Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":550,"type":"x","order":1,"pct":78.57,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.29,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycritical issueupdate

Mageia 7, 8 MGASA-2021-0196 Critical Rcp Manipulation Issue

An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or . MGASA-2021-0196 - Updated krb5-appl packages fix security vulnerabilities Publication date: 23 Apr 2021 URL: https://advisories.mageia.org/MGASA-2021-0196.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2019-25017, CVE-2019-25018 An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283 (CVE-2019-25017). In the rcp client in MIT krb5-appl through 1.0.3 malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side (CVE-2019-25018). References: - https://bugs.mageia.org/show_bug.cgi?id=28460 - https://lists.suse.com/pipermail/sle-security-updates/2021-February/008353.html - https://www.cve.org/CVERecord?id=CVE-2019-25017 - https://www.cve.org/CVERecord?id=CVE-2019-25018 SRPMS: - 8/core/krb5-appl-1.0.3-13.1.mga8 - 7/core/krb5-appl-1.0.3-10.2.mga7 . Mageia's MGASA-2021-0215 tackles significant vulnerabilities within the libxml2 library, bolstering data integrity measures.. Krb5-applSecurity,Mageia Security Advisory,Rcp File Access,File Security Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 23, 2021 Critical Mageia
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorybuffer overflowremote code execution

Scientific Linux: SLSA-2014:0311-1 Critical: PHP Buffer Overflow

Critical: php security update. Date: Wed, 19 Mar 2014 13:45:11 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Critical: php on SL5.x i386/x86_64 MIME-Version: 1.0 Synopsis: Critical: php security update Advisory ID: SLSA-2014:0311-1 Issue Date: 2014-03-18 CVE Numbers: CVE-2006-7243 CVE-2009-0689 -- A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2009-0689) It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) After installing the updated packages, the httpd daemon must be restarted for the update to take effect. -- SL5 x86_64 php-5.1.6-44.el5_10.x86_64.rpm php-bcmath-5.1.6-44.el5_10.x86_64.rpm php-cli-5.1.6-44.el5_10.x86_64.rpm php-common-5.1.6-44.el5_10.x86_64.rpm php-dba-5.1.6-44.el5_10.x86_64.rpm php-debuginfo-5.1.6-44.el5_10.x86_64.rpm php-devel-5.1.6-44.el5_10.x86_64.rpm php-gd-5.1.6-44.el5_10.x86_64.rpm php-imap-5.1.6-44.el5_10.x86_64.rpm php-ldap-5.1.6-44.el5_10.x86_64.rpm php-mbstring-5.1.6-44.el5_10.x86_64.rpm php-mysql-5.1.6-44.el5_10.x86_64.rpm php-ncurses-5.1.6-44.el5_10.x86_64.rpm php-odbc-5.1.6-44.el5_10.x86_64.rpm php-pdo-5.1.6-44.el5_10.x86_64.rpm php-pgsql-5.1.6-44.el5_10.x86_64.rpm php-snmp-5.1.6-44.el5_10.x86_64.rpm php-soap-5.1.6-44.el5_10.x86_64.rpm php-xml-5.1.6-44.el5_10.x86_64.rpm php-xmlrpc-5.1.6-44.el5_10.x86_64.rpm i386 php-5.1.6-44.el5_10.i386.rpm php-bcmath-5.1.6-44.el5_10.i386.rpm php-cli-5.1.6-44.el5_10.i386.rpm php-common-5.1.6-44.el5_10.i386.rpm php-dba-5.1.6-44.el5_10.i386.rpm php-debuginfo-5.1.6-44.el5_10.i386.rpm php-devel-5.1.6-44.el5_10.i386.rpm php-gd-5.1.6-44.el5_10.i386.rpm php-imap-5.1.6-44.el5_10.i386.rpm php-ldap-5.1.6-44.el5_10.i386.rpm php-mbstring-5.1.6-44.el5_10.i386.rpm php-mysql-5.1.6-44.el5_10.i386.rpm php-ncurses-5.1.6-44.el5_10.i386.rpm php-odbc-5.1.6-44.el5_10.i386.rpm php-pdo-5.1.6-44.el5_10.i386.rpm php-pgsql-5.1.6-44.el5_10.i386.rpm php-snmp-5.1.6-44.el5_10.i386.rpm php-soap-5.1.6-44.el5_10.i386.rpm php-xml-5.1.6-44.el5_10.i386.rpm php-xmlrpc-5.1.6-44.el5_10.i386.rpm - Scientific Linux Development Team . Uncover essential PHP security patches for Scientific Linux tackling buffer overflow and access control vulnerabilities.. Scientific Linux PHP Update, Critical Security Advisory, Buffer Overflow Fix, PHP Security Patches. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 19, 2014 Critical Scientific Linux
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":550,"type":"x","order":1,"pct":78.57,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.29,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here