Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentookdelibs

Gentoo: GLSA-200412-16 Normal: kdelibs Password Disclosure Threat

kdelibs and kdebase contain a flaw allowing password disclosure when creating a link to a remote file. Furthermore Konqueror is vulnerable to window injection. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200412-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: kdelibs, kdebase: Multiple vulnerabilities Date: December 19, 2004 Bugs: #72804, #73869 ID: 200412-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= kdelibs and kdebase contain a flaw allowing password disclosure when creating a link to a remote file. Furthermore Konqueror is vulnerable to window injection. Background ========= KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. The KDE core libraries (kdebase and kdelibs) provide native support for many protocols. Konqueror is the KDE web browser and filemanager. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 kde-base/kdelibs < 3.3.2-r1 *> = 3.2.3-r4 *> = 3.3.1-r2 > = 3.3.2-r1 2 kde-base/kdebase < 3.3.2-r1 *> = 3.2.3-r3 *> = 3.3.1-r2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== DanielFabian discovered that the KDE core libraries contain a flaw allowing password disclosure by making a link to a remote file. When creating this link, the resulting URL contains authentication credentials used to access the remote file (CAN 2004-1171). The Konqueror webbrowser allows websites to load webpages into a window or tab currently used by another website (CAN-2004-1158). Impact ===== A malicious user could have access to the authentication credentials of other users depending on the file permissions. A malicious website could use the window injection vulnerability to load content in a window apparently belonging to another website. Workaround ========= There is no known workaround at this time. Resolution ========= All kdelibs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =kde-base/kdelibs-3.2.3-r4" All kdebase users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =kde-base/kdebase-3.2.3-r3" References ========= [ 1 ] KDE Security Advisory: plain text password exposure https://kde.org/info/security/advisory-20041209-1.txt [ 2 ] CAN 2004-1171 https://www.cve.org/CVERecord?id=CAN-2004-1171 [ 3 ] KDE Security Advisory: Konqueror Window Injection Vulnerability https://kde.org/info/security/advisory-20041213-1.txt [ 4 ] CAN 2004-1158 https://www.cve.org/CVERecord?id=CAN-2004-1158 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200412-16 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this documentare licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Various vulnerabilities detected in kdelibs and kdebase packages on Gentoo Linux, impacting password management and web browser functionalities.. kdebase vulnerabilities, security updates, gentoo security advisory, kde vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Dec 19, 2004 Gentoo
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity fixFedora Core

Fedora Core 2: FEDORA-2004-549 Moderate: Window Injection Fix

apply the patch to fix Konqueror Window Injection Vulnerability #142510 CAN-2004-1158, Thanks to KDE security team. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-549 2004-12-15 ---------------------------------------------------------------------Product : Fedora Core 2 Name : kdebase Version : 3.2.2 Release : 8.FC2 Summary : K Desktop Environment - core files Description : Core applications for the K Desktop Environment. Included are: kdm (replacement for xdm), kwin (window manager), konqueror (filemanager, web browser, ftp client, ...), konsole (xterm replacement), kpanel (application starter and desktop pager), kaudio (audio server), kdehelp (viewer for kde help files, info and man pages), kthememgr (system for managing alternate theme packages) plus other KDE components (kcheckpass, kikbd, kscreensaver, kcontrol, kfind, kfontmanager, kmenuedit). ---------------------------------------------------------------------* Tue Dec 14 2004 Than Ngo 3.2.2-8.FC2 - apply the patch to fix Konqueror Window Injection Vulnerability #142510 CAN-2004-1158, Thanks to KDE security team - Security Advisory: plain text password exposure, #142487 thanks to KDE security team * Tue Sep 28 2004 Than Ngo 6:3.2.2-7.FC2 - fix kdm autologin problem ---------------------------------------------------------------------This update can be downloaded from: 3efbab61a1a929cf42732ead201d5244 SRPMS/kdebase-3.2.2-8.FC2.src.rpm 316c019c5acfbf626e170a20d529d7df x86_64/kdebase-3.2.2-8.FC2.x86_64.rpm b304cd2c4910222e456768dd8feb89c5 x86_64/kdebase-devel-3.2.2-8.FC2.x86_64.rpm 9ecdc3f2989ba6063be9005b5fefa906 x86_64/debug/kdebase-debuginfo-3.2.2-8.FC2.x86_64.rpm 6576f7f1f3023fc528fad69d6b8d8774 i386/kdebase-3.2.2-8.FC2.i386.rpm e1bb8c5ec97116ae1f8a013397047a6c i386/kdebase-devel-3.2.2-8.FC2.i386.rpm 051e29caeac61ccb91eb463b09dad4ff i386/debug/kdebase-debuginfo-3.2.2-8.FC2.i386.rpm This update canalso be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Tackling the Konqueror window exploit concern in Fedora Core 2 through a modification and teamwork with the KDE developers.. Fedora Core,kdebase,window injection,security patch,KDE. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 15, 2004 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora Core 3: FEDORA-2004-552 Moderate: Konqueror Window Injection

apply the patch to fix Konqueror Window Injection Vulnerability #142510 CAN-2004-1158, Thanks to KDE security team. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-551 2004-12-15 ---------------------------------------------------------------------Product : Fedora Core 3 Name : kdebase Version : 3.3.1 Release : 4.3.FC3 Summary : K Desktop Environment - core files Description : Core applications for the K Desktop Environment. Included are: kdm (replacement for xdm), kwin (window manager), konqueror (filemanager, web browser, ftp client, ...), konsole (xterm replacement), kpanel (application starter and desktop pager), kaudio (audio server), kdehelp (viewer for kde help files, info and man pages), kthememgr (system for managing alternate theme packages) plus other KDE components (kcheckpass, kikbd, kscreensaver, kcontrol, kfind, kfontmanager, kmenuedit). ---------------------------------------------------------------------* Tue Dec 14 2004 Than Ngo 6:3.3.1-4.3.FC3 - apply the patch to fix Konqueror Window Injection Vulnerability #142510 CAN-2004-1158, Thanks to KDE security team * Fri Dec 10 2004 Than Ngo 6:3.3.1-4.2.FC3 - Security Advisory: plain text password exposure, thanks to KDE security team - the existing icon is lost, add patch to fix this problem #140196 - add patch to fix kfind hang on search #137582 - rebuild against samba-3.0.9 #139894 - add CVS patch to fix konqueror crash by dragging some text over the navigation panel - fix rpm conflict - apply patch number 86 - add patch to fix man page problem konqueror, thanks to Andy Shevchenko ---------------------------------------------------------------------This update can be downloaded from: a05c751d27d38dc2f54f297987ec96d8 SRPMS/kdebase-3.3.1-4.3.FC3.src.rpm d531ea7c518cf744983b7c75b69a3137 x86_64/kdebase-3.3.1-4.3.FC3.x86_64.rpm 252f98e2cf2f65fd190ac78631c9f65a x86_64/kdebase-devel-3.3.1-4.3.FC3.x86_64.rpm 703790e302b58087da97f032cb6e11fd x86_64/debug/kdebase-debuginfo-3.3.1-4.3.FC3.x86_64.rpm e827539910597bf6168f3ce0a526fc2f x86_64/kdebase-3.3.1-4.3.FC3.i386.rpm e827539910597bf6168f3ce0a526fc2f i386/kdebase-3.3.1-4.3.FC3.i386.rpm 6fc187ec61495e12ed30bfaf8480b44f i386/kdebase-devel-3.3.1-4.3.FC3.i386.rpm 3805e0b6ea438763b5af399dfa362da8 i386/debug/kdebase-debuginfo-3.3.1-4.3.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Solutions addressing the Konqueror Window Injection vulnerability within Fedora Core 3 are outlined in this security notice.. Konqueror Patch, Fedora Core 3, KDE Applications Security. . LinuxSecurity.com Team

Calendar 2 Dec 15, 2004 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora Core 2: 2004-548 Critical: Kdelibs Konqueror Window Injection

apply the patch to fix Konqueror Window Injection Vulnerability #142510 CAN-2004-1158, Thanks to KDE security team. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-548 2004-12-15 ---------------------------------------------------------------------Product : Fedora Core 2 Name : kdelibs Version : 3.2.2 Release : 10.FC2 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ---------------------------------------------------------------------* Tue Dec 14 2004 Than Ngo 6:3.2.2-10.FC2 - apply the patch to fix Konqueror Window Injection Vulnerability #142510 CAN-2004-1158, Thanks to KDE security team - Security Advisory: plain text password exposure, #142487 thanks to KDE security team * Tue Sep 07 2004 Than Ngo 6:3.2.2-9.FC2 - add patch to fix KDE trash always full #122988 ---------------------------------------------------------------------This update can be downloaded from: a71156da214c98e58ec8065c7fd0d378 SRPMS/kdelibs-3.2.2-10.FC2.src.rpm b87bee65deb50824d5c4d659aca90450 x86_64/kdelibs-3.2.2-10.FC2.x86_64.rpm 091d9853210c8d26ca66afd3ed8e1af6 x86_64/kdelibs-devel-3.2.2-10.FC2.x86_64.rpm 8d69d736224434297b9538c25b81ea40 x86_64/debug/kdelibs-debuginfo-3.2.2-10.FC2.x86_64.rpm ae3959aa2b17e3ffafed72f38e26e389 i386/kdelibs-3.2.2-10.FC2.i386.rpm 314a2e486a60189c6e35ee9efeeea90d i386/kdelibs-devel-3.2.2-10.FC2.i386.rpm 33b6620f014e01184fceba8b333c2b27 i386/debug/kdelibs-debuginfo-3.2.2-10.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date'command. -----------------------------------------------------------------------fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora Core 2 has issued a critical security update for Konqueror to fix a window injection vulnerability that risks unauthorized script execution in user sessions. KDE Libraries Fix,Fedora Core 2 Update,Window Injection Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 15, 2004 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here