Lucene search
K

194 matches found

CVE
CVE
added 2023/01/17 9:3 p.m.160 views

CVE-2022-41953

CVE-2022-41953 affects Git GUI (Git for Windows). When cloning a repository with Git GUI, post-processing may run a spell checker binary named aspell.exe from the repository’s top-level directory due to Tcl on Windows searching the current directory first. If a malicious repo ships a crafted aspe...

8.6CVSS7.6AI score0.06796EPSS
Exploits0References4Affected Software1
CBLMariner
CBLMariner
added 2022/11/03 8:37 p.m.15 views

CVE-2019-25051 affecting package aspell for versions less than 0.60.8-7

CVE-2019-25051 affecting package aspell for versions less than 0.60.8-7. A patched version of the package is available...

7.8CVSS7.9AI score0.00549EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2022/10/30 7:0 a.m.6 views

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).

...

7.8CVSS7AI score0.00549EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.50 views

Rocky Linux 8 : aspell (RLSA-2022:1808)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1808 advisory. - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

7.8CVSS7.6AI score0.00549EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2022/05/17 12:0 a.m.26 views

aspell security update

12:0.60.6.1-22 - resolves: 1988497 fix CVE-2019-25051...

7.8CVSS1.8AI score0.00549EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.29 views

AlmaLinux 8 : aspell (ALSA-2022:1808)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1808 advisory. - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

7.8CVSS7.6AI score0.00549EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.26 views

RHEL 8 : aspell (RHSA-2022:1808)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1808 advisory. GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security...

7.8CVSS7.3AI score0.00549EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/05/10 1:38 p.m.32 views

Moderate: Red Hat Security Advisory: aspell security update

An update for aspell is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.8CVSS7.1AI score0.00549EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/05/10 1:38 p.m.3 views

aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

7.8CVSS6AI score0.00549EPSS
Exploits0References7
OSV
OSV
added 2022/05/10 8:2 a.m.31 views

RLSA-2022:1808 Moderate: aspell security update

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...

7.8CVSS7.5AI score0.00549EPSS
Exploits0References2
OSV
OSV
added 2022/05/10 8:2 a.m.24 views

ALSA-2022:1808 Moderate: aspell security update

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...

7.8CVSS7.6AI score0.00549EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2022/05/10 8:2 a.m.34 views

Moderate: aspell security update

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...

7.8CVSS7.7AI score0.00549EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/05/10 8:2 a.m.39 views

aspell security update

An update is available for aspell. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNU Aspell is a spell checker designed to eventually replace Ispell. It can...

7.8CVSS7.7AI score0.00549EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2021-0388)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00549EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2019-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.4AI score0.03259EPSS
Exploits0References4
OSV
OSV
added 2021/10/15 11:3 a.m.6 views

OESA-2021-1388 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

9.1CVSS7.2AI score0.01739EPSS
Exploits0References2
0day.today
0day.today
added 2021/10/13 12:0 a.m.1135 views

Moodle SpellChecker Path Authenticated Remote Command Execution Exploit

Moodle allows an authenticated administrator to define spellcheck settings via the web interface. An administrator can update the aspell path to include a command injection. This is extremely similar to CVE-2013-3630, just using a different variable. This Metasploit module was tested against Mood...

9.1CVSS0.9AI score0.42566EPSS
Exploits11
Packet Storm
Packet Storm
added 2021/10/12 12:0 a.m.347 views

Moodle SpellChecker Path Authenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle SpellChecker Path Authenticated Remote Command Execution', 'Description' = %q Moodle allows an authenticated administrator to define...

9.1CVSS0.5AI score0.42566EPSS
Exploits11
OSV
OSV
added 2021/09/30 11:3 a.m.4 views

OESA-2021-1351 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

7.8CVSS7.4AI score0.00549EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/26 12:0 a.m.22 views

SUSE SLED12: aspell / aspell-devel / aspell-ispell / libaspell15 / etc (SUSE-SU-2021:2848-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2848-1 advisory. - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:duptop bsc1188576. Tenable has extracted the preceding description...

7.8CVSS7.2AI score0.00549EPSS
Exploits0References4
Rows per page
Query Builder