Find the information you need for your favorite open source distribution .
The package mantisbt before version 1.2.17-4 is vulnerable to arbitrary code execution and unrestricted access.
The package curl before version 7.39.0-1 is vulnerable to out-of-bounds read which may lead to information disclosure.
The package kdebase-workspace before version 4.11.13-2 is vulnerable to a local privilege escalation issue.
The package konversation before version 1.5.1-1 is vulnerable to denial of service.
The package polarssl before version 1.3.9-1 is vulnerable to multiple issues including weak signature negotiation and remotely triggerable memory leaks.
The package mantisbt before version 1.2.17-3 is vulnerable to SQL injection.
The package aircrack-ng before version 1.2rc1-1 is vulnerable to multiple security issues which may result in remote/local code execution, privilege escalation and denial of service.
The package tnftp before version 20141031-1 is vulnerable to arbitrary command execution.
The package wget before version 1.16-2 is vulnerable to arbitrary filesystem access.
The package ejabberd before version 14.07-2 allows clients to connect with an unencrypted connection even if starttls_required is set.
The package libxml2 before version 2.9.2-1 is vulnerable to denial of service, even if entity substitution is disabled.
The package ctags before version 5.8-5 is vulnerable to denial of service.
The package libvncserver before version 0.9.10-1 is vulnerable to remote code execution client-side, and denial of service server-side.
The package libpurple before version 2.10.10-1 is vulnerable to a remote denial of service and remote information leakage.
The package wpa_supplicant and hostapd before version 2.3-1 are vulnerable to arbitrary command execution.
The package drupal before version 7.32-1 is vulnerable to a remote, non-authenticated, SQL injection.
The package openssl before version 1.0.1.j-1 is vulnerable to a remote denial of service via two different memory leaks. In addition to that, it fails to properly disable the SSLv3 protocol when building with the no-ssl3 option, thus leaving openssl vulnerable to the POODLE attack on SSLv3. This new version adds support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade, as exploited on the POODLE attack.
The package zeromq before version 4.0.5-1 is vulnerable to man-in-the-middle downgrade and replay attacks.
The package rsyslog before version 8.4.2-1 is vulnerable to a remote denial of service.
The package mediawiki before version 1.23.5-1 is vulnerable to Cross-site Scripting (XSS) and UI redressing.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
