Find the information you need for your favorite open source distribution .
This update fixes multiple vulnerabilities concerning the urlparse module as well as vulnerabilities concerning the heapq, hmac, plistlib and ssl modules. CVE-2021-23336
Two NULL pointer dereference flaws were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, which may result in denial of service (application crash) when viewing a specially crafted email or when composing from a specially crafted draft message.
Multiple security vulnerabilities were found in frr, the FRRouting suite of internet protocols. Maliciously constructed Border Gateway Protocol (BGP) packages or corrupted tunnel attributes may cause a denial of service (application crash) which could be exploited by a remote attacker.
Multiple flaws were found in libyang, a parser toolkit for IETF YANG data modeling. Double frees, invalid memory access and Null pointer dereferences may cause a denial of service or potentially code execution.
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.
A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For Debian 10 buster, this problem has been fixed in version
A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For Debian 10 buster, this problem has been fixed in version
A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For Debian 10 buster, this problem has been fixed in version
A vulnerability has been identified in c-ares, an asynchronous name resolver library: CVE-2020-22217:
Several vulnerabilities were discovered in Samba, the SMB/CIFS file, print, and login server for Unix. CVE-2016-2124
Multiple vulnerabilities were discovered in Rails HTML Sanitizers, an HTML sanitization library for Ruby on Rails applications. An attacker could launch cross-site scripting (XSS) and denial-of-service (DoS) attacks through crafted HTML/XML documents.
Multiple vulnerabilities were discovered in Loofah, a Ruby library for HTML/XML transformation and sanitization. An attacker could launch cross-site scripting (XSS) and denial-of-service (DoS) attacks through crafted HTML/XML documents.
It was discovered that there was a potential Man In the Middle (MITM) vulnerability in e2guardian, a web content filtering engine. Validation of SSL certificates was missing in e2guardian's own MITM
A security vulnerability was identified in Orthanc, a DICOM server used for medical imaging, whereby authenticated API users had the capability to overwrite arbitrary files and, in certain configurations, execute unauthorized code.
It was discovered that there was a potential Regular Expression Denial of Service (ReDoS) attack in node-cookiejar, a Node.js library for parsing and manipulating HTTP cookies. An attack was possible via passing a large value to the Cookie.parse function.
A Buffer Overflow vulnerability was found in the LibRaw::stretch() function, which could lead to denial of service or information disclosure when parsing a malicious CRW file.
Vulnerabilities were found in libssh2, a client-side C library implementing the SSH2 protocol, which could lead to denial of service or remote information disclosure.
It was discovered that there was a potential denial of service vulnerability in Django, a popular Python-based web development framework.
It was discovered that there was a potential Denial of Service (DoS) vulnerability in memcached, a high-performance in-memory object caching system.
Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
