Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE 16.0 Bouncycastle Important Security Fix DoS 2026-21404-1

An update that solves five vulnerabilities can now be installed.. # Security update for bouncycastle Announcement ID: SUSE-SU-2026:21404-1 Release Date: 2026-04-24T15:26:29Z Rating: important References: * bsc#1262225 * bsc#1262226 * bsc#1262227 * bsc#1262228 * bsc#1262232 Cross-References: * CVE-2025-14813 * CVE-2026-0636 * CVE-2026-3505 * CVE-2026-5588 * CVE-2026-5598 CVSS scores: * CVE-2025-14813 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-14813 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2025-14813 ( NVD ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:Red * CVE-2026-0636 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0636 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-0636 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:A/V:X/RE:M/U:Amber * CVE-2026-3505 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-3505 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3505 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-5588 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-5588 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-5588 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-5598 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-5598 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2026-5598 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:X/V:X/RE:X/U:Red Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for bouncycastle fixes the following issues: * Update to version 1.84: * CVE-2025-14813: GOSTCTR implementation unable to process more than 255 blocks correctly (bsc#1262225). * CVE-2026-0636: LDAP Injection Vulnerability in LDAPStoreHelper.java (bsc#1262226). * CVE-2026-3505: Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion (bsc#1262232). * CVE-2026-5588: PKIX draft CompositeVerifier accepts empty signature sequence as valid (bsc#1262228). * CVE-2026-5598: Non-constant time comparisons risk private key leakage in FrodoKEM (bsc#1262227). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-643=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-643=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * bouncycastle-util-1.84-160000.1.1 * bouncycastle-pkix-1.84-160000.1.1 * bouncycastle-jmail-1.84-160000.1.1 * bouncycastle-pg-1.84-160000.1.1 * bouncycastle-tls-1.84-160000.1.1 * bouncycastle-mail-1.84-160000.1.1 * bouncycastle-javadoc-1.84-160000.1.1 * bouncycastle-1.84-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) *bouncycastle-util-1.84-160000.1.1 * bouncycastle-pkix-1.84-160000.1.1 * bouncycastle-jmail-1.84-160000.1.1 * bouncycastle-pg-1.84-160000.1.1 * bouncycastle-tls-1.84-160000.1.1 * bouncycastle-mail-1.84-160000.1.1 * bouncycastle-javadoc-1.84-160000.1.1 * bouncycastle-1.84-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14813.html * https://www.suse.com/security/cve/CVE-2026-0636.html * https://www.suse.com/security/cve/CVE-2026-3505.html * https://www.suse.com/security/cve/CVE-2026-5588.html * https://www.suse.com/security/cve/CVE-2026-5598.html * https://bugzilla.suse.com/show_bug.cgi?id=1262225 * https://bugzilla.suse.com/show_bug.cgi?id=1262226 * https://bugzilla.suse.com/show_bug.cgi?id=1262227 * https://bugzilla.suse.com/show_bug.cgi?id=1262228 * https://bugzilla.suse.com/show_bug.cgi?id=1262232 . An update addressing multiple security issues in BouncyCastle for SUSE systems, including important patches and installation guidance.. SUSE BouncyCastle vulnerabilities update important security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 30, 2026 Important SuSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 24.04 LTS Bouncy Castle Major LDAP DoS DNS Spoofing USN-8109-1

Several security issues were fixed in Bouncy Castle.. ========================================================================== Ubuntu Security Notice USN-8108-1 March 18, 2026 bouncycastle vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Bouncy Castle. Software Description: - bouncycastle: Java implementation of cryptographic algorithms Details: It was discovered that Bouncy Castle did not sanitize user input when inserting it into an LDAP search filter. An attacker could possibly use this issue to perform an LDAP injection attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-33201) It was discovered that Bouncy Castle incorrectly handled specially crafted F2m parameters in the ECCurve algorithm. An attacker could possibly use this issue to cause Bouncy Castle to use excessive resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-29857) It was discovered that Bouncy Castle leaked timing information when handling exceptions during an RSA handshake. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-30171) It was discovered that Bouncy Castle incorrectly handled endpoint identification with an SSL socket enabled without an explicit hostname. An attacker could possibly use this issue to perform a DNS poisoning attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-34447) Bing Shi discovered that Bouncy Castle incorrectly handled resource memory allocation. An attacker could possibly use this issue to causeBouncy Castle to use excessive resources, leading to a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2025-8916) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libbcjmail-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcmail-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcpg-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcpkix-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcprov-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro libbctls-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcutil-java 1.77-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS libbcmail-java 1.68-5ubuntu0.1~esm1 Available with Ubuntu Pro libbcpg-java 1.68-5ubuntu0.1~esm1 Available with Ubuntu Pro libbcpkix-java 1.68-5ubuntu0.1~esm1 Available with Ubuntu Pro libbcprov-java 1.68-5ubuntu0.1~esm1 Available with Ubuntu Pro libbctls-java 1.68-5ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libbcmail-java 1.61-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcpg-java 1.61-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcpkix-java 1.61-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcprov-java 1.61-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libbcmail-java 1.59-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcpg-java 1.59-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcpkix-java 1.59-1ubuntu0.1~esm1 Available with Ubuntu Pro libbcprov-java 1.59-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libbcmail-java 1.51-4ubuntu1+esm1 Available with Ubuntu Pro libbcpg-java 1.51-4ubuntu1+esm1 Available with Ubuntu Pro libbcpkix-java 1.51-4ubuntu1+esm1 Available with Ubuntu Pro libbcprov-java 1.51-4ubuntu1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8108-1 CVE-2023-33201, CVE-2024-29857, CVE-2024-30171, CVE-2024-30172, CVE-2024-34447, CVE-2025-8916 . Critical security issues were fixed in Bouncy Castle on multiple Ubuntu versions, addressing significant exploits. Bouncy Castle Security, Ubuntu Update, LDAP Injection, DoS Prevention. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 18, 2026 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryDoSimportant

openSUSE: pgadmin4 Important LDAP Injection DoS Fix 2026:0016-1

An update that solves two vulnerabilities can now be installed.. # Security update for pgadmin4 Announcement ID: SUSE-SU-2026:0016-1 Release Date: 2026-01-05T10:48:10Z Rating: important References: * bsc#1253477 * bsc#1253478 Cross-References: * CVE-2025-12764 * CVE-2025-12765 CVSS scores: * CVE-2025-12764 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-12764 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12764 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12765 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-12765 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-12765 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-12765 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.3 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail BranchServer 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves two vulnerabilities can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2025-12765: insufficient checks in the LDAP authentication flow allow a for bypass of TLS certificate validation that can lead to the stealing of bind credentials and the altering of directory responses (bsc#1253478). * CVE-2025-12764: improper validation of characters in a username allows for LDAP injections that force the processing of unusual amounts of data and leads to a DoS (bsc#1253477). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-16=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-16=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-16=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-16=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-16=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-16=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-16=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-16=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-16=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP4-2026-16=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-16=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-16=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2026-16=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2026-16=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2026-16=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * openSUSE Leap 15.3 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * pgadmin4-web-uwsgi-4.30-150300.3.21.1 * Python 3 Module 15-SP7 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * Python 3 Module 15-SP7 (s390x) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High PerformanceComputing ESPOS 15 SP5 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * pgadmin4-4.30-150300.3.21.1 *pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Manager Proxy 4.3 LTS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Manager Server 4.3 LTS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12764.html * https://www.suse.com/security/cve/CVE-2025-12765.html * https://bugzilla.suse.com/show_bug.cgi?id=1253477 * https://bugzilla.suse.com/show_bug.cgi?id=1253478 . Two vulnerabilities in pgadmin4 fixed in this important advisory for openSUSE, including LDAP issues and DoS risks.. openSUSE Security, pgAdmin Update, Important Advisory, LDAP Injection Risk, DoS Threat. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 05, 2026 Important OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEDoS

SUSE: Security Update for pgadmin4 Important LDAP DoS Threat 2026:0016-1

An update that solves two vulnerabilities can now be installed.. # Security update for pgadmin4 Announcement ID: SUSE-SU-2026:0016-1 Release Date: 2026-01-05T10:48:10Z Rating: important References: * bsc#1253477 * bsc#1253478 Cross-References: * CVE-2025-12764 * CVE-2025-12765 CVSS scores: * CVE-2025-12764 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-12764 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12764 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12765 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-12765 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-12765 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-12765 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.3 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail BranchServer 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves two vulnerabilities can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2025-12765: insufficient checks in the LDAP authentication flow allow a for bypass of TLS certificate validation that can lead to the stealing of bind credentials and the altering of directory responses (bsc#1253478). * CVE-2025-12764: improper validation of characters in a username allows for LDAP injections that force the processing of unusual amounts of data and leads to a DoS (bsc#1253477). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-16=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-16=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-16=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-16=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-16=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-16=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-16=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-16=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-16=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP4-2026-16=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-16=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-16=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2026-16=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2026-16=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2026-16=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * openSUSE Leap 15.3 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * pgadmin4-web-uwsgi-4.30-150300.3.21.1 * Python 3 Module 15-SP7 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * Python 3 Module 15-SP7 (s390x) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High PerformanceComputing ESPOS 15 SP5 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * pgadmin4-web-4.30-150300.3.21.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * pgadmin4-4.30-150300.3.21.1 *pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Manager Proxy 4.3 LTS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * pgadmin4-4.30-150300.3.21.1 * pgadmin4-debuginfo-4.30-150300.3.21.1 * SUSE Manager Server 4.3 LTS (noarch) * pgadmin4-web-4.30-150300.3.21.1 * pgadmin4-doc-4.30-150300.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12764.html * https://www.suse.com/security/cve/CVE-2025-12765.html * https://bugzilla.suse.com/show_bug.cgi?id=1253477 * https://bugzilla.suse.com/show_bug.cgi?id=1253478 . Important security updates for pgadmin4 in SUSE addressing LDAP injections and DoS risks are available now.. SUSE Security Update, pgadmin4 Security Patch, LDAP Issues, DoS Risk Mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 05, 2026 Important SuSE
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderatedebian

Debian 10 Buster DLA-3514-1 Moderate: Bouncy Castle LDAP Injection

It was discovered that there was a protential LDAP injection vulnerability in Bouncy Castle, a cryptographic library for Java. During the certificate validation process, bouncycastle used the certificate's "Subject Name" into an LDAP search filter without any . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3514-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb August 02, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : bouncycastle Version : 1.60-1+deb10u1 CVE ID : CVE-2023-33201 Debian Bug : 1040050 It was discovered that there was a protential LDAP injection vulnerability in Bouncy Castle, a cryptographic library for Java. During the certificate validation process, bouncycastle used the certificate's "Subject Name" into an LDAP search filter without any escaping. For Debian 10 buster, this problem has been fixed in version 1.60-1+deb10u1. We recommend that you upgrade your bouncycastle packages. For the detailed security status of bouncycastle please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/bouncycastle Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Debian LTS security notice for Bouncy Castle highlights a vulnerability related to LDAP injection and advises users to upgrade their packages accordingly.. Bouncy Castle, LDAP Injection, Debian Advisory, Cryptographic Library. . LinuxSecurity.com Team

Calendar 2 Aug 02, 2023 Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here