Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 25.04 USN-7630-1 critical: RESTEasy denial of service

Several security issues were fixed in resteasy, resteasy3.0.. ========================================================================== Ubuntu Security Notice USN-7630-1 July 10, 2025 resteasy, resteasy3.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in resteasy, resteasy3.0. Software Description: - resteasy: A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications - resteasy3.0: A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications Details: It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6345) It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by default. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6346) It was discovered that RESTEasy improperly made use of unsanitized data while handling certain errors. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6347) It was discovered that RESTEasy enabled a vulnerable JSON manipulation module by default. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6348) It was discovered that RESTEasy enabled a vulnerable deserialization module by default. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.(CVE-2016-7050) Nikos Papadopoulos discovered that RESTEasy improperly handled URL encoding when certain errors occur. An attacker could possibly use this issue to modify the app's behavior for other users throughout the network. This issue did not affect resteasy3.0 in Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2020-10688) Mirko Selber discovered that RESTEasy improperly validated user input during HTTP response construction. An attacker could possibly use this issue to to cause a denial of service or execute arbitrary code. This issue did not affect resteasy3.0 in Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2020-1695) It was discovered that RESTEasy improperly handled receiving the WebApplicationException during a client call. An attacker could possibly use this issue to obtain potentially sensitive server information. (CVE-2020-25633) It was discovered that RESTEasy improperly populated exception responses with endpoint class and method names. An attacker could possibly use this issue to obtain potentially sensitive server information. (CVE-2021-20289) It was discovered that RESTEasy used improper permissions when creating temporary files. An attacker could possibly use this issue to get access to sensitive data. (CVE-2023-0482) It was discovered that RESTEasy improperly handled certain HTTP requests containing ASCII control characters. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-9622) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libresteasy-java 3.6.2-3ubuntu0.25.04.1 libresteasy3.0-java 3.0.26-6ubuntu0.25.04.1 Ubuntu 24.10 libresteasy3.0-java 3.0.26-6ubuntu0.24.10.1 Ubuntu 24.04 LTS libresteasy3.0-java 3.0.26-6ubuntu0.24.04.1 Ubuntu 22.04 LTS libresteasy3.0-java 3.0.26-3ubuntu0.1 Ubuntu 20.04 LTS libresteasy3.0-java 3.0.26-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libresteasy3.0-java 3.0.26-1~18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libresteasy-java 3.0.6-3ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7630-1 CVE-2016-6345, CVE-2016-6346, CVE-2016-6347, CVE-2016-6348, CVE-2016-7050, CVE-2020-10688, CVE-2020-1695, CVE-2020-25633, CVE-2021-20289, CVE-2023-0482, CVE-2024-9622 Package Information: https://launchpad.net/ubuntu/+source/resteasy/3.6.2-3ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.24.10.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-3ubuntu0.1 . Numerous vulnerabilities addressed in RESTEasy highlight severe threats to user privacy and application reliability.. RESTEasy vulnerabilities, Ubuntu security announcement, security updates, RESTful services, application security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 Critical Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianmoderate severity

Debian 9: DLA-2625-1 Moderate: Courier-Authlib Permissions Exposure

The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2625-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta April 14, 2021 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : courier-authlib Version : 0.66.4-9+deb9u1 CVE ID : CVE-2021-28374 Debian Bug : 984810 The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash). For Debian 9 stretch, this problem has been fixed in version 0.66.4-9+deb9u1. We recommend that you upgrade your courier-authlib packages. For the detailed security status of courier-authlib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/courier-authlib Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance courier-authlib to address inadequate permissions, safeguarding user information from potential risks linked to security flaws.. Debian Security, Courier Authlib Patch, Authentication Risks, User Data Protection. . LinuxSecurity.com Team

Calendar 2 Apr 14, 2021 Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymemory corruptionUbuntu

Ubuntu 12.04 LTS: USN-1608-1 Moderate: Firefox Memory Corruption

Several security issues were fixed in Firefox.. =========================================================================Ubuntu Security Notice USN-1608-1 October 11, 2012 firefox vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS Summary: Several security issues were fixed in Firefox. Software Description: - firefox: Mozilla Open Source web browser Details: It was discovered that the browser engine used in Firefox contained a memory corruption flaw. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. (CVE-2012-4191) It was discovered that Firefox allowed improper access to the Location object. An attacker could exploit this to obtain sensitive information. (CVE-2012-4192) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: firefox 16.0.1+build1-0ubuntu0.12.04.1 Ubuntu 11.10: firefox 16.0.1+build1-0ubuntu0.11.10.1 Ubuntu 11.04: firefox 16.0.1+build1-0ubuntu0.11.04.1 Ubuntu 10.04 LTS: firefox 16.0.1+build1-0ubuntu0.10.04.1 After a standard system update you need to restart Firefox to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1608-1 CVE-2012-4191, CVE-2012-4192, https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1065285 Package Information: https://launchpad.net/ubuntu/+source/firefox/16.0.1+build1-0ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/firefox/16.0.1+build1-0ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/firefox/16.0.1+build1-0ubuntu0.11.04.1 https://launchpad.net/ubuntu/+source/firefox/16.0.1+build1-0ubuntu0.10.04.1 . Ubuntu Security Notice USN-1608-1 warns of critical Firefox vulnerabilities as of October 11, 2012, urging users to update for protection against exploits.. Firefox Issues, Ubuntu Security, Memory Corruption Bug. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 11, 2012 Important Ubuntu
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorysecurity issuecritical update

ScientiLinux: CVE-2012-0442 Critical: SeaMonkey Security Flaw

Critical: seamonkey security update. Date: Wed, 1 Feb 2012 13:03:20 -0600 Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it. Sender: Security Erratfor ScientifiLinux From: This email address is being protected from spambots. You need JavaScript enabled to view it. Subject: Security ERRATA Critical: seamonkey on SL4.i386/x86_64 Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Critical: seamonkey security update IssuDate: 2012-02-01 CVE Numbers: CVE-2012-0442 CVE-2011-3670 SeaMonkey is an open sourcweb browser, e-maiand newsgrouclient, IRC chat client, and HTML editor. A flaw was found in thprocessing of malformed web contentA web page containing malicious content could causSeaMonkey tcrash or, potentially, executarbitrary codwith thprivileges of thuser running SeaMonkey(CVE-2012-0442) Thsame-origin policy in SeaMonkey treated and as interchangeableA malicious script could possibly usthis flaw tgain access tsensitivinformation (such as client's IP and user e-maiaddress, or httpOnly cookies) that may bincluded in HTTP proxy error replies, generated in responstinvalid URLs using squarbrackets(CVE-2011-3670) AlSeaMonkey users should upgradtthesupdated packages, which correct thesissuesAfter installing thupdate, SeaMonkey must brestarted for thchanges ttakeffect. SL4: i386 seamonkey-1.0.9-78.el4.i386.rpm seamonkey-chat-1.0.9-78.el4.i386.rpm seamonkey-debuginfo-1.0.9-78.el4.i386.rpm seamonkey-devel-1.0.9-78.el4.i386.rpm seamonkey-dom-inspector-1.0.9-78.el4.i386.rpm seamonkey-js-debugger-1.0.9-78.el4.i386.rpm seamonkey-mail-1.0.9-78.el4.i386.rpm x86_64 seamonkey-1.0.9-78.el4.x86_64.rpm seamonkey-chat-1.0.9-78.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-78.el4.x86_64.rpm seamonkey-devel-1.0.9-78.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-78.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-78.el4.x86_64.rpm seamonkey-mail-1.0.9-78.el4.x86_64.rpm - ScientifiLinuDevelopment Team . Urgent SeaMonkey patch for SL4 tackles significant vulnerabilities jeopardizing personal information and app reliability.. seamonkey security, critical update, scientific linux, seamonkey vulnerabilities,application flaw. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 01, 2012 Critical Scientific Linux
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here