Find the information you need for your favorite open source distribution .
A Buffer Overflow vulnerability was found in the LibRaw::stretch() function, which could lead to denial of service or information disclosure when parsing a malicious CRW file.
Vulnerabilities were found in libssh2, a client-side C library implementing the SSH2 protocol, which could lead to denial of service or remote information disclosure.
It was discovered that there was a potential denial of service vulnerability in Django, a popular Python-based web development framework.
It was discovered that there was a potential Denial of Service (DoS) vulnerability in memcached, a high-performance in-memory object caching system.
Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.
Security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in information disclosure, denial of service or potentially remote code execution.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For Debian 10 buster, these problems have been fixed in version
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Demuxer vulnerabilities have been fixed in the RealMedia demuxers for the GStreamer media framework. For Debian 10 buster, this problem has been fixed in version
Multiple vulnerabilities were found in otrs2, the Open-Source Ticket Request System, which could lead to impersonation, denial of service, information disclosure, or execution of arbitrary code.
It was discovered that there was an issue in the opendmarc DMARC email filter system. A call to "db_stop" was missing from the post-installation script which meant that, under some configurations, the script would hang indefinitely.
Several issue have been found in ring/jami, a secure and distributed voice, video and chat platform. The issues are about missing boundary checks, resulting in out-of-bound
Several issues have been found in qpdf, a package with tools for transforming and inspecting PDF files. Crafted files may enable remote attackers to execute arbitrary code or
"Edbo" and Cedric Krier discovered that the Tryton application server does enforce record rules when only reading fields without an SQL type (like Function fields).
It was discovered that there was an issue in the opendmarc DMARC email filter system. A vulnerability allowed attackers to inject authentication results to provide false information about the domain that originated an email message. This was caused by incorrect
It was discovered that when using the get_post_logout_redirect and get_post_login_redirect functions in flask-security, an implementation of simple security for Flask apps, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV, an anti-virus utility for Unix, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
A specific flaw within the processing of recovery volumes exists in RAR, an archive program for rar files. It allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability. The target must visit a malicious page or open a
A specific flaw within the processing of recovery volumes exists in UnRAR, an unarchiver for rar files. It allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability. The target must visit a malicious page or open a malicious rar
Han Zheng discovered an out-of-bounds write in w3m, a text based web browser and pager. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service (DoS) or possibly have unspecified other impact.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
