Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 14.04 LTS USN-2343-1 Critical: NSS Denial of Service

NSS could be made to crash or run programs as your login if it processed a specially crafted certificate.. =========================================================================Ubuntu Security Notice USN-2343-1 September 09, 2014 nss vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: NSS could be made to crash or run programs as your login if it processed a specially crafted certificate. Software Description: - nss: Network Security Service library Details: Tyson Smith and Jesse Schwartzentruber discovered that NSS contained a race condition when performing certificate validation. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: libnss3 2:3.15.4-1ubuntu7.1 Ubuntu 12.04 LTS: libnss3 3.15.4-0ubuntu0.12.04.3 Ubuntu 10.04 LTS: libnss3-1d 3.15.4-0ubuntu0.10.04.3 After a standard system update you need to restart any applications that use NSS, such as Evolution and Chromium, to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2343-1 CVE-2014-1544 Package Information: https://launchpad.net/ubuntu/+source/nss/2:3.15.4-1ubuntu7.1 https://launchpad.net/ubuntu/+source/nss/3.15.4-0ubuntu0.12.04.3 https://launchpad.net/ubuntu/+source/nss/3.15.4-0ubuntu0.10.04.3 . A critical vulnerability identified in the NSS library is detailed in Ubuntu Security Notice USN-2343-1, highlighting risks related to possible system crashes and unauthorized code execution.. NSS Vulnerability, Ubuntu 14.04 LTS, Denial of Service. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 09, 2014 Critical Ubuntu
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat Enterprise Linux

Red Hat Enterprise Linux 5 RHSA-2010:0565-01 Moderate: w3m Security Update

Updated w3m packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: w3m security update Advisory ID: RHSA-2010:0565-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0565.html Issue date: 2010-07-27 CVE Names: CVE-2010-2074 ==================================================================== 1. Summary: Updated w3m packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The w3m program is a pager (or text file viewer) that can also be used as a text mode web browser. It was discovered that w3m is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse w3m into accepting it by mistake. (CVE-2010-2074) All w3m users should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have beenapplied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 604855 - CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: w3m-0.5.1-17.el5_5.i386.rpm w3m-debuginfo-0.5.1-17.el5_5.i386.rpm w3m-img-0.5.1-17.el5_5.i386.rpm x86_64: w3m-0.5.1-17.el5_5.x86_64.rpm w3m-debuginfo-0.5.1-17.el5_5.x86_64.rpm w3m-img-0.5.1-17.el5_5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: w3m-0.5.1-17.el5_5.i386.rpm w3m-debuginfo-0.5.1-17.el5_5.i386.rpm w3m-img-0.5.1-17.el5_5.i386.rpm ia64: w3m-0.5.1-17.el5_5.ia64.rpm w3m-debuginfo-0.5.1-17.el5_5.ia64.rpm w3m-img-0.5.1-17.el5_5.ia64.rpm ppc: w3m-0.5.1-17.el5_5.ppc.rpm w3m-debuginfo-0.5.1-17.el5_5.ppc.rpm w3m-img-0.5.1-17.el5_5.ppc.rpm s390x: w3m-0.5.1-17.el5_5.s390x.rpm w3m-debuginfo-0.5.1-17.el5_5.s390x.rpm w3m-img-0.5.1-17.el5_5.s390x.rpm x86_64: w3m-0.5.1-17.el5_5.x86_64.rpm w3m-debuginfo-0.5.1-17.el5_5.x86_64.rpm w3m-img-0.5.1-17.el5_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-2074 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMTtsoXlSAg2UNWIIRAg8CAJ0QTwGEGggGgv0vh3IqgYLp9pzougCfYiql Y7sl+awh0OG33CQLq3xuTLM=3ZVc -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Newly released w3m updates for Red Hat Enterprise Linux 5 tackle important security vulnerabilities and bolster overall system defense.. w3m security update, Red Hat advisory,man-in-the-middle risk, enterprise linux protection. . LinuxSecurity.com Team

Calendar 2 Jul 27, 2010 Red Hat
Banner 4 1028x280 1708121825 1771600306
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderateman-in-the-middle

Scientific Linux 5.x: CVE-2010-2074 Moderate: w3m Man-in-the-Middle Risk

Moderate: w3m security update. Date: Tue, 27 Jul 2010 11:23:41 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: w3m on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Moderate: w3m security update Issue date: 2010-07-27 CVE Names: CVE-2010-2074 It was discovered that w3m is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse w3m into accepting it by mistake. (CVE-2010-2074) SL 5.x SRPMS: w3m-0.5.1-17.el5_5.src.rpm i386: w3m-0.5.1-17.el5_5.i386.rpm w3m-img-0.5.1-17.el5_5.i386.rpm x86_64: w3m-0.5.1-17.el5_5.x86_64.rpm w3m-img-0.5.1-17.el5_5.x86_64.rpm -Connie Sieh -Troy Dawson . Recent enhancements in w3m tackle vulnerabilities linked to man-in-the-middle threats caused by null prefix exploitation. Stay informed with the most recent updates.. Scientific Linux Update, w3m Security, Moderate Security Advisory, Null Prefix Attack. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 27, 2010 Important Scientific Linux
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatesecurity update

SCiLinux: CVE-2009-2417 Moderate: Curl SSL Certificate Misverification

Moderate: curl security update. Date: Tue, 18 Aug 2009 16:24:49 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: curl on SL4.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Moderate: curl security update Issue date: 2009-08-13 CVE Names: CVE-2009-2417 CVE-2009-2417 curl: incorrect verification of SSL certificate with NUL in name Scott Cantor reported that cURL is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse cURL into accepting it by mistake. (CVE-2009-2417) All running applications using libcurl must be restarted for the update to take effect. Note: This package for SL4 has to be renamed due to poor naming of rpms. SL 4.x SRPMS: curl-7.12.1-11.1.el4_8.1.src.rpm i386: curl-7.12.1-11.1.el4_8.1.i386.rpm curl-7.12.1-11.2.el4_0.1.i386.rpm curl-devel-7.12.1-11.1.el4_8.1.i386.rpm curl-devel-7.12.1-11.2.el4_0.1.i386.rpm x86_64: curl-7.12.1-11.1.el4_8.1.i386.rpm curl-7.12.1-11.1.el4_8.1.x86_64.rpm curl-7.12.1-11.2.el4_0.1.i386.rpm curl-7.12.1-11.2.el4_0.1.x86_64.rpm curl-devel-7.12.1-11.1.el4_8.1.x86_64.rpm curl-devel-7.12.1-11.2.el4_0.1.x86_64.rpm -Connie Sieh -Troy Dawson . The Curl security patch released in September 2009 resolves vulnerabilities in certificate management, thereby mitigating risks related to man-in-the-middle attacks.. curl update, security advisory, SCiLinux, SSL certificate issues. . LinuxSecurity.com Team

Calendar 2 Aug 18, 2009 Scientific Linux
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here