Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":550,"type":"x","order":1,"pct":78.57,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.29,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of serviceDebian

Debian 10 Buster DLA-3432-1 Moderate: Python2.7 Command Injection

Multiple security issues were discovered in Python, an interactive high-level object-oriented language. An attacker may cause command injection, denial of service (DoS), request smuggling and port scanning. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3432-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Sylvain Beucler May 24, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : python2.7 Version : 2.7.16-2+deb10u2 CVE ID : CVE-2015-20107 CVE-2019-20907 CVE-2020-8492 CVE-2020-26116 CVE-2021-3177 CVE-2021-3733 CVE-2021-3737 CVE-2021-4189 CVE-2022-45061 Debian Bug : 970099 Multiple security issues were discovered in Python, an interactive high-level object-oriented language. An attacker may cause command injection, denial of service (DoS), request smuggling and port scanning. CVE-2015-20107 The mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). CVE-2019-20907 In Lib/tarfile.py, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. CVE-2020-8492 Python allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. CVE-2020-26116 http.client allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. CVE-2021-3177 Pythonhas a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. CVE-2021-3733 There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. CVE-2021-3737 An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. CVE-2021-4189 The FTP (File Transfer Protocol) client library in PASV (passive) mode trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports. For the rare user who wants the previous behavior, set a `trust_server_pasv_ipv4_address` attribute on your `ftplib.FTP` instance to True. CVE-2022-45061 An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. For Debian 10 buster, these problems have been fixed in version 2.7.16-2+deb10u2. We recommend that you upgrade your python2.7 packages. For the detailed security status of python2.7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python2.7 Further information about Debian LTS security advisories, howto apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Various vulnerabilities within Python could give rise to command injection, denial of service, HTTP request smuggling, and unauthorized port scanning threats.. Debian Python Security Issues, Python Update Advisory, Python 2.7 Security Fix. . LinuxSecurity.com Team

Calendar 2 May 24, 2023 Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora Core 5

Fedora Core 5: FEDORA-2007-552 Critical SeaMonkey Crash Risk

Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. . ---------------------------------------------------------------------Fedora Update Notification FEDORA-2007-552 2007-05-31 ---------------------------------------------------------------------Product : Fedora Core 5 Name : epiphany Version : 2.14.3 Release : 6.fc5 Summary : GNOME web browser based on the Mozilla rendering engine Description : epiphany is a simple GNOME web browser based on the Mozilla rendering engine ---------------------------------------------------------------------Update Information: Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way SeaMonkey handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way SeaMonkey handled certain form and cookie data. A malicious web site that is ableto set arbitrary form and cookie data could prevent SeaMonkey from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way SeaMonkey processed certain APOP authentication requests. By sending certain responses when SeaMonkey attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way SeaMonkey handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.9 that corrects these issues. ---------------------------------------------------------------------* Wed May 30 2007 Christopher Aillon - 2.14.3-6 - Rebuild * Wed May 30 2007 Christopher Aillon - 2.14.3-5 - Rebuild against newer gecko * Fri Feb 16 2007 Martin Stransky - 2.14.3-4 - Rebuild against seamonkey * Fri Dec 22 2006 Martin Stransky - 2.14.3-3 - Rebuild against seamonkey * Mon Nov 13 2006 Martin Stransky - 2.14.3-2 - Rebuild against seamonkey * Wed Aug 2 2006 Matthias Clasen - 2.14.3-1.fc5 - Update to 2.14.3 * Mon May 29 2006 Matthias Clasen - 2.14.2.1-1.fc5.1 - Update to 2.14.2.1 * Sun May 28 2006 Matthias Clasen - 2.14.2-1.fc5.1 - Update to 2.14.2 ---------------------------------------------------------------------This update can be downloaded from: 94e424f06c19e031e3109a8eb60e4b06a21150e1 SRPMS/epiphany-2.14.3-6.fc5.src.rpm 94e424f06c19e031e3109a8eb60e4b06a21150e1 noarch/epiphany-2.14.3-6.fc5.src.rpm cb00b48656ebce8c804da1e435a15a2d0d07b6c8 ppc/epiphany-devel-2.14.3-6.fc5.ppc.rpm 3be5508ee511b4d3a76db1cb3cb9c65906fb178d ppc/debug/epiphany-debuginfo-2.14.3-6.fc5.ppc.rpm 8f746eb98b829762540f84bfde2599673c78f244 ppc/epiphany-2.14.3-6.fc5.ppc.rpm 748204683e71dd180486e7a2e66fd2b780739aeb x86_64/epiphany-2.14.3-6.fc5.x86_64.rpm b5addc6b7fbc5cd7db3ffd3bc8eb2ce4efdc4ca1 x86_64/debug/epiphany-debuginfo-2.14.3-6.fc5.x86_64.rpm fc517c37d0e8819689d09f24bc04e9e61c5fd144 x86_64/epiphany-devel-2.14.3-6.fc5.x86_64.rpm e267e1f20bcbbece8041628eb3ac303ec4b64215 i386/epiphany-devel-2.14.3-6.fc5.i386.rpm 0f5b95ac2b08cc945b6efae6b815fdd2167bef6e i386/epiphany-2.14.3-6.fc5.i386.rpm c5479884c86dc5cbf5e4b55839f4b24a20714dda i386/debug/epiphany-debuginfo-2.14.3-6.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ---------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Stay informed on the important SeaMonkey security patch in Fedora Core 5, addressing several weaknesses to enhance overall system protection.. SeaMonkey Update,Fedora Core 5 Security,JavaScript Flaws,Critical Security Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 31, 2007 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":550,"type":"x","order":1,"pct":78.57,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.29,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here