Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantSUSE

SUSE 15 SP6: 2024:4084-1 important: WebKit2GTK3 address spoofing

* bsc#1231039 * bsc#1232747 Cross-References: * CVE-2024-40866 . # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:4084-1 Release Date: 2024-11-27T14:36:51Z Rating: important References: * bsc#1231039 * bsc#1232747 Cross-References: * CVE-2024-40866 * CVE-2024-44185 * CVE-2024-44187 * CVE-2024-44244 * CVE-2024-44296 CVSS scores: * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44244 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44244 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44244 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-44296 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ##Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 (bsc#1232747): * CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. * CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing. New references to version 2.46.0 (boo#1231039): * CVE-2024-44187: A cross- origin issue existed with “iframe” elements. This was addressed with improved tracking of security origins. * CVE-2024-44185: Processing maliciously crafted web content may lead to an unexpected process crash. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4084=1 openSUSE-SLE-15.6-2024-4084=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4084=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4084=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4084=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.1-lang-2.46.3-150600.12.16.1 * WebKitGTK-6.0-lang-2.46.3-150600.12.16.1 * WebKitGTK-4.0-lang-2.46.3-150600.12.16.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwebkitgtk-6_0-4-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-debugsource-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-2.46.3-150600.12.16.1 * webkit2gtk4-devel-2.46.3-150600.12.16.1 * webkit-jsc-4.1-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-2.46.3-150600.12.16.1 *webkitgtk-6_0-injected-bundles-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-2.46.3-150600.12.16.1 * webkit2gtk4-minibrowser-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150600.12.16.1 * webkit-jsc-4-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150600.12.16.1 * webkit-jsc-4.1-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-devel-2.46.3-150600.12.16.1 * webkit2gtk3-minibrowser-2.46.3-150600.12.16.1 * webkit2gtk4-minibrowser-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150600.12.16.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150600.12.16.1 * webkit-jsc-4-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-minibrowser-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_1-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-debugsource-2.46.3-150600.12.16.1 * webkit-jsc-6.0-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-2.46.3-150600.12.16.1 * webkit2gtk3-minibrowser-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit-6_0-2.46.3-150600.12.16.1 * webkit2gtk4-debugsource-2.46.3-150600.12.16.1 * webkit2gtk3-devel-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_0-2.46.3-150600.12.16.1 * webkit-jsc-6.0-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-2.46.3-150600.12.16.1 *typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-32bit-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-32bit-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150600.12.16.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-64bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-64bit-2.46.3-150600.12.16.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-6.0-lang-2.46.3-150600.12.16.1 * WebKitGTK-4.0-lang-2.46.3-150600.12.16.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150600.12.16.1 * libwebkitgtk-6_0-4-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-debugsource-2.46.3-150600.12.16.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-2.46.3-150600.12.16.1 * webkit2gtk4-debugsource-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_0-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150600.12.16.1 *typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-devel-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-2.46.3-150600.12.16.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.46.3-150600.12.16.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-debugsource-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-2.46.3-150600.12.16.1 * webkit2gtk3-devel-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_1-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk4-debugsource-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150600.12.16.1 * typelib-1_0-WebKit-6_0-2.46.3-150600.12.16.1 * webkit2gtk4-devel-2.46.3-150600.12.16.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150600.12.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-44244.html * https://www.suse.com/security/cve/CVE-2024-44296.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 * https://bugzilla.suse.com/show_bug.cgi?id=1232747 . Urgent security notice released for webkit2gtk3 within SUSE, targeting numerousvulnerabilities linked to phishing and system crashes.. SUSE updates, webkit2gtk3 fixes, security vulnerabilities, important patches, SUSE Linux. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 27, 2024 Important SuSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity updatememory safety

Mageia 8 MGASA-2023-0057 Moderate: Thunderbird Memory Safety Issues

User Interface lockup with messages combining S/MIME and OpenPGP. (CVE-2023-0616) Content security policy leak in violation reports using iframes. (CVE-2023-25728) . MGASA-2023-0057 - Updated thunderbird packages fix security vulnerability Publication date: 20 Feb 2023 URL: https://advisories.mageia.org/MGASA-2023-0057.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-0616, CVE-2023-0767, CVE-2023-25728, CVE-2023-25729, CVE-2023-25730, CVE-2023-25732, CVE-2023-25735, CVE-2023-25737, CVE-2023-25739, CVE-2023-25742, CVE-2023-25746 User Interface lockup with messages combining S/MIME and OpenPGP. (CVE-2023-0616) Content security policy leak in violation reports using iframes. (CVE-2023-25728) Screen hijack via browser fullscreen mode. (CVE-2023-25730) Arbitrary memory write via PKCS 12 in NSS. (CVE-2023-0767) Potential use-after-free from compartment mismatch in SpiderMonkey. (CVE-2023-25735) Invalid downcast in SVGUtils::SetupStrokeGeometry. (CVE-2023-25737) Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext. (CVE-2023-25739) Extensions could have opened external schemes without user knowledge. (CVE-2023-25729) Out of bounds memory write from EncodeInputStream. (CVE-2023-25732) Web Crypto ImportKey crashes tab. (CVE-2023-25742) Memory safety bugs fixed in Thunderbird 102.8. (CVE-2023-25746) References: - https://bugs.mageia.org/show_bug.cgi?id=31561 - https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/ - https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/ - https://www.cve.org/CVERecord?id=CVE-2023-0616 - https://www.cve.org/CVERecord?id=CVE-2023-0767 - https://www.cve.org/CVERecord?id=CVE-2023-25728 - https://www.cve.org/CVERecord?id=CVE-2023-25729 - https://www.cve.org/CVERecord?id=CVE-2023-25730 - https://www.cve.org/CVERecord?id=CVE-2023-25732 - https://www.cve.org/CVERecord?id=CVE-2023-25735 - https://www.cve.org/CVERecord?id=CVE-2023-25737 -https://www.cve.org/CVERecord?id=CVE-2023-25739 - https://www.cve.org/CVERecord?id=CVE-2023-25742 - https://www.cve.org/CVERecord?id=CVE-2023-25746 SRPMS: - 8/core/thunderbird-102.8.0-1.mga8 - 8/core/thunderbird-l10n-102.8.0-1.mga8 . Recent updates to the Thunderbird application address various security vulnerabilities, improving both the user experience and adherence to memory management protocols.. Mageia 8 Update, Thunderbird Security Fixes, Memory Safety Issues. . LinuxSecurity.com Team

Calendar 2 Feb 20, 2023 Mageia
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderatecross site scripting

Mageia 8: 2021-0584 Moderate: Webkit2 Vulnerability in XSS Potential

Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887) Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890) . MGASA-2021-0583 - Updated webkit2 packages fix security vulnerability Publication date: 23 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0583.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-30887, CVE-2021-30890 Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887) Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890) References: - https://bugs.mageia.org/show_bug.cgi?id=29793 - https://webkitgtk.org/security/WSA-2021-0007.html - https://www.cve.org/CVERecord?id=CVE-2021-30887 - https://www.cve.org/CVERecord?id=CVE-2021-30890 SRPMS: - 8/core/webkit2-2.34.3-1.mga8 . Mageia released a crucial security patch fixing various vulnerabilities in web content management. Check the detailed release notes for full effects and remedies. Mageia Webkit2 Security Update, Cross Site Scripting Risks, Content Policy Fixes. . LinuxSecurity.com Team

Calendar 2 Dec 23, 2021 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here