Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryUbuntuattack vector

Ubuntu 20.04 LTS USN-5806-3 Moderate: Ruby HTTP Response Risk

Ruby could allow for internet traffic to be modified if a vulnerable application processed malicious user input.. =========================================================================Ubuntu Security Notice USN-5806-3 March 20, 2023 ruby2.7 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Ruby could allow for internet traffic to be modified if a vulnerable application processed malicious user input. Software Description: - ruby2.7: Object-oriented scripting language Details: USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Original advisory details: Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libruby2.7 2.7.0-5ubuntu1.8 ruby2.7 2.7.0-5ubuntu1.8 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5806-3 https://ubuntu.com/security/notices/USN-5806-1 CVE-2021-33621 Package Information: https://launchpad.net/ubuntu/+source/ruby2.7/2.7.0-5ubuntu1.8 . A flaw in Ruby on Ubuntu 20.04 LTS may affect web traffic. Ensure your system is updated for protection.. Ubuntu Ruby Security, HTTP Response Modification, Malicious Input Risk. . LinuxSecurity.com Team

Calendar 2 Mar 20, 2023 Ubuntu
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatcritical

Red Hat: RHSA-2018:2664-01 Critical: JBoss Remote Execution Threat

A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Critical: Red Hat JBoss Enterprise Application Platform 5.2 security update Advisory ID: RHSA-2018:2664-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2018:2664 Issue date: 2018-09-10 CVE Names: CVE-2018-12533 ==================================================================== 1. Summary: A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 Server - noarch Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 Server - noarch 3. Description: Red Hat JBoss Enterprise Application Platform 5.2 is a platform for Java applications based on jbossas. This asynchronous patch is a security update for RichFaces and Apache CXF packages in Red Hat JBoss Enterprise Application Platform 5.2. Security Fix(es): * Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource. (CVE-2018-12533) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, backup your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. The JBoss server process must be restarted for the update to take effect. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1584490 - CVE-2018-12533 RichFaces: Injection of arbitrary EL expressions allows remote code execution via org.richfaces.renderkit.html.Paint2DResource 6. Package List: Red Hat JBoss Enterprise Application Platform 5 for RHEL 5 Server: Source: richfaces-3.3.1-7.SP3_patch_02.ep5.el5.src.rpm noarch: richfaces-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm richfaces-cdk-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm richfaces-demo-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm richfaces-docs-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm richfaces-framework-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm richfaces-root-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm richfaces-ui-3.3.1-7.SP3_patch_02.ep5.el5.noarch.rpm Red Hat JBoss Enterprise Application Platform 5 for RHEL 6 Server: Source: richfaces-3.3.1-4.SP3_patch_02.ep5.el6_10.src.rpm noarch: richfaces-3.3.1-4.SP3_patch_02.ep5.el6_10.noarch.rpm richfaces-demo-3.3.1-4.SP3_patch_02.ep5.el6_10.noarch.rpm richfaces-framework-3.3.1-4.SP3_patch_02.ep5.el6_10.noarch.rpm richfaces-root-3.3.1-4.SP3_patch_02.ep5.el6_10.noarch.rpm richfaces-ui-3.3.1-4.SP3_patch_02.ep5.el6_10.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-12533 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBW5aFWtzjgjWX9erEAQjE0w/+Lm/BGIMXmZUi8yOH7gTLaz7xEgShZQca fmG/7qiln/ZvfYHl6R8XAvUl9wnKxndq1dpxtJ5Tudzsr+BPs+SG+UXpX1s9Dd6W wytuOsEhCgDNExclHForquBkm9MKByqLFaKsG4AIDNl+TTASdZfF/Z2jxHBIJxb6 QCOL0WPRiz30LVtqlUw9YslaF1Hyi8BUC16QvreT5Pp51akFU3QCTLHs12Ml7FEK Fw6DxjrBFFCfiKV2NV8AyXLjVYqK6eB14h/d/k02RuFKvwilL1fJuLawnUxXVy2N Ms6deu6mxek4yOmp5Ui+1DXs1hvmXXRmqGEDTmGuhsX3pMIl4R+nTSzFRzpS93sg E9y0tpQdU1rYQP2SDrE2iEv8tAlxFDrz11javttDHIZi/hsnKP8rLSzo7VOrk9SE SZWZr95vjzl/Xere1i4BrdKBXYtoG1q7DVVtyZMD/EyX8lNYvqdABpNs9/mwu5dm J/vrCgExmok4z3UZ5Y8cDnFO13dhG6HbkXusWWp5GKOLuSUy/EniGutzmzGPFmnl UKK7NXTf91LCmjfqfBcvkRUOw4qEphzYRZNuvA1m5A6vXp2hC5h/IlBAYZ6Q2FxC ruLUs+iS3/hvAUrgaGMJ3i6MzL2PsOKkyss5Vh1MD17JP3zxcVYu4KRuMB3UWMAX JwFU//2S3ko=Xwm4 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Urgent security patch released for Red Hat JBoss Enterprise Application to address significant remote code execution vulnerability.. JBoss Security Update, Red Hat Advisory, Remote Execution Risk, Critical Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 10, 2018 Critical Red Hat
Banner 3 1028x280 1708121785 1771599793
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryremote executiongentoo linux

Gentoo GLSA-202104-02 Critical: Tqdm Arbitrary Code Execution Flaw

A vulnerability in tqdm could allow remote attackers to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201807-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: tqdm: Arbitrary code execution Date: July 18, 2018 Bugs: #636384 ID: 201807-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in tqdm could allow remote attackers to execute arbitrary code. Background ========= tqdm is a smart progress meter. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-python/tqdm < 4.23.3 > = 4.23.3 Description ========== A vulnerablility was discovered in tqdm._version that could allow a malicious git log within the current working directory. Impact ===== A remote attacker could execute arbitrary commands by enticing a user to clone a crafted repo. Workaround ========= There is no known workaround at this time. Resolution ========= All tqdm users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/tqdm-4.23.3" References ========= [ 1 ] CVE-2016-10075 https://nvd.nist.gov/vuln/detail/CVE-2016-10075 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201807-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concernsshould be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Linux Security Advisory GLSA 202109-02 addresses a moderate severity vulnerability in requests allowing local file discovery.. tqdm Arbitrary Code Execution, application risk, package update. . LinuxSecurity.com Team

Calendar 2 Jul 18, 2018 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuesoftware update

Debian DSA-2620-1 Critical: Remote Code Execution in Rails

Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development. CVE-2013-0276 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2620-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer February 12, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rails Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0276 CVE-2013-0277 Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development. CVE-2013-0276 The blacklist provided by the attr_protected method could be bypassed with crafted requests, having an application-specific impact. CVE-2013-0277 In some applications, the +serialize+ helper in ActiveRecord could be tricked into deserializing arbitrary YAML data, possibly leading to remote code execution. For the stable distribution (squeeze), these problems have been fixed in version 2.3.5-1.2+squeeze7. We recommend that you upgrade your rails packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Several security flaws in Ruby on Rails may result in unauthorized code execution or specific application issues. It is recommended to update immediately.. Ruby On Rails, Debian Security Advisory, Remote Code Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 12, 2013 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here