Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryhigh severityservice availability

Mageia 8: MGASA-2021-0339 High: Avahi Service Crash Threat

A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability (CVE-2021-3502). . MGASA-2021-0339 - Updated avahi packages fix a security vulnerability Publication date: 10 Jul 2021 URL: https://advisories.mageia.org/MGASA-2021-0339.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-3502 A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability (CVE-2021-3502). References: - https://bugs.mageia.org/show_bug.cgi?id=29239 - https://ubuntu.com/security/notices/USN-5008-1 - https://www.cve.org/CVERecord?id=CVE-2021-3502 SRPMS: - 8/core/avahi-0.8-6.2.mga8 . Recent updates to avahi packages rectify a security vulnerability, significant for system stability. Discover the specifics of the correction and its potential impact.. Mageia Update, Avahi Security Fix, Service Availability Issue. . LinuxSecurity.com Team

Calendar 2 Jul 10, 2021 Mageia
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldata confidentiality

Debian 9 LTS: DLA-2672-1 Critical Libwebp Security Issues

Multiple security issues have been discovered in libwebp CVE-2018-25009 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2677-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Anton Gladky June 05, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libwebp Version : 0.5.2-1+deb9u1 CVE ID : CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 Multiple security issues have been discovered in libwebp CVE-2018-25009 An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25010 An out-of-bounds read was found in function ApplyFilter. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25011 A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2018-25012 An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25013 An out-of-bounds read was found in function ShiftBytes. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25014 An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-36328 A heap-based buffer overflow in function WebPDecodeRGBInto is possible due toan invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-36329 A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-36330 An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2020-36331 An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. For Debian 9 stretch, these problems have been fixed in version 0.5.2-1+deb9u1. We recommend that you upgrade your libwebp packages. For the detailed security status of libwebp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libwebp Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Significant libwebp security flaws resulted in risks to data integrity and service reliability. Ensure you update to resolve all identified vulnerabilities.. libwebp Security, Debian LTS, Data Integrity Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 05, 2021 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severityremote

Arch Linux: ASA-201504-7 High: Multiple Tor Service Issues

The package tor before version 0.2.5.12-1 is vulnerable against multiple issues. . Arch Linux Security Advisory ASA-201504-7 ======================================== Severity: high Date : 2015-04-07 CVE-ID : CVE-2015-2928 CVE-2015-2929 Package : tor Type : multiple issues Remote : yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package tor before version 0.2.5.12-1 is vulnerable against multiple issues. Resolution ========= Upgrade to 0.2.5.12-1 # pacman -Syu "tor> =0.2.5.12-1" The problem has been fixed upstream in version 0.2.5.12. Workaround ========= None. Description ========== CVE-2015-2928 "disgleirio" discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible. CVE-2015-2929 "DonnchaC" discovered that Tor clients would crash with an assertion failure upon parsing specially crafted hidden service descriptors. Impact ===== An attacker could crash a Tor client or could make a Tor service inaccessible. References ========= https://gitlab.torproject.org/legacy/trac/-/issues/15600 https://gitlab.torproject.org/legacy/trac/-/issues/15601 https://seclists.org/oss-sec/2015/q2/56 . Critical alert ASA-202210-4 for CentOS identifies various vulnerabilities present in OpenSSL before version 1.1.1k-2.. Arch Linux, Tor Service, Security Advisory, High Severity, Package Issue. . LinuxSecurity.com Team

Calendar 2 Apr 07, 2015 ArchLinux
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of serviceFedora

Fedora Core 6 HTTPD-2.2.4 Critical Advisory: DoS Threats Introduced

The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). This issue is not exploitable on Fedora if using the default SELinux targeted policy. . ---------------------------------------------------------------------Fedora Update Notification FEDORA-2007-615 2007-07-12 ---------------------------------------------------------------------Product : Fedora Core 6 Name : httpd Version : 2.2.4 Release : 2.1.fc6 Summary : Apache HTTP Server Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. ---------------------------------------------------------------------Update Information: The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). This issue is not exploitable on Fedora if using the default SELinux targeted policy. A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Fedora the server-status page is not enabled by default and it is best practice to not make this publicly available. (CVE-2006-5752) A bug was found in the Apache HTTP Server mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-1863) A bug was found in themod_mem_cache module. On sites where caching is enabled using this module, an information leak could occur which revealed portions of sensitive memory to remote users. (CVE-2007-1862) ---------------------------------------------------------------------* Tue Jun 26 2007 Joe Orton 2.2.4-2.1.fc6 - add security fixes for CVE-2006-5752, CVE-2007-1862, CVE-2007-1863, CVE-2007-3304 (#244660) ---------------------------------------------------------------------This update can be downloaded from: 644a6b15c8d2c633da122bc25184decf0cd47717 SRPMS/httpd-2.2.4-2.1.fc6.src.rpm 644a6b15c8d2c633da122bc25184decf0cd47717 noarch/httpd-2.2.4-2.1.fc6.src.rpm dbf3dab67955777b7611cb216a96ae107da1e548 ppc/httpd-devel-2.2.4-2.1.fc6.ppc.rpm 271b1f9457d76b225c581b27325efe088ed18984 ppc/httpd-2.2.4-2.1.fc6.ppc.rpm 114fba48de2b98c1b31242f45529c099e477a27b ppc/debug/httpd-debuginfo-2.2.4-2.1.fc6.ppc.rpm 72a5bddf3fe718facf0895e47a607d9d6f7622d8 ppc/httpd-manual-2.2.4-2.1.fc6.ppc.rpm f60d7eaa5304f983056440d9ffba8b8e2a0c6715 ppc/mod_ssl-2.2.4-2.1.fc6.ppc.rpm 49ae93c9afdfc4ad133af179bad5d2ffbc70e0e5 x86_64/httpd-2.2.4-2.1.fc6.x86_64.rpm d57b6b7e75013f4ddfcb525b3318393e2e7adcee x86_64/mod_ssl-2.2.4-2.1.fc6.x86_64.rpm ee074a5eaa9665def4ac0a08ddfae2c8bdf1a199 x86_64/httpd-manual-2.2.4-2.1.fc6.x86_64.rpm 34a9cc0ee135997165956da2c01400260d58f412 x86_64/httpd-devel-2.2.4-2.1.fc6.x86_64.rpm bbbb6d9db26652e2f1a36c46c0b4d319683129ab x86_64/debug/httpd-debuginfo-2.2.4-2.1.fc6.x86_64.rpm 16463f8bfda309feffea3fce12765d8c97d2cd28 i386/debug/httpd-debuginfo-2.2.4-2.1.fc6.i386.rpm 2e9c12e46c7c8cae93b36f003a091ce45767ca5b i386/httpd-devel-2.2.4-2.1.fc6.i386.rpm c977553fd17e321e9ec12b06a72d28ebb2e58ad1 i386/httpd-manual-2.2.4-2.1.fc6.i386.rpm b346b711fe4374bce467bd75dae0fc9b4dc4f211 i386/mod_ssl-2.2.4-2.1.fc6.i386.rpm 83e94c98be4cc0c5ebf11954791bf811e66a2fa8 i386/httpd-2.2.4-2.1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. Formore information, refer to 'Managing Software with yum,' available at . ---------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest patch for Nginx web server resolves significant vulnerabilities in Ubuntu 16.04 that affect data integrity and uptime.. Httpd Exploits,Fedora Updates,Apache Security,DoS Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 12, 2007 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here