Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryremote code executionimportant update

Critical Jakarta Commons Collections RCE Vulnerability in Scientific Linux

Important: jakarta-commons-collections security update. Date: Mon, 21 Dec 2015 20:40:07 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Important: jakarta-commons-collections on SL5.x i386/x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Important: jakarta-commons-collections security update Advisory ID: SLSA-2015:2671-1 Issue Date: 2015-12-21 CVE Numbers: CVE-2015-7501 -- It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501) With this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property "org.apache.commons.collections.enableUnsafeSerialization" to re-enable their deserialization. In the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications. All running applications using the commons-collections library must be restarted for the update to take effect. -- SL5 x86_64 jakarta-commons-collections-debuginfo-3.2-2jpp.4.x86_64.rpm jakarta-commons-collections-tomcat5-3.2-2jpp.4.x86_64.rpm jakarta-commons-collections-3.2-2jpp.4.x86_64.rpm jakarta-commons-collections-javadoc-3.2-2jpp.4.x86_64.rpm jakarta-commons-collections-testframework-3.2-2jpp.4.x86_64.rpm jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4.x86_64.rpm i386 jakarta-commons-collections-debuginfo-3.2-2jpp.4.i386.rpm jakarta-commons-collections-tomcat5-3.2-2jpp.4.i386.rpm jakarta-commons-collections-3.2-2jpp.4.i386.rpm jakarta-commons-collections-javadoc-3.2-2jpp.4.i386.rpm jakarta-commons-collections-testframework-3.2-2jpp.4.i386.rpm jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4.i386.rpm - Scientific Linux Development Team . Crucial patch released for jakarta-commons-collections to mitigate risks of unauthorized code execution vulnerabilities in Scientific Linux systems.. jakarta commons collections, security update, scientific linux, remote execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 21, 2015 Important Scientific Linux
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorycode executionremote code execution

Critical Update: SLSA-2015:2521-1 for Jakarta Commons Collections RCE

Important: jakarta-commons-collections security update. Date: Mon, 30 Nov 2015 18:12:35 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Important: jakarta-commons-collections on SL6.x (noarch) MIME-Version: 1.0 Message-ID: Synopsis: Important: jakarta-commons-collections security update Advisory ID: SLSA-2015:2521-1 Issue Date: 2015-11-30 CVE Numbers: CVE-2015-7501 -- It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501) With this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property "org.apache.commons.collections.enableUnsafeSerialization" to re-enable their deserialization. In the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications. All running applications using the commons-collections library must be restarted for the update to take effect. -- SL6 noarch jakarta-commons-collections-3.2.1-3.5.el6_7.noarch.rpm jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7.noarch.rpm jakarta-commons-collections-testframework-3.2.1-3.5.el6_7.noarch.rpm jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7.noarch.rpm jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7.noarch.rpm - Scientific Linux Development Team . Crucial jakarta-commons-collections patch for Scientific Linux addresses critical remote code execution vulnerability.. jakarta-commons-collections, securityupdate, remote execution, linux security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 30, 2015 Important Scientific Linux
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here