Find the information you need for your favorite open source distribution .
Security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in information disclosure, denial of service or potentially remote code execution.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For Debian 10 buster, these problems have been fixed in version
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Demuxer vulnerabilities have been fixed in the RealMedia demuxers for the GStreamer media framework. For Debian 10 buster, this problem has been fixed in version
Multiple vulnerabilities were found in otrs2, the Open-Source Ticket Request System, which could lead to impersonation, denial of service, information disclosure, or execution of arbitrary code.
It was discovered that there was an issue in the opendmarc DMARC email filter system. A call to "db_stop" was missing from the post-installation script which meant that, under some configurations, the script would hang indefinitely.
Several issue have been found in ring/jami, a secure and distributed voice, video and chat platform. The issues are about missing boundary checks, resulting in out-of-bound
Several issues have been found in qpdf, a package with tools for transforming and inspecting PDF files. Crafted files may enable remote attackers to execute arbitrary code or
"Edbo" and Cedric Krier discovered that the Tryton application server does enforce record rules when only reading fields without an SQL type (like Function fields).
It was discovered that there was an issue in the opendmarc DMARC email filter system. A vulnerability allowed attackers to inject authentication results to provide false information about the domain that originated an email message. This was caused by incorrect
It was discovered that when using the get_post_logout_redirect and get_post_login_redirect functions in flask-security, an implementation of simple security for Flask apps, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple
A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV, an anti-virus utility for Unix, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
A specific flaw within the processing of recovery volumes exists in RAR, an archive program for rar files. It allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability. The target must visit a malicious page or open a
A specific flaw within the processing of recovery volumes exists in UnRAR, an unarchiver for rar files. It allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability. The target must visit a malicious page or open a malicious rar
Han Zheng discovered an out-of-bounds write in w3m, a text based web browser and pager. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service (DoS) or possibly have unspecified other impact.
An auto-block can occur for an untrusted X-Forwarded-For header in MediaWiki, a website engine for collaborative work. X-Forwarded-For is not necessarily trustworthy and can specify multiple IP
Several vulnerabilities have been found in qt4-x11, a graphical windowing toolkit. CVE-2021-3481
Several security vulnerabilities have been discovered in zabbix, a network monitoring solution, potentially allowing to crash the server, information disclosure or Cross-Site-Scripting attacks.
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities. CVE-2022-40982
LXC is a Linux Containers userspace tool set. Maher Azzouzi reported that the lxc-user-nic command, included in LXC, allowed unprivileged users to infer whether any file exists, even in protected directory trees.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
