Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryUbuntuimportant

Ubuntu 26.04 YARD Important Network Exposure Vulnerability USN-8394-1

YARD could be made to expose sensitive information over the network.. ========================================================================== Ubuntu Security Notice USN-8394-1 June 05, 2026 yard vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: YARD could be made to expose sensitive information over the network. Software Description: - yard: A documentation generation tool for the Ruby programming language Details: It was discovered that YARD incorrectly sanitized paths in its built-in documentation server. An attacker could possibly use this issue to read arbitrary files from the server host. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS yard 0.9.38-1ubuntu0.1~esm1 Available with Ubuntu Pro yard-doc 0.9.38-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 24.04 LTS yard 0.9.36-1ubuntu0.1~esm1 Available with Ubuntu Pro yard-doc 0.9.36-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS yard 0.9.26-1ubuntu0.1+esm1 Available with Ubuntu Pro yard-doc 0.9.26-1ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS yard 0.9.24-1+deb11u1ubuntu0.1~esm1 Available with Ubuntu Pro yard-doc 0.9.24-1+deb11u1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS yard 0.9.12-2ubuntu0.1~esm2 Available with Ubuntu Pro yard-doc 0.9.12-2ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS yard 0.8.7.6+git20160220-3ubuntu0.1~esm2 Available with Ubuntu Pro yard-doc 0.8.7.6+git20160220-3ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8394-1 CVE-2026-41493 . YARD on Ubuntu might expose sensitive data over the network, requiring updates to prevent information leaks and secure systems.. Ubuntu security, YARD vulnerability, network exposure, Linux updates, sensitive data. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 05, 2026 Important Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatecross-site scripting

Fedora 39, 38: USN-6742-1 Low: Directory Traversal Vulnerability

Several security issues were fixed in yard.. ========================================================================== Ubuntu Security Notice USN-6731-1 April 15, 2024 yard vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in yard. Software Description: - yard: Ruby documentation tool Details: It was discovered that YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17042) It was discovered that yard before 0.9.20 is affected by a path traversal vulnerability, allowing HTTP requests to access arbitrary files under certain conditions. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1020001) Aviv Keller discovered that the "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. (CVE-2024-27285) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: yard 0.9.28-2ubuntu0.1 Ubuntu 22.04 LTS: yard 0.9.26-1ubuntu0.1 Ubuntu 20.04 LTS: yard 0.9.24-1+deb11u1build0.20.04.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): yard 0.9.12-2ubuntu0.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): yard 0.8.7.6+git20160220-3ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6731-1 CVE-2017-17042, CVE-2019-1020001, CVE-2024-27285 Package Information: https://launchpad.net/ubuntu/+source/yard/0.9.26-1ubuntu0.1 https://launchpad.net/ubuntu/+source/yard/0.9.24-1+deb11u1build0.20.04.1 . Various vulnerabilities in Ubuntu addressed through updates across numerous versions. Ensure your system's safety!. Yard Security Updates, Ubuntu Security Advisory, Cross-Site Scripting Threats. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Apr 15, 2024 Low Ubuntu
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalsoftware update

Debian 10: DLA-3753-1 Critical: Yard Path Traversal and XSS Fix

Two vulnerabilities were fixed in YARD, a documentation tool for the Ruby programming laguage. CVE-2019-1020001 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3753-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk March 06, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : yard Version : 0.9.16-1+deb10u1 CVE ID : CVE-2019-1020001 CVE-2024-27285 Debian Bug : 945369 1065118 Two vulnerabilities were fixed in YARD, a documentation tool for the Ruby programming laguage. CVE-2019-1020001 Arbitrary path traversal and file access in yard server CVE-2024-27285 Cross-Site Scripting in generated frames.html For Debian 10 buster, these problems have been fixed in version 0.9.16-1+deb10u1. We recommend that you upgrade your yard packages. For the detailed security status of yard please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/yard Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A pair of security flaws in YARD addressed in Debian LTS DLA-3753-2. It is advised to upgrade to version 0.9.16-1+deb10u2.. Debian Security Advisory, YARD Tool, Ruby Documentation, XSS Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 06, 2024 Critical Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian DSA-5635-1 Critical: YARD Cross-Site Script Risk

Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5635-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 04, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : yard CVE ID : CVE-2024-27285 Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting. For the oldstable distribution (bullseye), this problem has been fixed in version 0.9.24-1+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 0.9.28-2+deb12u2. We recommend that you upgrade your yard packages. For the detailed security status of yard please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/yard Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance repository distributions for Ubuntu to resolve severe cross-site scripting vulnerabilities identified in index.php.. Yard Security, Debian Update, Cross-Site Scripting. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 04, 2024 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here