Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalremote code execution

Debian: DSA-2853-1 Critical: Horde3 Remote Code Execution

Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2853-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Luciano Bello February 05, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : horde3 Vulnerability : Remote code execution Problem type : remote Debian-specific: no CVE ID : CVE-2014-1691 Debian Bug : 737149 Pedro Ribeiro from Agile Information Security found a possible remote code execution on Horde3, a web application framework. Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-crafted one of those variables allowing her to load and execute code. For the oldstable distribution (squeeze), this problem has been fixed in version 3.3.8+debian0-3. In the testing (jessie) and unstable (sid) distributions, Horde is distributed in the php-horde-util package. This problem has been fixed in version 2.3.0-1. We recommend that you upgrade your horde3 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Upgrade horde3 to mitigate potential remote code execution risks as specified in DSA-2853-1.. Debian Security,Horde3 Update,Remote Code Execution,Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 05, 2014 Critical Debian
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantsecurity patch

openSUSE 11.4: openSUSE-SU-2012:0286-1 Important: Horde3 Fix

An update that fixes one vulnerability is now available.. openSUSE Security Update: No summary available - BOX ______________________________________________________________________________ Announcement ID: openSUSE-SU-2012:0286-1 Rating: important References: #742804 Cross-References: CVE-2012-0909 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This version upgrade of horde3 to 3.3.13 fixes several issues (including a security related flaw, CVE-2012-0909) and adds new features. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch horde3-5831 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (noarch): horde3-3.3.13-0.3.2 References: https://www.suse.com/security/cve/CVE-2012-0909.html -- . A new patch for a significant vulnerability in openSUSE has been released. Please adhere to the guidelines to ensure your system remains protected.. OpenSUSE Update, Security Patch, System Upgrade, Horde Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 20, 2012 Important OpenSUSE
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA-1966-1 Critical: Horde3 Cross-Site Scripting Threat

Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: . - ------------------------------------------------------------------------ Debian Security Advisory DSA-1966-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steffen Joeris January 07, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : horde3 Vulnerability : insufficient input sanitising Problem type : remote Debian-specific: no CVE Ids : CVE-2009-3237 CVE-2009-3701 CVE-2009-4363 Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3237 It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences or inline MIME text parts when using text/plain as MIME type. For lenny this issue was already fixed, but as an additional security precaution, the display of inline text was disabled in the configuration file. CVE-2009-3701 It has been discovered that the horde3 administration interface is prone to cross-site scripting attacks due to the use of the PHP_SELF variable. This issue can only be exploited by authenticated administrators. CVE-2009-4363 It has been discovered that horde3 is prone to several cross-site scripting attacks via crafted data:text/html values in HTML messages. For the stable distribution (lenny), these problems have been fixed in version 3.2.2+debian0-2+lenny2. For the oldstable distribution (etch), these problems have been fixed in version 3.1.3-4etch7. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 3.3.6+debian0-1. We recommend that you upgrade your horde3 packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 691 48b9e415b5f6ab912615d4da1fdbf972 Size/MD5 checksum: 17280 15471b64c8321f477800da4cfe3ff8e4 Size/MD5 checksum: 5232958 fbc56c608ac81474b846b1b4b7bb5ee7 Architecture independent packages: Size/MD5 checksum: 5282070 b0788ebca983b9059a7fa05ada2de4cb Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 1389 c7d03777a3a09845206364f689752f30 Size/MD5 checksum: 27993 866df86724501fbd550d5e164e4cdd3c Size/MD5 checksum: 7180761 fb22a594bbdad07a0fbeef035a6d2f39 Architecture independent packages: Size/MD5 checksum: 7240984 9298abd370d67b6a4861f015e330d1c5 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian's DSA-1966-1 resolves several cross-site scripting vulnerabilities in the horde3 software, improving overall web safety..Horde3 Security, Debian Advisory, Cross-Site Scripting Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 07, 2010 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian DSA-1765-1 Critical: Horde3 Remote Threats Fixed

Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: . - ------------------------------------------------------------------------ Debian Security Advisory DSA-1765-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steffen Joeris April 08, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : horde3 Vulnerability : Multiple vulnerabilities Problem type : remote Debian-specific: no CVE Ids : CVE-2009-0932 CVE-2008-3330 CVE-2008-5917 Debian Bugs : 513265 512592 492578 Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0932 Gunnar Wrobel discovered a directory traversal vulnerability, which allows attackers to include and execute arbitrary local files via the driver parameter in Horde_Image. CVE-2008-3330 It was discovered that an attacker could perform a cross-site scripting attack via the contact name, which allows attackers to inject arbitrary html code. This requires that the attacker has access to create contacts. CVE-2008-5917 It was discovered that the horde XSS filter is prone to a cross-site scripting attack, which allows attackers to inject arbitrary html code. This is only exploitable when Internet Explorer is used. For the oldstable distribution (etch), these problems have been fixed in version 3.1.3-4etch5. For the stable distribution (lenny), these problems have been fixed in version 3.2.2+debian0-2, which was already included in the lenny release. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 3.2.2+debian0-2. We recommend that you upgrade your horde3 packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 5232958 fbc56c608ac81474b846b1b4b7bb5ee7 Size/MD5 checksum: 13749 d7ad332e2f535b9df1ab49bd9c7233fa Size/MD5 checksum: 1076 c6082f3a21860b6b65b7edc4c58b0c07 Architecture independent packages: Size/MD5 checksum: 5274074 e4cfd0484345a153c33481101472a1fe These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Important security notice for horde3 addressing various remote vulnerabilities impacting Debian systems. Update strongly advised.. Horde3 Threats, Debian Upgrade, Remote Security Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 08, 2009 Critical Debian
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysoftware updatedebian

Debian: DSA 1098-1 Moderate: Issue with Remote Input in Horde3

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1098-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff June 14th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : horde3 Vulnerability : missing input sanitising Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-2195 Michael Marek discovered that the Horde web application framework performs insufficient input sanitising, which might lead to the injection of web script code through cross-site scripting. The old stable distribution (woody) does not contain horde3 packages. For the stable distribution (sarge) this problem has been fixed in version 3.0.4-4sarge4. For the unstable distribution (sid) this problem has been fixed in version 3.1.1-3. We recommend that you upgrade your horde3 package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 628 736efdacbeb3dc6963c79a48a43f49bd Size/MD5 checksum: 12114 faaa734a691a552c451fc67359119280 Size/MD5 checksum: 3378143 e2221d409ba1c8841ce4ecee981d7b61 Architecture independent components: Size/MD5 checksum: 3436798 2c57d60ccb9e4493384212ea69f9fada These files will probably be moved into the stable distribution on its next update. ----------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Improve horde3 components in Debian to address the vulnerabilities related to improper input validation, which can facilitate XSS (cross-site scripting) exploits.. Horde3 Update, Debian Security, Remote Attack, Input Sanitizing. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 14, 2006 Important Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuecritical

Debian: DSA 1033-1 Critical: Horde3 Remote Execution Threats

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1033-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff April 12th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : horde3 Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2005-4190 CVE-2006-1260 CVE-2006-1491 Debian Bug : 361967 Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4190 Several Cross-Site-Scripting vulnerabilities have been discovered in the "share edit window". CVE-2006-1260 Null characters in the URL parameter bypass a sanity check, which allowed remote attackers to read arbitrary files, which allowed information disclosure. CVE-2006-1491 User input in the help viewer was passed unsanitised to the eval() function, which allowed injection of arbitrary web code. The old stable distribution (woody) doesn't contain horde3 packages. For the stable distribution (sarge) these problems have been fixed in version 3.0.4-4sarge3. For the unstable distribution (sid) these problems have been fixed in version 3.1.1-1. We recommend that you upgrade your horde3 package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources fromthe footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 628 7b66ee691ce42e8a50a072f82667be0b Size/MD5 checksum: 11630 20195835db40066033ddb80df5658740 Size/MD5 checksum: 3378143 e2221d409ba1c8841ce4ecee981d7b61 Architecture independent components: Size/MD5 checksum: 3436640 eadf553e1f8d9117155dbb09fe1dec34 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Address distant concerns in Horde3 utilizing Debian's current guidance while enhancing the defense of web app safety.. Horde3 Security Update, Debian DSA, Remote Code Execution, Web Application Flaws. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 12, 2006 Critical Debian
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA 884-1 Critical: Horde3 Design Error Leads To Insecure Default

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 884-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : horde3 Vulnerability : design error Problem type : remote Debian-specific: yes CVE ID : CVE-2005-3344 Debian Bugs : 332290 332289 Mike O'Connor discovered that the default installation of Horde3 on Debian includes an administrator account without a password. Already configured installations will not be altered by this update. The old stable distribution (woody) does not contain horde3 packages. For the stable distribution (sarge) this problem has been fixed in version 3.0.4-4sarge1. For the unstable distribution (sid) this problem has been fixed in version 3.0.5-2 We recommend that you verify your horde3 admin account if you have installed Horde3. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 627 cc9b46f4b5a4f4a514ecbc51d9eb3a58 Size/MD5 checksum: 6751 b0e7fb95efe86aeb42cfd0b478dd312b Size/MD5 checksum: 3378143 e2221d409ba1c8841ce4ecee981d7b61 Architecture independent components: Size/MD5 checksum: 3432038 671d10d028345c0cfc133cc0504a2d50 These files will probablybe moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . - --------------------------------------------------------------------------Debian Security Advisory. updated, package, --------------------------------------------------------------------------debian. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 07, 2005 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here