Find the information you need for your favorite open source distribution .
Several vulnerabilities were fixed in the Python3 interpreter. CVE-2015-20107
An issue has been found in cups, the Common UNIX Printing System(tm). Due to a use-after-free bug an attacker could cause a denial-of-service. In case of having access to the log files, an attacker could also
Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. CVE-2022-47184
A buffer overrun in format_timespan() has been fixed in systemd, the default init system in Debian. Additionally, fixes for getting property OnExternalPower via D-Bus
A flaw was found in the '/v2/_catalog' endpoint in 'distribution/distribution', which accepts a parameter to control the maximum number of records returned (query string: 'n'). This vulnerability allows a malicious user to
Two vunerabilities were discovered in c-ares, an asynchronous name resolver library: CVE-2023-31130
Missing input validation in various functions may have resulted in denial of service in various functions provided by libx11, the X11 client-side library.
In OWSLib, a Python client library for Open Geospatial web services, the XML parser did not disable entity resolution which could lead to arbitrary file reads from an attacker-controlled XML payload.
Issues were found in lua5.3, a powerful, light-weight programming language designed for extending applications, which may result in denial of service.
Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in .script and .log files. Hsqldb supports a "SCRIPT" keyword which is normally used to record the commands input by the database admin to output
Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in .script and .log files. Hsqldb supports a "SCRIPT" keyword which is normally used to record the commands input by the database admin to output
Avahi a free zero-configuration networking (zeroconf) implementation, including a system for multicast DNS/DNS-SD service discovery, was affected by a Deny of Service. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled
A heap-based buffer overflow vulnerability was found in the HTTP chunk parsing code of minidlna, a lightweight DLNA/UPnP-AV server, which may result in denial of service or the execution of arbitrary code.
Jurien de Jong discovered that the parsing of KeyInfo elements within the XMLTooling library may result in server-side request forgery. For Debian 10 buster, this problem has been fixed in version
Multiple vulnerabilities were found in opensc, a set of libraries and utilities to access smart cards, which could lead to application crash or information leak.
Several security vulnerabilities have been addressed in Wordpress, a popular content management framework. WordPress Core is vulnerable to Directory Traversal via the âwp_langâ
An issue has been found in libfastjson, a fast json library for C. Due to missing checks, out-of-bounds write might happen when parsing large JSON files.
Erik Krogh Kristensen and Rasmus Petersen from the GitHub Security Lab discovered a ReDoS (Regular Expression Denial of Service) vulnerability in python-mechanize, a library to automate interaction with websites modeled after the Perl module WWW::Mechanize, which could lead to
libxpm is a library handling X PixMap image format (so called xpm files). xpm files are an extension of the monochrome X BitMap format specified in the X protocol, and is commonly used in traditional X applications.
Niels Dossche and Tim Düsterhus discovered that PHP's implementation of the SOAP HTTP Digest authentication did not check for failures, which may result in a stack information leak. Furthermore, the code used an insufficient number of random bytes.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
