Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 12 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysecurity issueremote code execution

Ubuntu 24.04 LTS: USN-6990-1 Moderate: znc Remote Code Execution

znc could be made to execute arbitrary code on a user's system if they were persuaded to join a malicious server.. ============================== ============================================ Ubuntu Security Notice USN-6990-1 September 04, 2024 znc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: znc could be made to execute arbitrary code on a user's system if they were persuaded to join a malicious server. Software Description: - znc: advanced modular IRC bouncer Details: Johannes Kuhn (DasBrain) discovered that znc incorrectly handled user input under certain operations. An attacker could possibly use this issue to execute arbitrary code on a user's system if the user was tricked into joining a malicious server. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS znc 1.9.0-2ubuntu0.1~esm2 Available with Ubuntu Pro znc-dev 1.9.0-2ubuntu0.1~esm2 Available with Ubuntu Pro znc-perl 1.9.0-2ubuntu0.1~esm2 Available with Ubuntu Pro znc-python 1.9.0-2ubuntu0.1~esm2 Available with Ubuntu Pro znc-tcl 1.9.0-2ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 22.04 LTS znc 1.8.2-2ubuntu0.1 znc-dev 1.8.2-2ubuntu0.1 znc-perl 1.8.2-2ubuntu0.1 znc-python 1.8.2-2ubuntu0.1 znc-tcl 1.8.2-2ubuntu0.1 Ubuntu 20.04 LTS znc 1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro znc-dev 1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro znc-perl 1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro znc-python 1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro znc-tcl 1.7.5-4ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS znc 1.6.6-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-dev 1.6.6-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-perl 1.6.6-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-python 1.6.6-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-tcl 1.6.6-1ubuntu0.2+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS znc 1.6.3-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-dev 1.6.3-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-perl 1.6.3-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-python 1.6.3-1ubuntu0.2+esm2 Available with Ubuntu Pro znc-tcl 1.6.3-1ubuntu0.2+esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS znc 1.2-3ubuntu0.1+esm3 Available with Ubuntu Pro znc-dev 1.2-3ubuntu0.1+esm3 Available with Ubuntu Pro znc-perl 1.2-3ubuntu0.1+esm3 Available with Ubuntu Pro znc-python 1.2-3ubuntu0.1+esm3 Available with Ubuntu Pro znc-tcl 1.2-3ubuntu0.1+esm3 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6990-1 CVE-2024-39844 Package Information: https://launchpad.net/ubuntu/+source/znc/1.8.2-2ubuntu0.1 . A critical ZNC vulnerability affects multiple Ubuntu versions, exposing users to unauthorized data access. Immediate updates are necessary for protection. Ubuntu Security, znc Security, Remote Code Execution, Arbitrary Code Execution, Ubuntu Advisory. . LinuxSecurity.com Team

Calendar 2 Sep 04, 2024 Ubuntu
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatecritical

openSUSE: 2024:0203-1 Critical: znc Remote Code Execution Advisory

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for znc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0203-1 Rating: critical References: #1227393 Cross-References: CVE-2024-39844 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for znc fixes the following issues: Update to 1.9.1 (boo#1227393, CVE-2024-39844) * This is a security release to fix CVE-2024-39844: remote code execution vulnerability in modtcl. To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all. * Improve tooltips in webadmin. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-203=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): znc-1.9.1-bp156.2.3.1 znc-devel-1.9.1-bp156.2.3.1 znc-perl-1.9.1-bp156.2.3.1 znc-python3-1.9.1-bp156.2.3.1 znc-tcl-1.9.1-bp156.2.3.1 - openSUSE Backports SLE-15-SP6 (noarch): znc-lang-1.9.1-bp156.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-39844.html https://bugzilla.suse.com/1227393 . Security patch released for znc: urgent remedy for remote code execution vulnerabilities on openSUSE, advisory identification openSUSE-SU-2024:0203-1.. openSUSE Update, ZNC Security, Critical Patch, Remote Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 23, 2024 Critical OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issueremote code execution

Mageia 9: 2024-0257 Critical: ZNC Remote Code Execution in ModTCL

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. (CVE-2024-39844) References: - https://bugs.mageia.org/show_bug.cgi?id=33364 . MGASA-2024-0257 - Updated znc packages fix security vulnerability Publication date: 05 Jul 2024 URL: https://advisories.mageia.org/MGASA-2024-0257.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-39844 In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. (CVE-2024-39844) References: - https://bugs.mageia.org/show_bug.cgi?id=33364 - https://www.openwall.com/lists/oss-security/2024/07/03/9 - https://www.cve.org/CVERecord?id=CVE-2024-39844 SRPMS: - 9/core/znc-1.8.2-21.1.mga9 . XYZ toolkit patches mitigate vulnerabilities linked to unauthorized access in Fedora. Urgent notice and fixes released starting August 10, 2024.. Remote Code Execution, ZNC Security, Mageia Advisory, ModTCL Patch, Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 05, 2024 Critical Mageia
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryremote code executiondebian

Debian: DSA-5725-1 Critical: ZNC Remote Code Execution Threat

Johannes Kuhn discovered that messages and channel names are not properly escaped in the modtcl module in ZNC, a IRC bouncer, which could result in remote code execution via specially crafted messages. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5725-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso July 03, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : znc CVE ID : CVE-2024-39844 Debian Bug : 1075729 Johannes Kuhn discovered that messages and channel names are not properly escaped in the modtcl module in ZNC, a IRC bouncer, which could result in remote code execution via specially crafted messages. For the oldstable distribution (bullseye), this problem has been fixed in version 1.8.2-2+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 1.8.2-3.1+deb12u1. We recommend that you upgrade your znc packages. For the detailed security status of znc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/znc Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Fedora Security Advisory FSA-2023-042 highlights a severe vulnerability in libXYZ that may allow unauthorized access. Immediate patching advised.. Debian Security, ZNC Updates, Remote Code Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 03, 2024 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorybugfixesenhancements

Mageia 7: MGASA-2020-0316 urgent security patch for znc issue

The znc package has been updated to version 1.8.1, containing several bugfixes and enhancements. See the upstream change logs for details. References: - https://bugs.mageia.org/show_bug.cgi?id=26886 . MGASA-2020-0316 - Updated znc packages fix security vulnerability Publication date: 16 Aug 2020 URL: https://advisories.mageia.org/MGASA-2020-0316.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13775 The znc package has been updated to version 1.8.1, containing several bugfixes and enhancements. See the upstream change logs for details. References: - https://bugs.mageia.org/show_bug.cgi?id=26886 - https://wiki.znc.in/ChangeLog/1.7.5 - https://wiki.znc.in/ChangeLog/1.8.0 - https://wiki.znc.in/ChangeLog/1.8.1 - https://www.cve.org/CVERecord?id=CVE-2020-13775 SRPMS: - 7/core/znc-1.8.1-1.mga7 . Recent enhancements to znc packages in Mageia 7 tackle security vulnerabilities and improve performance. Discover the details of these updates.. ZNC Package, Mageia Update, Bugfixes, Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 16, 2020 Important Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 31: FEDORA-2019-233d9b9a5e critical: znc Remote Code Execution

Update to 1.7.5 ---- Fixes CVE-2019-12816. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-233d9b9a5e 2019-10-07 00:00:39.742380 --------------------------------------------------------------------------------Name : znc Product : Fedora 31 Version : 1.7.5 Release : 1.fc31 URL : https://wiki.znc.in/ZNC Summary : An advanced IRC bouncer Description : ZNC is an IRC bouncer with many advanced features like detaching, multiple users, per channel playback buffer, SSL, IPv6, transparent DCC bouncing, Perl and C++ module support to name a few. --------------------------------------------------------------------------------Update Information: Update to 1.7.5 ---- Fixes CVE-2019-12816 --------------------------------------------------------------------------------References: [ 1 ] Bug #1718369 - znc fails to build with Python 3.8 https://bugzilla.redhat.com/show_bug.cgi?id=1718369 [ 2 ] Bug #1720886 - znc-1.7.5-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1720886 [ 3 ] Bug #1726159 - CVE-2019-12816 znc: invalid encoding leading to remote code execution [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1726159 [ 4 ] Bug #1726160 - CVE-2019-12816 znc: invalid encoding leading to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1726160 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-233d9b9a5e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The recent znc 1.7.5 update on Fedora 31 resolves a critical remote code execution vulnerability; refer to the advisory for complete information.. Fedora Update, znc IRC Bouncer, Remote Code Execution, Update Notice. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 06, 2019 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA 201908-15 Normal: ZNC Privilege Escalation and Risks

A vulnerability in ZNC allows users to escalate privileges.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201908-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: ZNC: Privilege escalation Date: August 15, 2019 Bugs: #688152 ID: 201908-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in ZNC allows users to escalate privileges. Background ========= ZNC is an advanced IRC bouncer. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-irc/znc < 1.7.4_rc1 > = 1.7.4_rc1 Description ========== It was discovered that ZNC's "Modules.cpp" allows remote authenticated non-admin users to escalate privileges. Impact ===== A remote authenticated attacker could escalate privileges and subsequently execute arbitrary code or conduct a Denial of Service attack. Workaround ========= There is no known workaround at this time. Resolution ========= All ZNC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-irc/znc-1.7.4_rc1" References ========= [ 1 ] CVE-2019-12816 https://nvd.nist.gov/vuln/detail/CVE-2019-12816 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201908-15 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressedto This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo GLSA 202110-12: Sudo poses a security risk; immediate upgrade suggested for all users to mitigate prospective threats.. Gentoo GLSA, ZNC Privilege Escalation, Security Advisory, Code Execution. . LinuxSecurity.com Team

Calendar 2 Aug 15, 2019 Gentoo
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorydenial of serviceremote execution

openSUSE: 2019:1859-1 Important: Znc Remote Code Execution Fix

An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for znc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1859-1 Rating: important References: #1130360 #1138572 Cross-References: CVE-2019-12816 CVE-2019-9917 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for znc to version 1.7.4 fixes the following issues: Security issues fixed: - CVE-2019-12816: Fixed a remote code execution in Modules.cpp (boo#1138572). - CVE-2019-9917: Fixed a denial of service on invalid encoding (boo#1130360). This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1859=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): znc-1.7.4-bp151.4.3.1 znc-devel-1.7.4-bp151.4.3.1 znc-perl-1.7.4-bp151.4.3.1 znc-python3-1.7.4-bp151.4.3.1 znc-tcl-1.7.4-bp151.4.3.1 - openSUSE Backports SLE-15-SP1 (noarch): znc-lang-1.7.4-bp151.4.3.1 References: https://www.suse.com/security/cve/CVE-2019-12816.html https://www.suse.com/security/cve/CVE-2019-9917.html https://bugzilla.suse.com/1130360 https://bugzilla.suse.com/1138572 -- . A crucial update for ZNC addresses significant security flaws, notably those that allow for remote code execution and denial of service attacks.. openSUSE Security Update, znc vulnerabilities, remote execution fix, denial of service patch. . Severity: Important.LinuxSecurity.com Team

Calendar 2 Aug 14, 2019 Important OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here