12:0 a.m.•28 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state CVE-2026-23136 kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of...

9.8CVSS5.9AI score0.96267EPSS
Exploits228References10
AlmaLinux
AlmaLinux
•added 2026/05/01 12:0 a.m.•23 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS5.8AI score0.96267EPSS
Exploits228References3
AlmaLinux
AlmaLinux
•added 2026/05/01 12:0 a.m.•20 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.8CVSS5.8AI score0.96267EPSS
Exploits228References3
AlmaLinux
AlmaLinux
•added 2026/04/30 12:0 a.m.•10 views

Important: libcap security update

Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7CVSS5.8AI score0.00188EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/04/30 12:0 a.m.•11 views

Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 For more details about the security issues,...

7.8CVSS6.2AI score0.00553EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/30 12:0 a.m.•11 views

Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

7.8CVSS5.9AI score0.00173EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/30 12:0 a.m.•18 views

Important: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: cryptography: cryptography Subgroup Attack Due to Missing Subgroup...

8.2CVSS6.6AI score0.0058EPSS
Exploits2References8
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•22 views

Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS5.5AI score0.0046EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•12 views

Important: PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fixes: PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 For more details abou...

8.8CVSS5.6AI score0.0046EPSS
Exploits10References4
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•11 views

Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•17 views

Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.2CVSS6.3AI score0.0047EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•6 views

Important: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling...

7.8CVSS5.6AI score0.0038EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•14 views

Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

7.8CVSS5.5AI score0.00173EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/29 12:0 a.m.•6 views

Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential...

7.8CVSS5.6AI score0.0038EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/04/28 12:0 a.m.•9 views

Important: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling...

7.8CVSS5.6AI score0.0038EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/04/28 12:0 a.m.•13 views

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

9.8CVSS6.3AI score0.00746EPSS
Exploits2References6
AlmaLinux
AlmaLinux
•added 2026/04/28 12:0 a.m.•6 views

Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential...

7.8CVSS5.6AI score0.0038EPSS
Exploits0References8
AlmaLinux
AlmaLinux
•added 2026/04/28 12:0 a.m.•7 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 For more details about the security issues, including the impact, a CVSS...

6.2CVSS5.3AI score0.00144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•26 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS6.7AI score0.01279EPSS
Exploits1References24
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•7 views

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

7.5CVSS8.2AI score0.01069EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•9 views

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

7.5CVSS5.8AI score0.01069EPSS
Exploits1References4
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•19 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

8.8CVSS7.1AI score0.00961EPSS
Exploits2References38
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•24 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

9.8CVSS5.3AI score0.04938EPSS
Exploits1References52
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•8 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 For more details about the security issues, including the impact, a CVSS score,...

9.8CVSS6AI score0.01735EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•7 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

9.8CVSS5.7AI score0.0038EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•9 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

9.8CVSS5.3AI score0.04938EPSS
Exploits1References52
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•19 views

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS6AI score0.00579EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•13 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS6AI score0.00579EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•13 views

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS6AI score0.00579EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•18 views

Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS6AI score0.00579EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/27 12:0 a.m.•11 views

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS6AI score0.00579EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/23 12:0 a.m.•11 views

Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS5.4AI score0.00651EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/23 12:0 a.m.•7 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 For more details about the security issues, including the impact, a...

7.5CVSS5.3AI score0.00309EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/23 12:0 a.m.•13 views

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/04/23 12:0 a.m.•16 views

Important: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016 JDK:...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References10
AlmaLinux
AlmaLinux
•added 2026/04/23 12:0 a.m.•15 views

Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References9
AlmaLinux
AlmaLinux
•added 2026/04/22 12:0 a.m.•10 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

8.8CVSS5AI score0.00961EPSS
Exploits0References38
AlmaLinux
AlmaLinux
•added 2026/04/22 12:0 a.m.•20 views

Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK:...

8.2CVSS6.5AI score0.01052EPSS
Exploits2References14
AlmaLinux
AlmaLinux
•added 2026/04/21 12:0 a.m.•20 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion...

9.8CVSS6.2AI score0.01052EPSS
Exploits1References12
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•8 views

Important: giflib security update

giflib is a library for reading and writing gif images. Security Fixes: giflib: Giflib: Double-free vulnerability leading to memory corruption CVE-2026-23868 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...

7CVSS5.5AI score0.00144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•7 views

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution v...

7.5CVSS6.6AI score0.00426EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•7 views

Important: giflib security update

giflib is a library for reading and writing gif images. Security Fixes: giflib: Giflib: Double-free vulnerability leading to memory corruption CVE-2026-23868 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...

7CVSS5.6AI score0.00144EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•7 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 For more details about the security issues, including t...

7.8CVSS6AI score0.00171EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•11 views

Important: OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This package contains libraries and sample applications for handling the format. Security Fixes: openexr: OpenEXR: Arbitrary code execution via integer overflow in...

8.4CVSS6AI score0.00201EPSS
Exploits2References4
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•7 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 For more details about the...

7.8CVSS6AI score0.00171EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•9 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: ALSA: aloop: Fix racy access at PCM trigger CVE-2026-2319...

7.8CVSS6AI score0.00171EPSS
Exploits0References6
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•10 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: net/url:...

7.5CVSS5.7AI score0.00728EPSS
Exploits0References4
AlmaLinux
AlmaLinux
•added 2026/04/20 12:0 a.m.•8 views

Important: go-rpm-macros security update

This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References4
Total number of security vulnerabilities5313