54 matches found
MiracleLinux 7 : patch-2.7.1-12.el7 (AXSA:2019-4344:02)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4344:02 advisory. patch: doedscript in pch.c does not block strings beginning with a ! character CVE-2018-20969 patch: OS shell command injection when processing...
Slackware: Security Advisory (SSA:2025-256-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-13638
creationtimestamp| type| source ---|---|--- 2025-07-08 07:10:39+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816361290443115 2025-07-08 07:10:49+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqoa3tmza2...
CBL Mariner 2.0 Security Update: patch (CVE-2019-13638)
The version of patch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-13638 advisory. - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafte...
CVE-2019-13638 affecting package patch for versions less than 2.7.6-9
CVE-2019-13638 affecting package patch for versions less than 2.7.6-9. A patched version of the package is available...
SUSE CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...
CVE-2019-13638 affecting package patch for versions less than 2.7.6-7
CVE-2019-13638 affecting package patch for versions less than 2.7.6-7. A patched version of the package is available...
CentOS 8 : patch (CESA-2019:2798)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:2798 advisory. - patch: doedscript in pch.c does not block strings beginning with a ! character CVE-2018-20969 - patch: OS shell command injection when processing...
CVE-2019-13638 affecting package patch 2.7.6-7
CVE-2019-13638 affecting package patch 2.7.6-7. A patched version of the package is available...
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 but the ! syntax is specific to ed and is unrelated to a shell metacharacter.
...
EulerOS Virtualization for ARM 64 3.0.2.0 : patch (EulerOS-SA-2020-1225)
According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead t...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1225)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated patch packages fix security vulnerabilities
Updated patch package fixes security vulnerabilities: In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. CVE-2019-13636. A vulnerability was found in GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1022)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-2645)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1065)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-2219)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.5.0 : patch (EulerOS-SA-2020-1065)
According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch fil...
Important: Red Hat Security Advisory: patch security update
An update for patch is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...
NewStart CGSL CORE 5.04 / MAIN 5.04 : patch Multiple Vulnerabilities (NS-SA-2019-0223)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has patch packages installed that are affected by multiple vulnerabilities: - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style...