Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianlow severity

Debian 8 LTS: DLA-1464-1 Low Severity: Postgresql Credential Bypass

An unprivileged user of dblink or postgres_fdw could bypass the checks intended to prevent use of server-side credentials, such as a ~/.pgpass file owned by the operating-system user running the server. Servers allowing peer authentication on local connections are particularly . Package : postgresql-9.4 Version : 9.4.19-0+deb8u1 CVE ID : CVE-2018-10915 An unprivileged user of dblink or postgres_fdw could bypass the checks intended to prevent use of server-side credentials, such as a ~/.pgpass file owned by the operating-system user running the server. Serversallowing peer authentication on local connections are particularly vulnerable. Other attacks such as SQL injection into a postgres_fdw session are also possible. Attacking postgres_fdw in this way requires the ability to create a foreign server object with selected connection parameters, but any user with access to dblink could exploit the problem. In general, an attacker with the ability to select the connection parameters for a libpq-using application could cause mischief, though other plausible attack scenarios are harder to think of. Our thanks to Andrew Krasichkov for reporting this issue. For Debian 8 "Jessie", this problem has been fixed in version 9.4.19-0+deb8u1. We recommend that you upgrade your postgresql-9.4 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance PostgreSQL-9.4 to rectify vulnerabilities related to privilege escalation and credential exposure found in dblink and postgres_fdw functionalities.. PostgreSQL Security, Debian LTS, Database Security, Credential Bypass. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Aug 15, 2018 Low Debian LTS
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorylow severityfreeradius2

Scientific Linux: Freeradius2 Low Severity Authentication Bypass Advisory

Low: freeradius2 security and bug fix update. Date: Wed, 16 Jan 2013 16:10:25 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: Security ERRATA Low: freeradius2 on SL5.x i386/x86_64 MIME-Version: 1.0 Synopsis: Low: freeradius2 security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2011-4966 -- It was found that the "unix" module ignored the password expiration setting in "/etc/shadow". If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with an expired password to successfully authenticate, even though their access should have been denied. (CVE-2011-4966) This update also fixes the following bugs: * After log rotation, the freeradius logrotate script failed to reload the radiusd daemon and log messages were lost. This update has added a command to the freeradius logrotate script to reload the radiusd daemon and the radiusd daemon re-initializes and reopens its log files after log rotation as expected. * The radtest script with the "eap-md5" option failed because it passed the IP family argument when invoking the radeapclient utility and the radeapclient utility did not recognize the IP family. The radeapclient utility now recognizes the IP family argument and radtest now works with eap-md5 as expected. * Previously, freeradius was compiled without the "--with-udpfromto" option. Consequently, with a multihomed server and explicitly specifying the IP address, freeradius sent the reply with the wrong IP source address. With this update, freeradius has been built with the "--with-udpfromto" configuration option and the RADIUS reply is always sourced from the IP address the request was sent to. * Due to invalid syntax in the PostgreSQL admin schema file, the FreeRADIUS PostgreSQL tables failed to be created. With this update, the syntax has been adjusted and the tables are created as expected. * FreeRADIUS has a thread pool that dynamically grows based on load.If multiple threads using the "rlm_perl()" function are spawned in quick succession, the FreeRADIUS server sometimes terminated unexpectedly with a segmentation fault due to parallel calls to the "rlm_perl_clone()" function. With this update, a mutex for the threads has been added and the problem no longer occurs. * The man page for "rlm_dbm_parser" was incorrectly installed as "rlm_dbm_parse", omitting the trailing "r". The man page now correctly appearsas rlm_dbm_parser. They are also advised to check for RPM backup files ending in ".rpmnew" or ".rpmsave" under the /etc/raddb/ directory after the update because the FreeRADIUS server will attempt to load every file it finds in its configuration directory. The extra files will often cause the wrong configuration values to be applied resulting in either unpredictable behavior or the failure of the server to initialize and run. -- SL5 x86_64 freeradius2-2.1.12-5.el5.x86_64.rpm freeradius2-debuginfo-2.1.12-5.el5.x86_64.rpm freeradius2-krb5-2.1.12-5.el5.x86_64.rpm freeradius2-ldap-2.1.12-5.el5.x86_64.rpm freeradius2-mysql-2.1.12-5.el5.x86_64.rpm freeradius2-perl-2.1.12-5.el5.x86_64.rpm freeradius2-postgresql-2.1.12-5.el5.x86_64.rpm freeradius2-python-2.1.12-5.el5.x86_64.rpm freeradius2-unixODBC-2.1.12-5.el5.x86_64.rpm freeradius2-utils-2.1.12-5.el5.x86_64.rpm i386 freeradius2-2.1.12-5.el5.i386.rpm freeradius2-debuginfo-2.1.12-5.el5.i386.rpm freeradius2-krb5-2.1.12-5.el5.i386.rpm freeradius2-ldap-2.1.12-5.el5.i386.rpm freeradius2-mysql-2.1.12-5.el5.i386.rpm freeradius2-perl-2.1.12-5.el5.i386.rpm freeradius2-postgresql-2.1.12-5.el5.i386.rpm freeradius2-python-2.1.12-5.el5.i386.rpm freeradius2-unixODBC-2.1.12-5.el5.i386.rpm freeradius2-utils-2.1.12-5.el5.i386.rpm - Scientific Linux Development Team . A security patch for Freeradius2 resolves password expiration problems and assorted bugs on Scientific Linux. Upgrade advised.. freeradius2 update, security advisory, Scientific Linux patch. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Jan 16, 2013 Low Scientific Linux
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here