Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Ahead With Linux Security News

Filter%20icon Refine news
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security news

We found 0 articles for you...
210

Debian DSA-5526-1 High: Chromium DoS And Info Disclosure Risks

A severe, remotely exploitable Type Confusion vulnerability has been found in Chromium ( CVE-2023-5346 ). Due to its significant threat to the confidentiality, integrity, and availability of impacted systems, this bug has received a National Vulnerability Database base score of 8.8 out of 10 (“High” severity). . Several other important security vulnerabilities have also recently been found in Chromium, including inappropriate implementation in Custom Tabs, Prompts, Input, Custom Mobile Tabs, Autofill, Intents, Picture in Picture, and Interstitials, and insufficient policy enforcement in Downloads. These issues could result in the execution of arbitrary code, denial of service, or information disclosure. Essential Chromium security updates have been released to fix these dangerous bugs. As these flaws severely threaten the confidentiality, integrity, and availability of impacted systems, we urge all affected users to apply the updates released by Debian , Fedora , Gentoo , Mageia , and openSUSE immediately to protect their critical systems and sensitive data against attacks leading to downtime and compromise. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user , subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . Critical flaws discovered in Firefox present threats; patches required to safeguard machines from intrusions.. chromium vulnerabilities, DoS attacks, security fixes, information disclosure. . Brittany Day

Calendar%202 Oct 25, 2023 User Avatar Brittany Day Security Vulnerabilities
77

WordPress 3.5.2 Moderate: XSS, DoS, and SSRF Security Fixes

With the second security and maintenance release of WordPress 3.5, the developers of the popular open source blogging software have closed 12 bugs, seven of them security issues. In their announcement, the developers "strongly encourage" all users to update all their installations of the software to version 3.5.2 immediately. . In addition to the fixed vulnerabilities, the new release also includes some proactive changes intended to harden the platform against attacks. The link for this article located at H Online is no longer available. . In addition to the fixed vulnerabilities, the new release also includes some proactive changes inten. second, security, maintenance, release, wordpress, developers, popular. . LinuxSecurity.com Team

Calendar%202 Jun 24, 2013 User Avatar LinuxSecurity.com Team Server Security
78

Python 2.6.7 Medium Severity Advisory: XSS and DoS Risk Fix

The Python developers have released Python 2.6.7, as noted when Python 2.5.6 was released last week. Python 2.6 is in "security fix only" mode until October 2013, with no new bug fixes or features to come; Python 2.6.7 saw three medium severity issues addressed.. According to the Python 2.6.7 NEWS file, these were a vulnerability to XSS attacks in SimpleHTTPServer, a failure to follow redirections with file: schemes in urllib and urllib2 (CVE-2011-1521), and smtpd.py being vulnerable to DoS attacks due to missing error handling when accepting a new connection. Still to come this month are Python 3.2.1 on June 5 and Python 2.7.2 and 3.1.4 on June 11. Unlike the 2.5.6 and 2.6.7 security only updates, Python 2.7.2 and 3.1.4 will be more general maintenance releases and 3.2.1 will be the latest in the ongoing development of Python. The link for this article located at H Security is no longer available. . Python 2.6.7 introduces a crucial security update mitigating XSS and Denial of Service risks stemming from significant vulnerabilities.. Python 2.6 Security, XSS Risk, DoS Attack Fix, Security Enhancement. . LinuxSecurity.com Team

Calendar%202 Jun 06, 2011 User Avatar LinuxSecurity.com Team Vendors/Products
83

VoIP Security Insights: Eavesdropping, DoS, And Spam Threats Explained

Voice over IP, like many new technologies, suffers from having security as an afterthought. Headlines tell of VoIP vulnerabilities that can lead to eavesdropping, a new form of spam, even denial-of-service attacks that can take down the one communication network that businesses rely on most. . Lawrence Orans, a research director with Gartner, says some of these threats are overblown and aren The link for this article located at Network World is no longer available. . VoIP safety: Are risks such as interception and Denial of Service exaggerated? Perspectives from Lawrence Orans at Gartner.. VoIP Security, Eavesdropping, DoS Attacks, Spam Risks, Network Vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jan 31, 2007 User Avatar LinuxSecurity.com Team Hacks/Cracks
74

Addressing DoS and DDoS Attacks in Cyber Security Context

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have been around for years, but with reports that 4,000 DoS attacks are launched each week, it's clear the problem isn't close to being resolved. In fact, in a recent poll of Information Security . . . . Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have been around for years, but with reports that 4,000 DoS attacks are launched each week, it's clear the problem isn't close to being resolved. In fact, in a recent poll of Information Security readers, 90 percent said they remained either "very concerned" or "somewhat concerned" about DoS or DDoS (see Reader Poll). Their concerns are well founded. Just look at this summer's Code Red worms, which took advantage of an IIS vulnerability and initially infected more than 350,000 computers worldwide within 14 hours. Had the payload been designed a little better, Code Red could have set off a chain-reaction of DoS attacks Internet-wide. "With that kind of firepower, they could have taken down anything," says Stefan Savage, a computer scientist at the San Diego Supercomputer Center's Cooperative Association for Internet Data Analysis (CAIDA). Along with colleagues Geoffrey Voelker and David Moore, Savage has created a technique--code-named "Backscatter"--to track and analyze DoS attacks (see Right Back Atcha). . Surging threats from DoS and DDoS attacks underscore the imperative for robust defense mechanisms.. DoS Attack Solutions, DDoS Defense Mechanisms, Cyber Threat Mitigation, Network Resilience Strategies. . Anthony Pell

Calendar%202 Sep 28, 2001 User Avatar Anthony Pell Network Security
News Add Esm H340

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200