Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Arch Linux 202109-1 High Severity HedgeDoc Cross-Site Scripting

The package hedgedoc before version 1.9.0-1 is vulnerable to cross-site scripting. . Arch Linux Security Advisory ASA-202109-1 ======================================== Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-39175 Package : hedgedoc Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-2331 Summary ====== The package hedgedoc before version 1.9.0-1 is vulnerable to cross-site scripting. Resolution ========= Upgrade to 1.9.0-1. # pacman -Syu "hedgedoc> =1.9.0-1" The problem has been fixed upstream in version 1.9.0. Workaround ========= None. Description ========== In HedgeDoc versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into another page. Impact ===== An unauthenticated remote attacker could execute arbitrary JavaScript code in the slide mode of HedgeDoc. References ========= https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-j748-779h-9697 https://github.com/hedgedoc/hedgedoc/pull/1369 https://github.com/hedgedoc/hedgedoc/pull/1375 https://github.com/hedgedoc/hedgedoc/pull/1513 https://security.archlinux.org/CVE-2021-39175 . The Debian Security Notice DSN-202109-1 highlights a vulnerability in the HedgeDoc application related to cross-origin resource sharing. It is advised to perform an update to ensure security.. HedgeDoc, Arch Linux, Cross-Site Scripting, Security Advisory, Software Update. . LinuxSecurity.com Team

Calendar 2 Sep 15, 2021 ArchLinux
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severitycross-site scripting

Arch Linux: ASA-202105-9 High Severity: HedgeDoc Cross-Site Scripting

The package hedgedoc before version 1.8.2-1 is vulnerable to cross-site scripting. . Arch Linux Security Advisory ASA-202105-9 ======================================== Severity: High Date : 2021-05-19 CVE-ID : CVE-2021-29503 Package : hedgedoc Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-1946 Summary ====== The package hedgedoc before version 1.8.2-1 is vulnerable to cross-site scripting. Resolution ========= Upgrade to 1.8.2-1. # pacman -Syu "hedgedoc> =1.8.2-1" The problem has been fixed upstream in version 1.8.2. Workaround ========= In order to prevent unauthenticated attacks it can be useful to disable guest edits until the next update. To do this, set the following to configuration options: { # other configs # … "allowAnonymous": false, "allowAnonymousEdits": false, } Or set the environment variables CMD_ALLOW_ANONYMOUS=false and CMD_ALLOW_ANONYMOUS_EDITS=false. Description ========== HedgeDoc before version 1.8.2 is vulnerable to a cross-site scripting (XSS) attack using the YAML-metadata of a note. An attacker with write access to a note can embed HTML tags in the Open Graph metadata section of the note, resulting in the frontend rendering the script tag as part of the section. This vulnerability affects all installations. Unless your instance prevents guests from editing notes, this vulnerability allows unauthenticated attackers to inject JavaScript into notes that allow guest edits. If your instance prevents guests from editing notes, this vulnerability allows authenticated attackers to inject JavaScript into any note pages they have write-access to. Impact ===== A remote attacker with write access to a note can inject arbitrary JavaScript code that is executed through cross-site scripting when the note isviewed. References ========= https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-gjg7-4j2h-94fq https://github.com/hedgedoc/hedgedoc/commit/4a0216096a6aa1ebba9d8b0ada067c73ffa1513f https://security.archlinux.org/CVE-2021-29503 . HedgeDoc presents a cross-site scripting vulnerability affecting users running Arch Linux versions prior to 1.8.2-1. An upgrade is strongly advised.. HedgeDoc Security Advisory, Arch Linux Update, XSS Issue. . LinuxSecurity.com Team

Calendar 2 May 20, 2021 ArchLinux
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here