Find the information you need for your favorite open source distribution .
Several vulnerabilities have been discovered in the ISC DHCP client, relay and server. CVE-2022-2928
Several security vulnerabilities have been discovered in Git, a fast, scalable, distributed revision control system, which may affect multi-user systems. CVE-2021-21300
Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code.
It was discovered that there was a potential denial of service vulnerability in strongswan, an IPsec VPN solution. Strongswan could have queried URLs with untrusted certificates, and
Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a simple interprocess messaging system, which may result in denial of service by an authenticated user.
Several security vulnerabilities were discovered in Wordpress, a popular content management framework. Server Side Request Forgery and cross-site scripting (XSS) attacks may facilitate the bypass of access controls or the injection of client-side scripts.
It was discovered that there was a potential SQL injection vulnerability in libpgjava, a Java library for connecting to PostgreSQL databases.
It was discovered that there was a potential remote denial-of-service vulnerability in the knot-resolver DNSSEC-validating DNS resolver. Remote attackers could have caused a denial of service via CPU
Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2022-2795
Multiple vulnerabilities were discovered in Node.js, a JavaScript runtime environment, which could result in memory corruption, invalid certificate validation, prototype pollution or command injection.
It was found that Barbican, a service for secret management and storage, was vulnerable to access bypass via query string injection. For Debian 10 buster, this problem has been fixed in version
This update includes the changes in tzdata 2022d for the Perl bindings. For the list of changes, see DLA-3134-1. For Debian 10 buster, this problem has been fixed in version
This update includes the changes in tzdata 2022d. Notable changes are: - - Palestine now switches back to standard time on October 29.
An invalid HTTP request (websocket handshake) may cause a NULL pointer dereference in the wstunnel module. For Debian 10 buster, this problem has been fixed in version
Several security vulnerabilities have been discovered in SnakeYaml, a YAML parser for Java, which could facilitate a denial of service attack whenever maliciously crafted input files are processed by SnakeYaml.
Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks.
Two issues were found in GDAL, a geospatial library, that could lead to denial of service via application crash or possibly the execution of arbitrary code if maliciously crafted data was parsed.
thenify is a Promisify a callback-based function using any-promise. Affected versions of this package are vulnerable to Arbitrary Code Execution. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval
An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in TiXmlParsingData::Stamp(), which results in a denial of service.
The update for mariadb-10.3 released as DLA-3114 introduced a bug in the mariadb-server-10.3 package, that could cause installation failures when installing or updating plugin packages.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
