Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryremote code executioncritical severity

Arch Linux: 201803-22 Critical: Thunderbird Remote Code Exec Issues

The package thunderbird before version 52.7.0-1 is vulnerable to multiple issues including arbitrary code execution and access restriction bypass. . Arch Linux Security Advisory ASA-201803-22 ========================================= Severity: Critical Date : 2018-03-24 CVE-ID : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-663 Summary ====== The package thunderbird before version 52.7.0-1 is vulnerable to multiple issues including arbitrary code execution and access restriction bypass. Resolution ========= Upgrade to 52.7.0-1. # pacman -Syu "thunderbird> =52.7.0-1" The problems have been fixed upstream in version 52.7.0. Workaround ========= None. Description ========== - CVE-2018-5125 (arbitrary code execution) Various memory safety bugs have been found in Thunderbird < 52.7.0 and Firefox < 59.0, some of them presenting evidence of memory corruption. Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code. - CVE-2018-5127 (arbitrary code execution) A buffer overflow can occur in Thunderbird < 52.7.0 when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash. - CVE-2018-5129 (access restriction bypass) A lack of parameter validation on IPC messages results in a potential out-of-bounds write in Thunderbird < 52.7.0, through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. - CVE-2018-5144 (arbitrary code execution) An integer overflow can occur during conversion of text to some Unicode character sets in Thunderbird < 52.7.0, due to an unchecked length parameter. - CVE-2018-5145 (arbitrary code execution) Various memory safety bugs have been found in Thunderbird < 52.7.0, some of them presenting evidence of memorycorruption. Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code. - CVE-2018-5146 (arbitrary code execution) An out of bounds memory write vulnerability has been discovered in libvorbis before 1.3.6 while processing Vorbis audio data related to codebooks that are not an exact divisor of the partition size. Impact ===== A remote attacker might be able to bypass the sandbox and execute arbitrary code on the affected host via a crafted page containing an SVG object, a Vorbis audio file or some unicode characters. These issues can generally not be exploited through email because scripting is then disabled, but can be exploited in browser-like contexts. References ========= https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/#CVE-2018-5125 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520 https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/#CVE-2018-5127 https://bugzilla.mozilla.org/show_bug.cgi?id=1430557 https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/#CVE-2018-5129 https://bugzilla.mozilla.org/show_bug.cgi?id=1428947 https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/#CVE-2018-5144 https://bugzilla.mozilla.org/show_bug.cgi?id=1440926 https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/#CVE-2018-5145 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1261175%2C1348955 https://github.com/xiph/vorbis/commit/667ceb4aab60c1f74060143bb24e5f427b3cce5f https://seclists.org/oss-sec/2018/q1/243 https://security.archlinux.org/CVE-2018-5125 https://security.archlinux.org/CVE-2018-5127 https://security.archlinux.org/CVE-2018-5129 https://security.archlinux.org/CVE-2018-5144 https://security.archlinux.org/CVE-2018-5145 https://security.archlinux.org/CVE-2018-5146 . Arch Linux Security Notice highlights seriousvulnerabilities in Thunderbird, including significant risks such as potential remote code execution.. Arch Linux, Thunderbird, Security Advisory, Remote Code Execution, Critical Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 25, 2018 Critical ArchLinux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here