Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycommand executionDebian

Debian: DSA 1393-1 Critical: Xfce4-Terminal Command Execution Issue

It was discovered that xfce-terminal, a terminal emulater for the xfce environment, did not correctly escape arguments passed to the processes spawned by "Open Link". This allowed malicious links to execute arbitary commands upon the local system. . - ------------------------------------------------------------------------Debian Security Advisory DSA 1393-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steve Kemp October 23rd, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : xfce4-terminal Vulnerability : insecure execution Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-3770 Debian Bug : 437454 It was discovered that xfce-terminal, a terminal emulater for the xfce environment, did not correctly escape arguments passed to the processes spawned by "Open Link". This allowed malicious links to execute arbitary commands upon the local system. For the stable distribution (etch), this problem has been fixed in version 0.2.5.6rc1-2etch1. For the unstable distribution (sid), this problem has been fixed in version 0.2.6-3. We recommend that you upgrade your xfce4-terminal package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 973 a767bcd32857b6dcaf9408bdb4de3f4d Size/MD5 checksum: 13295 a1acf7fdea075e053c0bd84d0c8348f1 Size/MD5 checksum: 193192525f5c03da6d048f68db208ac97cd4b78 alpha architecture (DEC Alpha) Size/MD5 checksum: 1243092 c55bded377b1649d1ee5974e050c31ba amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 1235646 e15c9137067ee951ac59a97dd5408ef8 arm architecture (ARM) Size/MD5 checksum: 1229456 0aad07c1e2d8b4ee9aef6d14a18122aa hppa architecture (HP PA RISC) Size/MD5 checksum: 1235794 ac1de3bf6a19a6ef9606c4c9d49980bf i386 architecture (Intel ia32) Size/MD5 checksum: 1231226 9bd92a74e55983f42062b905cb075b76 ia64 architecture (Intel ia64) Size/MD5 checksum: 1260480 2d3fdb96fad9b22c9735fb1814d66b1f mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 1229220 57c8120bc3bfda7d06b2f45a4689eddc mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 1228860 82f722ba9179ab366db71870272d0ce5 powerpc architecture (PowerPC) Size/MD5 checksum: 1228390 1d71e441159f19e6a0590791cbcae7b0 s390 architecture (IBM S/390) Size/MD5 checksum: 1233762 1768822b2d7f3b58aba7746bd7a646e3 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 1226378 7f230e00b3ed8fb6f64445af8ec0f489 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA 1394-1 outlines the remedy for a vulnerability in xfce4-terminal pertaining to command execution and offers guidance on how to upgrade.. xfce-terminal,command execution,Debian DSA,security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 23, 2007 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryprivilege escalationDebian

Debian: DSA 949-1 Moderate: Crawl Game Insecure Command Execution

Steve Kemp from the Debian Security Audit project discovered a security related problem in crawl, another console based dungeon exploration game in the vein of nethack and rogue. The program executes commands insecurely when saving or loading games which can allow local attackers to gain group games privileges. . - --------------------------------------------------------------------------Debian Security Advisory DSA 949-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : crawl Vulnerability : insecure program execution Problem type : local Debian-specific: no CVE ID : CVE-2006-0044 Steve Kemp from the Debian Security Audit project discovered a security related problem in crawl, another console based dungeon exploration game in the vein of nethack and rogue. The program executes commands insecurely when saving or loading games which can allow local attackers to gain group games privileges. For the old stable distribution (woody) this problem has been fixed in version 4.0.0beta23-2woody2. For the stable distribution (sarge) this problem has been fixed in version 4.0.0beta26-4sarge0. For the unstable distribution (sid) this problem has been fixed in version 4.0.0beta26-7. We recommend that you upgrade your crawl package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody --------------------------------- Source archives: Size/MD5 checksum: 615 3f43365164bb10f1e1acf6978cb40b96 Size/MD5 checksum: 6982 59cb94176b9b70553b12ca6cedd87c34 Size/MD5 checksum: 1047863 6b988caff871f0df1c8f3cc907f2fce6 Alpha architecture: Size/MD5 checksum: 846396 f9bc757f015f556a80ecaae3b02d48c1 ARM architecture: Size/MD5 checksum: 612204 287415a45872ef965aba999a64c83298 Intel IA-32 architecture: Size/MD5 checksum: 597416 d1a3b10417453873118380d75c074516 Intel IA-64 architecture: Size/MD5 checksum: 873002 b6f756cc288bd81c8be43cc7a1b1cb31 HP Precision architecture: Size/MD5 checksum: 710704 66c4a5c9277e542247883f1de8775fd1 Motorola 680x0 architecture: Size/MD5 checksum: 582424 ea8e73fad36a8715025aa8b55143c1bd Big endian MIPS architecture: Size/MD5 checksum: 682570 32a1e35f4f6f337fcffc36f17dd305fe Little endian MIPS architecture: Size/MD5 checksum: 680114 e208b391467dcbe619f3644f890afddd PowerPC architecture: Size/MD5 checksum: 627098 341b7a34dfb134ca29432f46194eba08 IBM S/390 architecture: Size/MD5 checksum: 595318 cc5e2b868ff1347e31c1439ef0b163d8 Sun Sparc architecture: Size/MD5 checksum: 618824 9e320393a2160741925518dac490d3bb Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 605 82e38ba8b803845dfbcedddc5c434951 Size/MD5 checksum: 9558 720e80e44a34e38026ba2e92cd54e3bf Size/MD5 checksum: 1111555 8419fb9f161e91e6b1972cdd43b2ac29 Alpha architecture: Size/MD5 checksum: 862362 4527606c8e871fd1ee2102ab906becc5 AMD64 architecture: Size/MD5 checksum: 694574 8beb58cd0111793f82a19022a63b730e ARM architecture: Size/MD5 checksum: 684734 002f5e953c2504f4be1224f93da14eb1 Intel IA-32architecture: Size/MD5 checksum: 673920 12d2c975ea9f75f4c5bfedaa5c1e297c Intel IA-64 architecture: Size/MD5 checksum: 951644 258b23be336ea596e863ca0518e870ed HP Precision architecture: Size/MD5 checksum: 769528 fae9f289e054d503b5c0290be2f19712 Motorola 680x0 architecture: Size/MD5 checksum: 594756 6234a30fd30de32b40de5eb8d19e60e4 Big endian MIPS architecture: Size/MD5 checksum: 749624 beeb446cfba816f535c6ae6e4c791151 Little endian MIPS architecture: Size/MD5 checksum: 748692 d7cd95b1bab7bbae1739ccca6c72374b PowerPC architecture: Size/MD5 checksum: 701548 e097d40e9a22f2eda2e5da35f71ece6d IBM S/390 architecture: Size/MD5 checksum: 656932 5b044f1c47161aea9a0a1d418c989f15 Sun Sparc architecture: Size/MD5 checksum: 670026 71a59cdce362ac861e65f172af1c9e93 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Security notice for Ubuntu: Patch for vulnerability in bounce game to avert unauthorized privilege escalation risks.. Debian Security Advisory, Insecure Execution Fix, Crawl Game Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 27, 2006 Important Debian
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoocode execution

Gentoo: GLSA-200504-23 Normal: Kommander Insecure Script Execution

Kommander executes remote scripts without confirmation, potentially resulting in the execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200504-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Kommander: Insecure remote script execution Date: April 22, 2005 Bugs: #89092 ID: 200504-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Kommander executes remote scripts without confirmation, potentially resulting in the execution of arbitrary code. Background ========= KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Kommander is a visual dialog editor and interpreter for KDE applications, part of the kdewebdev package. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 kde-base/kdewebdev < 3.3.2-r1 > = 3.3.2-r1 Description ========== Kommander executes data files from possibly untrusted locations without user confirmation. Impact ===== An attacker could exploit this to execute arbitrary code with the permissions of the user running Kommander. Workaround ========= There is no known workaround at this time. Resolution ========= All kdewebdev users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =kde-base/kdewebdev-3.3.2-r1" References ========= [ 1 ] CAN-2005-0754 https://www.cve.org/CVERecord?id=CAN-2005-0754 [ 2 ] KDE Security Advisory: Kommander untrusted code execution https://kde.org/info/security/advisory-20050420-1.txt Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200504-23 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Gentoo Linux Security Notice regarding Kommander allowing execution of unverified remote scripts, posing a threat of arbitrary code execution.. Kommander, Remote Code Execution, Gentoo Linux, KDE, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Apr 22, 2005 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here