Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantsuse

SUSE 12 SP5: 2025:02088-1 important: webkit2gtk3 process crash

* bsc#1231039 * bsc#1232747 Cross-References: * CVE-2024-44185 . # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:02088-1 Release Date: 2025-06-24T12:06:21Z Rating: important References: * bsc#1231039 * bsc#1232747 Cross-References: * CVE-2024-44185 * CVE-2024-44244 * CVE-2024-44296 CVSS scores: * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44244 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44244 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44244 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-44244 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-44296 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 (bsc#1232747): * CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policyfrom being enforced. New references to version 2.46.0 (boo#1231039): * CVE-2024-44185: Processing maliciously crafted web content may lead to an unexpected process crash. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2088=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2088=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.46.3-4.18.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-4.18.2 * webkit2gtk3-debugsource-2.46.3-4.18.2 * libwebkit2gtk-4_0-37-2.46.3-4.18.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-4.18.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-4.18.2 * webkit2gtk3-devel-2.46.3-4.18.2 * libjavascriptcoregtk-4_0-18-2.46.3-4.18.2 * typelib-1_0-WebKit2-4_0-2.46.3-4.18.2 * typelib-1_0-JavaScriptCore-4_0-2.46.3-4.18.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * libwebkit2gtk3-lang-2.46.3-4.18.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-4.18.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * webkit2gtk-4_0-injected-bundles-2.46.3-4.18.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-4.18.2 * webkit2gtk3-debugsource-2.46.3-4.18.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-4.18.2 * libwebkit2gtk-4_0-37-2.46.3-4.18.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-4.18.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-4.18.2 * webkit2gtk3-devel-2.46.3-4.18.2 * libjavascriptcoregtk-4_0-18-2.46.3-4.18.2 * typelib-1_0-WebKit2-4_0-2.46.3-4.18.2 *typelib-1_0-JavaScriptCore-4_0-2.46.3-4.18.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libwebkit2gtk3-lang-2.46.3-4.18.2 ## References: * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44244.html * https://www.suse.com/security/cve/CVE-2024-44296.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 * https://bugzilla.suse.com/show_bug.cgi?id=1232747 . SUSE unveils significant patch for webkit2gtk3 tackling crucial web content vulnerabilities. Prompt installation advised.. SUSE update, webkit2gtk3, security patch, Linux vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 24, 2025 Important SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycritical issuesecurity update

Debian 12: DSA-5804-1 critical: webkit2gtk process crash

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-44244 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5804-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia November 07, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2024-44244 CVE-2024-44296 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-44244 An anonymous researcher, Q1IQ (@q1iqF) and P1umer discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-44296 Narendra Bhati discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced. For the stable distribution (bookworm), these problems have been fixed in version 2.46.3-1~deb12u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-5805-1 outlines fixes for various critical vulnerabilities in systemd, urging users to apply the recommended updates.. Debian, WebKitGTK, Security Updates, Process Crash, Security Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 07, 2024 Critical Debian
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateinformation leak

Mageia: 2021-0096 Moderate: Thunderbird Memory Safety Issues

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs (CVE-2021-23968). . MGASA-2021-0096 - Updated thunderbird packages fix security vulnerabilities Publication date: 04 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0096.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978 If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs (CVE-2021-23968). As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin (CVE-2021-23969). When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that MediaError message may have revealed information about the resource (CVE-2021-23973). Mozilla developers Alexis Beingessner, Tyson Smith, Nika Layzell, and Mats Palmgren reported memory safety bugs present in Thunderbird 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2021-23978). References: - https://bugs.mageia.org/show_bug.cgi?id=28431 - https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/ -https://www.thunderbird.net/en-US/thunderbird/78.8.0/releasenotes/ - https://www.cve.org/CVERecord?id=CVE-2021-23968 - https://www.cve.org/CVERecord?id=CVE-2021-23969 - https://www.cve.org/CVERecord?id=CVE-2021-23973 - https://www.cve.org/CVERecord?id=CVE-2021-23978 SRPMS: - 7/core/thunderbird-78.8.0-1.mga7 - 7/core/thunderbird-l10n-78.8.0-1.mga7 - 8/core/thunderbird-78.8.0-1.mga8 - 8/core/thunderbird-l10n-78.8.0-1.mga8 . Mageia 2021-0096 provides crucial patches for vulnerabilities in Thunderbird. Examine key enhancements and their potential impacts.. Thunderbird Security Updates, Mageia Issues, Content Security Threats. . LinuxSecurity.com Team

Calendar 2 Mar 04, 2021 Mageia
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity fiximportant

SUSE: 2021:14657-2 Critical: Firefox Buffer Overflow Vulnerabilities

An update that fixes four vulnerabilities is now available. . SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:14657-1 Rating: important References: #1182357 #1182614 Cross-References: CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978 CVSS scores: CVE-2021-23968 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-23969 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-23973 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-23978 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.8.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-08 (bsc#1182614) * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect * CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect * CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources * CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -tpatch slessp4-MozillaFirefox-14657=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-MozillaFirefox-14657=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (x86_64): MozillaFirefox-78.8.0-78.120.1 MozillaFirefox-translations-common-78.8.0-78.120.1 MozillaFirefox-translations-other-78.8.0-78.120.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): MozillaFirefox-debuginfo-78.8.0-78.120.1 References: https://www.suse.com/security/cve/CVE-2021-23968.html https://www.suse.com/security/cve/CVE-2021-23969.html https://www.suse.com/security/cve/CVE-2021-23973.html https://www.suse.com/security/cve/CVE-2021-23978.html https://bugzilla.suse.com/1182357 https://bugzilla.suse.com/1182614 . SUSE has released a critical security patch for vulnerabilities found in Firefox, providing enhancements for memory protection and safeguarding content security.. Mozilla Firefox Update, SUSE Security Patch, Critical Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 01, 2021 Important SuSE
Banner 3 1028x280 1708121785 1771599793
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryupdatecritical

Scientific Linux 7 SLSA-2021-0656-1 Critical: Firefox Update Issues

This update upgrades Firefox to version 78.8.0 ESR. * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968) * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23969) * Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978) * Mozilla: Med [More...]. Synopsis: Critical: firefox security update Advisory ID: SLSA-2021:0656-1 Issue Date: 2021-02-24 CVE Numbers: CVE-2021-23969 CVE-2021-23968 CVE-2021-23973 CVE-2021-23978 -- This update upgrades Firefox to version 78.8.0 ESR. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968) * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23969) * Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978) * Mozilla: MediaError message property could have leaked information about cross-origin resources (CVE-2021-23973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 firefox-78.8.0-1.el7_9.x86_64.rpm firefox-debuginfo-78.8.0-1.el7_9.x86_64.rpm firefox-78.8.0-1.el7_9.i686.rpm - Scientific Linux Development Team . Chrome software patch SLSA-2021-0987-2 addresses significant vulnerabilities such as input sanitization flaws and buffer overflow risks.. Firefox Update, Scientific Linux Security, Security Issues, Browser Patch, Mozilla Firefox. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 24, 2021 Critical Scientific Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here