Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 4 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of serviceSQL Injection

Debian Symfony Important SQL Injection Denial Of Service Vuln DSA-6317-1

Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a bypass of security controls, cross-site scripting, denial of service, SQL injection, email header injection, information disclosure or code execution via PHP object deserialization. For the oldstable distribution (bookworm), these problems have been fixed. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6317-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2024-50340 CVE-2026-45063 CVE-2026-45065 CVE-2026-45067 CVE-2026-45068 CVE-2026-45071 CVE-2026-45073 CVE-2026-45077 CVE-2026-45133 CVE-2026-45304 CVE-2026-45305 CVE-2026-46626 CVE-2026-48489 CVE-2026-48736 CVE-2026-48784 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a bypass of security controls, cross-site scripting, denial of service, SQL injection, email header injection, information disclosure or code execution via PHP object deserialization. For the oldstable distribution (bookworm), these problems have been fixed in version 5.4.53+dfsg-0+deb12u1. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/symfony Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Upgrade Symfony PHP framework in Debian to mitigate multiple critical vulnerabilities including SQL injection and denial of service.. Symfony Framework, Debian Security, UpgradePackages, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 01, 2026 Important Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiancross site scripting

Debian Trixie Exposes Symfony Security Vulnerabilities DSA-6312-1

Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a bypass of security controls, cross-site scripting, denial of service, SQL injection, email header injection, information disclosure or code execution via PHP object deserialization. For the stable distribution (trixie), these problems have been fixed in. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6312-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 31, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2024-50340 CVE-2026-45063 CVE-2026-45064 CVE-2026-45065 CVE-2026-45066 CVE-2026-45067 CVE-2026-45068 CVE-2026-45069 CVE-2026-45071 CVE-2026-45072 CVE-2026-45073 CVE-2026-45077 CVE-2026-45133 CVE-2026-45304 CVE-2026-45305 CVE-2026-45754 CVE-2026-46626 CVE-2026-48489 CVE-2026-48736 CVE-2026-48760 CVE-2026-48761 CVE-2026-48784 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a bypass of security controls, cross-site scripting, denial of service, SQL injection, email header injection, information disclosure or code execution via PHP object deserialization. For the stable distribution (trixie), these problems have been fixed in version 6.4.41+dfsg-0+deb13u1. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/symfony Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-6312-1 alerts about Symfonyvulnerabilities leading to security breaches and recommends updates for users.. Symfony Security Bypass, Debian DSA-6312-1 Advisory, PHP Framework Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 31, 2026 Important Debian
Banner 4 1028x280 1708121825 1771600306
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatedenial of service

Ubuntu 24.04 moderate: USN-7272-1 Symfony user access issues

Several security issues were fixed in Symfony.. ========================================================================== Ubuntu Security Notice USN-7272-1 February 18, 2025 symfony vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Symfony. Software Description: - symfony: set of reusable components and framework for web projects Details: Soner Sayakci discovered that Symfony incorrectly handled cookie storage in the web cache. An attacker could possibly use this issue to obtain sensitive information and access unauthorized resources. (CVE-2022-24894) Marco Squarcina discovered that Symfony incorrectly handled the storage of user session information. An attacker could possibly use this issue to perform a cross-site request forgery (CSRF) attack. (CVE-2022-24895) Pierre Rudloff discovered that Symfony incorrectly checked HTML input. An attacker could possibly use this issue to perform cross site scripting. (CVE-2023-46734) Vladimir Dusheyko discovered that Symfony incorrectly sanitized special input with a PHP directive in URL query strings. An attacker could possibly use this issue to expose sensitive information or cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-50340) Oleg Andreyev, Antoine Makdessi, and Moritz Rauch discovered that Symfony incorrectly handled user authentication. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. This issue was only addressed in Ubuntu 24.04 LTS. (CVE-2024-50341, CVE-2024-51996) Linus Karlsson and Chris Smith discovered that Symfony returned internal host information during host resolution. An attacker could possibly use this issue to obtain sensitive information. This issue only affectedUbuntu 24.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-50342) It was discovered that Symfony incorrectly parsed user input through regular expressions. An attacker could possibly use this issue to expose sensitive information. (CVE-2024-50343) Sam Mush discovered that Symfony incorrectly parsed URIs with special characters. An attacker could possibly use this issue to perform phishing attacks. (CVE-2024-50345) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS php-symfony 6.4.5+dfsg-3ubuntu3+esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS php-symfony 5.4.4+dfsg-1ubuntu8+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS php-symfony 4.3.8+dfsg-1ubuntu1+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7272-1 CVE-2022-24894, CVE-2022-24895, CVE-2023-46734, CVE-2024-50340, CVE-2024-50341, CVE-2024-50342, CVE-2024-50343, CVE-2024-50345, CVE-2024-51996 . Ubuntu has released vital security updates for Symfony to tackle several vulnerabilities, which compromise sensitive data and session management.. Symfony Security Updates, Ubuntu Security Notice, Web Application Threats, Software Vulnerability Management. . LinuxSecurity.com Team

Calendar 2 Feb 18, 2025 Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianauthentication issue

Debian: DSA-5813-1 Critical: Authentication Bypass in Symfony Framework

Moritz Rauch discovered that the Symfony PHP framework implemented persisted remember-me cookies incorrectly, which could result in authentication bypass. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5813-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2024-51996 Moritz Rauch discovered that the Symfony PHP framework implemented persisted remember-me cookies incorrectly, which could result in authentication bypass. For the stable distribution (bookworm), this problem has been fixed in version 5.4.23+dfsg-1+deb12u4. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/symfony Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Symfony framework is facing a vulnerability concerning remember-me cookies, which could allow unauthorized access. Immediate patching is recommended.. Symfony Framework Security, Authentication Bypass, Debian Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 15, 2024 Critical Debian
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian Bookworm: DSA-5809-1 Critical Issues in Symfony Framework

Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to privilege escalation, information disclosure, incorrect validation or an open redirect. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5809-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff November 11, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2024-50340 CVE-2024-50342 CVE-2024-50343 CVE-2024-50345 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to privilege escalation, information disclosure, incorrect validation or an open redirect. For the stable distribution (bookworm), these problems have been fixed in version 5.4.23+dfsg-1+deb12u3. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/symfony Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Numerous security flaws discovered in Symfony PHP library; urgent patch recommended for Debian users to bolster protection.. Symfony Security Update, Debian Advisory, PHP Framework Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 11, 2024 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalphp

Debian 10 Buster DLA-3664-1 Critical: Symfony XSS Issue

Pierre Rudloff discovered a potential XSS vulnerability in Symfony, a PHP framework. Some Twig filters in CodeExtension use `is_safe=html` but do not actually ensure their input is safe. Symfony now escapes the output of the affected filters. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3664-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany November 24, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : symfony Version : 3.4.22+dfsg-2+deb10u3 CVE ID : CVE-2023-46734 Debian Bug : 1055774 Pierre Rudloff discovered a potential XSS vulnerability in Symfony, a PHP framework. Some Twig filters in CodeExtension use `is_safe=html` but do not actually ensure their input is safe. Symfony now escapes the output of the affected filters. For Debian 10 buster, this problem has been fixed in version 3.4.22+dfsg-2+deb10u3. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/symfony Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3664-1 addresses critical Symfony XSS issue and provides essential patching details.. Debian LTS, Symfony Security Update, XSS Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 24, 2023 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryinformation leakcode execution

Debian 8: DLA-1999-1 Moderate: Symfony Timing Attack and Code Execution

Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. . Package : symfony Version : 2.3.21+dfsg-4+deb8u6 CVE ID : CVE-2019-18886 CVE-2019-18887 CVE-2019-18888 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian 8 "Jessie", these problems have been fixed in version 2.3.21+dfsg-4+deb8u6. We recommend that you upgrade your symfony packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Upgrade Symfony on Debian 8 to address various security vulnerabilities and bolster your system's defenses.. Symfony Framework Update, Debian Security Fix, PHP Framework Vulnerability. . LinuxSecurity.com Team

Calendar 2 Nov 18, 2019 Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianarbitrary code execution

Debian: DSA-4441-1 Critical Symfony Update For Multiple Threats

Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4441-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Sebastien Delafond May 10, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-10912 CVE-2019-10913 Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. For the stable distribution (stretch), these problems have been fixed in version 2.8.7+dfsg-1.3+deb9u2. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/symfony Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Notice DSA-4441-1 outlines various security issues in Symfony and suggests corrective measures.. Debian Security, Symfony Framework, Security Updates, PHP Framework. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 10, 2019 Critical Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here