#debian

## Summary ## The *Command Execution* feature of File Browser only allows the execution of shell command which have been predefined on a user-specific allowlist. Many tools allow the execution of arbitrary different commands, rendering this limitation void. ## Impact ## The concrete impact depends on the commands being granted to the attacker, but the large number of standard commands allowing the execution of subcommands makes it likely that every user having the `Execute commands` permissions can exploit this vulnerability. Everyone who can exploit it will have full code execution rights with the *uid* of the server process. ## Vulnerability Description ## Many Linux commands allow the execution of arbitrary different commands. For example, if a user is authorized to run only the `find` command and nothing else, this restriction can be circumvented by using the `-exec` flag. Some common commands having the ability to launch external commands and which are included in the offici...

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15.

How to update Chrome on every Operating System (Windows, Mac, Linux, Chrome OS, Android, iOS)

Qualys details CVE-2025-5054 and CVE-2025-4598, critical vulnerabilities affecting Linux crash reporting tools like Apport and systemd-coredump. Learn how…

A Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.

Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure.

Cisco Talos has discovered an active exploitation of CVE-2024-4577 by an attacker in order to gain access to the victim's machines and carry out post-exploitation activities.

January Linux Patch Wednesday. Out of 424 total vulnerabilities, 271 are in the Linux Kernel. None show signs of exploitation in the wild, but 9 have public exploits. 🔸 RCE – Apache Tomcat (CVE-2024-56337). Based on the description, the vulnerability affects “case-insensitive file systems” like Windows or MacOS. However, Debian lists it as affecting tomcat9 […]

Debian Linux Security Advisory 5823-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Clement Lecigne and Benoit Sevens discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. Clement Lecigne and Benoit Sevens discovered that processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

Debian Linux Security Advisory 5815-2 - The update for needrestart announced as DSA 5815-1 introduced a regression reporting false positives for processes running in chroot or mountns. Updated packages are now available to correct this issue.