Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H900
SuSE

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Calendar White Jun 12, 2026
Low
Ubuntu Large Esm H900
Ubuntu

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Calendar White Jun 12, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Calendar White Jun 12, 2026
Informational
Debianlts Large Esm H800
Debian LTS

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

Calendar White Jun 12, 2026
Informational
Opensuse Large Esm H900
openSUSE

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Calendar White Jun 12, 2026
Critical
Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":555,"type":"x","order":1,"pct":78.72,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.26,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.2,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisorymoderateimap command injection

Rocky Linux 9 python3.11 Major IMAP POP3 Command Weakness RLSA-2026-4219

Moderate: python3.11 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:4216", "synopsis": "Moderate: python3.11 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for python3.11.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)\n\n* cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)\n\n* cpython: email header injection due to unquoted newlines (CVE-2026-1299)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2431368", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2431368", "description": ""}, {"ticket": "2431373", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2431373", "description": ""}, {"ticket": "2432437", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2432437", "description": ""}], "cves": [{"name": "CVE-2025-15366", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-15366", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "cvss3BaseScore": "7.1", "cwe": "CWE-77"}, {"name": "CVE-2025-15367", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-15367", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "cvss3BaseScore": "7.1", "cwe": "CWE-77"}, {"name": "CVE-2026-1299", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-1299", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "cvss3BaseScore": "7.1", "cwe": "CWE-93"}], "references": [], "publishedAt": "2026-03-12T12:04:07.002916Z", "rpms": {"Rocky Linux 9": {"nvras": ["python3.11-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-0:3.11.13-5.1.el9_7.src.rpm", "python3.11-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-debug-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-debug-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-debug-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-debug-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-debug-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-debuginfo-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-debuginfo-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-debuginfo-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-debuginfo-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-debuginfo-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-debugsource-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-debugsource-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-debugsource-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-debugsource-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-debugsource-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-devel-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-devel-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-devel-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-devel-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-devel-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-idle-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-idle-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-idle-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-idle-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-idle-0:3.11.13-5.1.el9_7.x86_64.rpm","python3.11-libs-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-libs-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-libs-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-libs-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-libs-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-test-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-test-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-test-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-test-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-test-0:3.11.13-5.1.el9_7.x86_64.rpm", "python3.11-tkinter-0:3.11.13-5.1.el9_7.aarch64.rpm", "python3.11-tkinter-0:3.11.13-5.1.el9_7.i686.rpm", "python3.11-tkinter-0:3.11.13-5.1.el9_7.ppc64le.rpm", "python3.11-tkinter-0:3.11.13-5.1.el9_7.s390x.rpm", "python3.11-tkinter-0:3.11.13-5.1.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux 9 releases python3.11 security update addressing command injection risks for better system integrity.. python security update, Rocky Linux advisory, command injection patch, secure programming practices. . LinuxSecurity.com Team

Calendar%202 Mar 12, 2026 Rocky Linux
91
Ls Advisories Gentoo Esm H240
Price Tag%201security advisorygentoosquirrelmail

Gentoo: 200603-09 Low: SquirrelMail Cross-Site Scripting Risks

SquirrelMail is vulnerable to several cross-site scripting vulnerabilities and IMAP command injection.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200603-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: SquirrelMail: Cross-site scripting and IMAP command injection Date: March 12, 2006 Bugs: #123781 ID: 200603-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= SquirrelMail is vulnerable to several cross-site scripting vulnerabilities and IMAP command injection. Background ========= SquirrelMail is a webmail package written in PHP. It supports IMAP and SMTP protocols. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mail-client/squirrelmail < 1.4.6 > = 1.4.6 Description ========== SquirrelMail does not validate the right_frame parameter in webmail.php, possibly allowing frame replacement or cross-site scripting (CVE-2006-0188). Martijn Brinkers and Scott Hughes discovered that MagicHTML fails to handle certain input correctly, potentially leading to cross-site scripting (only Internet Explorer, CVE-2006-0195). Vicente Aguilera reported that the sqimap_mailbox_select function did not strip newlines from the mailbox or subject parameter, possibly allowing IMAP command injection (CVE-2006-0377). Impact ===== By exploiting the cross-site scripting vulnerabilities, an attacker can execute arbitrary scripts running in the context of the victim's browser. This could lead to a compromise of the user's webmail account, cookie theft,etc. A remote attacker could exploit the IMAP command injection to execute arbitrary IMAP commands on the configured IMAP server. Workaround ========= There is no known workaround at this time. Resolution ========= All SquirrelMail users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =mail-client/squirrelmail-1.4.6" Note: Users with the vhosts USE flag set should manually use webapp-config to finalize the update. References ========= [ 1 ] CVE-2006-0188 [ 2 ] CVE-2006-0195 [ 3 ] CVE-2006-0377 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200603-09 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Gentoo alerts users regarding minor vulnerabilities found in SquirrelMail, such as potential cross-site scripting attacks and risks associated with IMAP command injection.. SquirrelMail, Gentoo, Webmail Security, Cross-Site Scripting, IMAP Injection. . Severity: Low. LinuxSecurity.com Team

Calendar%202 Mar 12, 2006 Low Gentoo
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":555,"type":"x","order":1,"pct":78.72,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.26,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.2,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here