194 matches found
CVE-2022-41953
CVE-2022-41953 affects Git GUI (Git for Windows). When cloning a repository with Git GUI, post-processing may run a spell checker binary named aspell.exe from the repository’s top-level directory due to Tcl on Windows searching the current directory first. If a malicious repo ships a crafted aspe...
CVE-2019-25051 affecting package aspell for versions less than 0.60.8-7
CVE-2019-25051 affecting package aspell for versions less than 0.60.8-7. A patched version of the package is available...
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
...
Rocky Linux 8 : aspell (RLSA-2022:1808)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1808 advisory. - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
aspell security update
12:0.60.6.1-22 - resolves: 1988497 fix CVE-2019-25051...
AlmaLinux 8 : aspell (ALSA-2022:1808)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1808 advisory. - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
RHEL 8 : aspell (RHSA-2022:1808)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1808 advisory. GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security...
Moderate: Red Hat Security Advisory: aspell security update
An update for aspell is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
aspell: Heap-buffer-overflow in acommon::ObjStack::dup_top
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
RLSA-2022:1808 Moderate: aspell security update
GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...
ALSA-2022:1808 Moderate: aspell security update
GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...
Moderate: aspell security update
GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...
aspell security update
An update is available for aspell. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNU Aspell is a spell checker designed to eventually replace Ispell. It can...
Mageia: Security Advisory (MGASA-2021-0388)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0311)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2021-1388 aspell security update
GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...
Moodle SpellChecker Path Authenticated Remote Command Execution Exploit
Moodle allows an authenticated administrator to define spellcheck settings via the web interface. An administrator can update the aspell path to include a command injection. This is extremely similar to CVE-2013-3630, just using a different variable. This Metasploit module was tested against Mood...
Moodle SpellChecker Path Authenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moodle SpellChecker Path Authenticated Remote Command Execution', 'Description' = %q Moodle allows an authenticated administrator to define...
OESA-2021-1351 aspell security update
GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...
SUSE SLED12: aspell / aspell-devel / aspell-ispell / libaspell15 / etc (SUSE-SU-2021:2848-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2848-1 advisory. - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:duptop bsc1188576. Tenable has extracted the preceding description...