Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianarbitrary commands

Debian 11: DLA-3958-1 critical vulnerability in libmodule-scandeps-perl

The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3958-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Salvatore Bonaccorso November 19, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libmodule-scandeps-perl Version : 1.30-1+deb11u1 CVE ID : CVE-2024-10224 The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names. Details can be found in the Qualys advisory at https:// For Debian 11 bullseye, this problem has been fixed in version 1.30-1+deb11u1. We recommend that you upgrade your libmodule-scandeps-perl packages. For the detailed security status of libmodule-scandeps-perl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libmodule-scandeps-perl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Debian LTS Advisory DLA-3958-1 highlights vulnerabilities in libmodule-scandeps-perl that could enable unauthorized shell command execution.. libmodule-scandeps-perl, security update, debian advisory, threat research. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 19, 2024 Critical Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianarbitrary code

Debian: DSA-5718-1 Fix for Org Mode Shell Execution Risk

It was discovered that Org Mode for Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file. This update includes updates pending for the upcoming point releases . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5718-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 25, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : org-mode CVE ID : CVE-2024-39331 Debian Bug : 1074136 It was discovered that Org Mode for Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file. This update includes updates pending for the upcoming point releases including other security fixes. For the oldstable distribution (bullseye), this problem has been fixed in version 9.4.0+dfsg-1+deb11u3. We recommend that you upgrade your org-mode packages. For the detailed security status of org-mode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/org-mode Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN-5867-1 tackles vulnerabilities in the Network Manager, providing essential fixes for users.. org-mode Updates, Debian Security, Shell Code Evaluation, Arbitrary Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 25, 2024 Critical Debian
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantshell execution

openSUSE: 2019:1851-2 Important: Kconfig Command Execution Severity

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kconfig, kdelibs4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1851-2 Rating: important References: #1144600 Cross-References: CVE-2019-14744 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1851=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): kconf_update5-5.55.0-bp151.3.5.1 kconf_update5-debuginfo-5.55.0-bp151.3.5.1 kconfig-debugsource-5.55.0-bp151.3.5.1 kconfig-devel-5.55.0-bp151.3.5.1 kconfig-devel-debuginfo-5.55.0-bp151.3.5.1 kdelibs4-4.14.38-bp151.9.5.1 kdelibs4-branding-upstream-4.14.38-bp151.9.5.1 kdelibs4-core-4.14.38-bp151.9.5.1 kdelibs4-core-debuginfo-4.14.38-bp151.9.5.1 kdelibs4-debuginfo-4.14.38-bp151.9.5.1 kdelibs4-debugsource-4.14.38-bp151.9.5.1 kdelibs4-doc-4.14.38-bp151.9.5.1 kdelibs4-doc-debuginfo-4.14.38-bp151.9.5.1 libKF5ConfigCore5-5.55.0-bp151.3.5.1 libKF5ConfigCore5-debuginfo-5.55.0-bp151.3.5.1 libKF5ConfigGui5-5.55.0-bp151.3.5.1 libKF5ConfigGui5-debuginfo-5.55.0-bp151.3.5.1 libkde4-4.14.38-bp151.9.5.1 libkde4-debuginfo-4.14.38-bp151.9.5.1 libkde4-devel-4.14.38-bp151.9.5.1 libkde4-devel-debuginfo-4.14.38-bp151.9.5.1 libkdecore4-4.14.38-bp151.9.5.1 libkdecore4-debuginfo-4.14.38-bp151.9.5.1 libkdecore4-devel-4.14.38-bp151.9.5.1 libkdecore4-devel-debuginfo-4.14.38-bp151.9.5.1 libksuseinstall-devel-4.14.38-bp151.9.5.1 libksuseinstall1-4.14.38-bp151.9.5.1 libksuseinstall1-debuginfo-4.14.38-bp151.9.5.1 - openSUSE Backports SLE-15-SP1 (aarch64_ilp32): kconfig-devel-64bit-5.55.0-bp151.3.5.1 kconfig-devel-64bit-debuginfo-5.55.0-bp151.3.5.1 libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1 libKF5ConfigCore5-64bit-debuginfo-5.55.0-bp151.3.5.1 libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1 libKF5ConfigGui5-64bit-debuginfo-5.55.0-bp151.3.5.1 libkde4-64bit-4.14.38-bp151.9.5.1 libkde4-64bit-debuginfo-4.14.38-bp151.9.5.1 libkdecore4-64bit-4.14.38-bp151.9.5.1 libkdecore4-64bit-debuginfo-4.14.38-bp151.9.5.1 libksuseinstall1-64bit-4.14.38-bp151.9.5.1 libksuseinstall1-64bit-debuginfo-4.14.38-bp151.9.5.1 - openSUSE Backports SLE-15-SP1 (noarch): kdelibs4-apidocs-4.14.38-bp151.9.5.1 libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1 References: https://www.suse.com/security/cve/CVE-2019-14744.html https://bugzilla.suse.com/1144600 -- . The latest openSUSE release resolves a critical bug affecting kconfig and kdelibs4, thereby enhancing overall system reliability.. openSUSE Backports, kconfig Update, kdelibs4 Security, shell execution fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 14, 2019 Important OpenSUSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianshell execution

Debian: DSA-4494-1 Moderate: KConfig Command Execution Risk

Dominik Penner discovered that KConfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4494-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 09, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : kconfig CVE ID : CVE-2019-14744 Dominik Penner discovered that KConfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in a file browser) arbitrary commands could get executed. This update removes this feature. For the oldstable distribution (stretch), this problem has been fixed in version 5.28.0-2+deb9u1. For the stable distribution (buster), this problem has been fixed in version 5.54.0-1+deb10u1. We recommend that you upgrade your kconfig packages. For the detailed security status of kconfig please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/kconfig Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . KConfig security patch addresses a flaw that allows execution of shell commands via .desktop files in Debian. Update recommended.. KConfig Shell Execution Security, Debian KConfig Update, Security Advisory DSA-4494-1. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 09, 2019 Important Debian
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updateremote code execution

SuSE: Critical Shell Execution Risk in Pine 4.X Advisory

By sending a malicious formated email pine could be tricked into executing shell scripts or binary programs. . ______________________________________________________________________________ SuSE Security Announcement Package: pine-4.X Date: Mon Jun 28 23:02:12 CEST 1999 Affected: all Unix operating systems using pine-4.X ______________________________________________________________________________ A security hole was discovered in the package mentioned above. Please update as soon as possible or disable the service if you are using this software on your SuSE Linux installation(s). Other Linux distributions or operating systems might be affected as well, please contact your vendor for information about this issue. Please note, that that we provide this information on as "as-is" basis only. There is no warranty whatsoever and no liability for any direct, indirect or incidental damage arising from this information or the installation of the update package. ______________________________________________________________________________ 1. Problem Description By sending a malicious formated email pine could be tricked into executing shell scripts or binary programs. 2. Impact An attacker could force any user (even root), which use pine, to execute any program s/he wants. This behavior could lead to remote root compromise of the system. 3. Solution Install the fixed pine package, which is available from our ftp server. ______________________________________________________________________________ Here are the md5 checksums of the upgrade packages, please verify these before installing the new packages: 07f319fb589578802af8312414ee0462 pine.rpm (glibc2) c7b1ca7952c732c37d21205b83981581 pine.rpm (AXP) c056588e2261a42e3194634795e2c16c pine.rpm (Source) ______________________________________________________________________________ You will find the updates on our ftp-Server: (glibc2) (AXP) (Source) A libc5 versionisn't available, because SuSE 5.3 uses pine-3.96 per default. Webpage for patches: https://www.suse.com/de-de/ or try the following web pages for a list of mirrors: https://www.suse.com/de-de/ ______________________________________________________________________________ . Important Fedora notice regarding curl-7.X command injection vulnerability; system patching advised for impacted Linux distributions immediately.. SuSE Security,Pine Exploit,Shell Execution Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 07, 1999 Critical SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here