Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 13 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 24.04 LTS GIMP Security Advisory USN-8075-1 Denial of Service

Several security issues were fixed in GIMP.. ========================================================================== Ubuntu Security Notice USN-8075-1 March 04, 2026 gimp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in GIMP. Software Description: - gimp: GNU Image Manipulation Program Details: Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on 32-bit systems. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2025-2760) Michael Randrianantenaina discovered that GIMP did not perform any bounds checking when calculating an offset into XWD Colormaps. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-10934) It was discovered that GIMP's PNM loader did not sufficiently check that the image could fit within the allocated memory, which could cause GIMP to read or write out-of-bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-14422) It was discovered that maliciously-crafted TGA files could cause memory corruption and leave GIMP in an inconsistent state. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-48797) It was discovered that a maliciously-crafted XCF file could cause GIMP to free the same memory region twice, or access an already freed address. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-48798) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04LTS gimp 2.10.36-3ubuntu0.24.04.1+esm2 Available with Ubuntu Pro libgimp2.0t64 2.10.36-3ubuntu0.24.04.1+esm2 Available with Ubuntu Pro Ubuntu 22.04 LTS gimp 2.10.30-1ubuntu0.1+esm2 Available with Ubuntu Pro libgimp2.0 2.10.30-1ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS gimp 2.10.18-1ubuntu0.1+esm2 Available with Ubuntu Pro libgimp2.0 2.10.18-1ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS gimp 2.8.22-1ubuntu0.1~esm2 Available with Ubuntu Pro libgimp2.0 2.8.22-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS gimp 2.8.16-1ubuntu1.1+esm2 Available with Ubuntu Pro libgimp2.0 2.8.16-1ubuntu1.1+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8075-1 CVE-2025-10934, CVE-2025-14422, CVE-2025-2760, CVE-2025-48797, CVE-2025-48798 . Multiple security issues fixed in GIMP impacting Ubuntu 24.04, 22.04, 20.04, 18.04, and 16.04 LTS releases. Updates recommended.. GIMP security issues, Ubuntu security updates, GIMP vulnerabilities, software patching, Linux application security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 04, 2026 Critical Ubuntu
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity updateSuSE

SUSE Linux Enterprise Server Low openjpeg2 Security Risk CVE-2023-39327

An update that solves one vulnerability can now be installed.. # Security update for openjpeg2 Announcement ID: SUSE-SU-2026:0320-1 Release Date: 2026-01-28T14:40:10Z Rating: low References: * bsc#1227412 Cross-References: * CVE-2023-39327 CVSS scores: * CVE-2023-39327 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-39327 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-39327 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openjpeg2 fixes the following issues: * CVE-2023-39327: Fixed malicious files can cause a large loop that continuously prints warning messages on the terminal (bsc#1227412). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-320=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libopenjp2-7-2.1.0-4.27.1 * libopenjp2-7-debuginfo-2.1.0-4.27.1 * openjpeg2-debuginfo-2.1.0-4.27.1 * openjpeg2-debugsource-2.1.0-4.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39327.html * https://bugzilla.suse.com/show_bug.cgi?id=1227412 . An update for openjpeg2 addressing one low-rated security issue is now available for SUSE users. Upgrade now for better protection.. openjpeg2 security update Linux patches SUSE advisory. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Jan 28, 2026 Low SuSE
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateupdate

Mageia 8 MGASA-2022-0292 Moderate: Teeworlds Code Execution Threat

Code execution via malicious map file (CVE-2021-43518) References: - https://bugs.mageia.org/show_bug.cgi?id=30717 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/JIYZ7EVY6NZBM7FQF6GVUARYO6MKSEAT/ . MGASA-2022-0292 - Updated teeworlds packages fix security vulnerability Publication date: 20 Aug 2022 URL: https://advisories.mageia.org/MGASA-2022-0292.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-43518 Code execution via malicious map file (CVE-2021-43518) References: - https://bugs.mageia.org/show_bug.cgi?id=30717 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/JIYZ7EVY6NZBM7FQF6GVUARYO6MKSEAT/ - https://www.cve.org/CVERecord?id=CVE-2021-43518 SRPMS: - 8/core/teeworlds-0.7.5-1.1.mga8 . Mageia 2022-0293 rolls out teeworlds update to address remote code execution risk from compromised map files. In-depth information accessible.. Code Execution, Mageia Security, Teeworlds Update, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 20, 2022 Important Mageia
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateupdate

Mageia 8 MGASA-2022-0238 Moderate: Exo Malicious Desktop File Threat

MGASA-2022-0238 - Updated exo packages fix security vulnerability Publication date: 24 Jun 2022 URL: https://advisories.mageia.org/MGASA-2022-0238.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-32278 Changed to prevent executing possibly malicious .desktop files from online sources ( http:// etc.). References: - https://bugs.mageia.org/show_bug.cgi?id=30540 - https://gitlab.xfce.org/xfce/exo/-/commit/cc047717c3b5efded2cc7bd419c41a3d1f1e48b6 - https://www.cve.org/CVERecord?id=CVE-2022-32278 SRPMS: - 8/core/exo-4.16.0-1.1.mga8 . Changed to prevent executing possibly malicious .desktop files from online sources ( http:// etc.). References: - https://bugs.mageia.org/show_bug.cgi?id=30540 . Mageia security bulletin MGASA-2022-0238 outlines exo enhancements aimed at thwarting the execution of harmful desktop files.. Mageia Exo Update, Security Advisory, Malicious Files Prevention. . LinuxSecurity.com Team

Calendar 2 Jun 24, 2022 Mageia
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryXSSDebian

Debian: DLA-2432-1 Moderate: Jupyter Notebook XSS Threats and Fixes

Several vulnerabilities have been discovered in jupyter-notebook. CVE-2018-8768 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2432-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Abhijith PA November 19, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : jupyter-notebook Version : 4.2.3-4+deb9u1 CVE ID : CVE-2018-8768 CVE-2018-19351 CVE-2018-21030 Debian Bug : 893436 917409 Several vulnerabilities have been discovered in jupyter-notebook. CVE-2018-8768 A maliciously forged notebook file can bypass sanitization to execute Javascript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous. CVE-2018-19351 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. CVE-2018-21030 jupyter-notebook does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document. For Debian 9 stretch, these problems have been fixed in version 4.2.3-4+deb9u1. We recommend that you upgrade your jupyter-notebook packages. For the detailed security status of jupyter-notebook please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/jupyter-notebook Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhancing your Debian system's security is vital; upgrade the jupyter-notebook package to address XSS vulnerabilities in advisory DLA-2432-1, following specific steps.. Debian Security, Jupyter-Notebook Update, XSS Protection, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Nov 19, 2020 Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceubuntu

Ubuntu 20.04: USN-4418-1 Critical: openexr Denial Of Service Issues

OpenEXR could be made to crash or run programs if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-4418-1 July 06, 2020 openexr vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: OpenEXR could be made to crash or run programs if it opened a specially crafted file. Software Description: - openexr: tools for the OpenEXR image format Details: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libopenexr24 2.3.0-6ubuntu0.2 openexr 2.3.0-6ubuntu0.2 Ubuntu 19.10: libopenexr23 2.2.1-4.1ubuntu1.2 openexr 2.2.1-4.1ubuntu1.2 Ubuntu 18.04 LTS: libopenexr22 2.2.0-11.1ubuntu1.3 openexr 2.2.0-11.1ubuntu1.3 Ubuntu 16.04 LTS: libopenexr22 2.2.0-10ubuntu2.3 openexr 2.2.0-10ubuntu2.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4418-1 CVE-2020-15305, CVE-2020-15306 Package Information: https://launchpad.net/ubuntu/+source/openexr/2.3.0-6ubuntu0.2 https://launchpad.net/ubuntu/+source/openexr/2.2.1-4.1ubuntu1.2 https://launchpad.net/ubuntu/+source/openexr/2.2.0-11.1ubuntu1.3 https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.3 . Ubuntu Security Notice USN-4420-1 highlights vulnerabilitiesin the OpenSSL package that may result in crashes or potential unauthorized code execution.. OpenEXR Issues, Ubuntu Security Notice, Denial Of Service, Image File Exploit. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 06, 2020 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdateDebian

Debian 8: DLA-2226-1 Critical: GStreamer Plugin Memory Issues

Two memory management issues were found in the asfdemux element of the GStreamer "ugly" plugin collection, which can be triggered via a maliciously crafted file. . Package : gst-plugins-ugly0.10 Version : 0.10.19-2.1+deb8u1 CVE ID : CVE-2017-5846 CVE-2017-5847 Two memory management issues were found in the asfdemux element of the GStreamer "ugly" plugin collection, which can be triggered via a maliciously crafted file. For Debian 8 "Jessie", these problems have been fixed in version 0.10.19-2.1+deb8u1. We recommend that you upgrade your gst-plugins-ugly0.10 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Significant flaws in GStreamer "ugly" plugin identified and resolved with recent patch. Users are encouraged to update for improved protection.. GStreamer Plugin Update, Debian Security Fix, Memory Management Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 30, 2020 Critical Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracode execution

Fedora 30: FEDORA-2019-48b691092f Critical: kf5-kconfig Code Execution

Backport upstream fix for CVE-2019-14744 security issue.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-48b691092f 2019-08-13 01:01:16.243669 --------------------------------------------------------------------------------Name : kf5-kconfig Product : Fedora 30 Version : 5.59.0 Release : 1.fc30.1 URL : Summary : KDE Frameworks 5 Tier 1 addon with advanced configuration system Description : KDE Frameworks 5 Tier 1 addon with advanced configuration system made of two parts: KConfigCore and KConfigGui. --------------------------------------------------------------------------------Update Information: Backport upstream fix for CVE-2019-14744 security issue. --------------------------------------------------------------------------------ChangeLog: * Thu Aug 8 2019 Rex Dieter - 5.59.0-1.1 - (branch backport) upstream fix for CVE-2019-14744 (#1738901) * Thu Jun 6 2019 Rex Dieter - 5.59.0-1 - 5.59.0 * Tue May 7 2019 Rex Dieter - 5.58.0-1 - 5.58.0 * Tue Apr 9 2019 Rex Dieter - 5.57.0-1 - 5.57.0 * Tue Mar 5 2019 Rex Dieter - 5.56.0-1 - 5.56.0 --------------------------------------------------------------------------------References: [ 1 ] Bug #1738901 - kconfig: malicious .desktop files (and others) would execute code https://bugzilla.redhat.com/show_bug.cgi?id=1738901 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-48b691092f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Apply upstream patch for kf5-kconfig in Fedora to mitigate security vulnerability associated with harmful .desktop files that could trigger unauthorized code execution.. kf5-kconfig update, Fedora fix, malware execution risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 12, 2019 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here