Find the information you need for your favorite open source distribution .
Several flaws were discovered in jackson-databind, a fast and powerful JSON library for Java. CVE-2020-36518
Multiple security vulnerabilities were discovered in heimdal, an implementation of the Kerberos 5 authentication protocol, which may result in denial of service, information disclosure, or remote code execution.
Several security vulnerabilities were discovered in inetutils, a collection of common network programs. CVE-2019-0053
This update fixes multiple memory access violations in vim. CVE-2022-0318
It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory disclosure or potentially the execution of arbitrary code when processing a malformed mp4 file.
Three issues have been found in libarchive, a multi-format archive and compression library. CVE-2019-19221
Yuchen Zeng and Eduardo Vela discovered a buffer overflow in NTFS-3G, a read-write NTFS driver for FUSE, due to incorrect validation of some of the NTFS metadata. A local user can take advantage of this flaw for local
An issue has been found in graphicsmagick, a collection of image processing tools. Due to missing checks, a crafted MIFF file could result in a heap buffer
Multiple issues were discovered in Django, a Python-based web development framework: * CVE-2021-45452: Storage.save allowed directory traversal if
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or bypass of the SameSite cookie policy.
It was discovered that php-phpseclib, a pure-PHP implementation of various cryptographic and arithmetic algorithms (v2), mishandles RSA PKCS#1 v1.5 signature verification. An attacker may get invalid signatures accepted, bypassing authorization control in specific
It was discovered that phpseclib, a pure-PHP implementation of various cryptographic and arithmetic algorithms (v1), mishandles RSA PKCS#1 v1.5 signature verification. An attacker may get invalid signatures accepted, bypassing authorization control in specific situations.
Multiple security issues were discovered in Thunderbird, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or bypass of the SameSite cookie policy.
It was discovered that jupyter-core, the base framework for Jupyter projects like Jupyter Notebooks, could execute arbitrary code when loading configuration files.
Multiple security vulnerabilities have been found in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for information disclosure or the execution of arbitrary code.
It was discovered that joblib did not properly sanitize arguments to pre_dispatch, allowing arbitrary code execution. For Debian 10 buster, this problem has been fixed in version
It was discovered that lava_server allowed remote code execution in the lavatable code. For Debian 10 buster, this problem has been fixed in version
Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.
Several bugs were discovered in PostgreSQL, a relational database server system. This new LTS minor version update fixes over 25 bugs that were reported in the last several months. The complete and detailed list of issues could be found at: https://www.postgresql.org/docs/release/11.18/.
An issue was discovered in Dropbear, a relatively small SSH server and client. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it was possible for an SSH server to change the login process in its favor. This attack can bypass
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
