105 matches found
EUVD-2020-9307
Malware in sbrugna...
EUVD-2020-9308
Malware in sbrugna...
EUVD-2018-3043
Malware in sbrugna...
EUVD-2017-8683
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-17353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, ...
Linux Distros Unpatched Vulnerability : CVE-2018-10992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows...
Linux Distros Unpatched Vulnerability : CVE-2017-17523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows...
CVE-2020-29007
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...
Linux Distros Unpatched Vulnerability : CVE-2020-17354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme...
OPENSUSE-SU-2024:11021-1 lilypond-2.23.3-1.3 on GA media
These are all security issues fixed in the lilypond-2.23.3-1.3 package on the GA media of openSUSE Tumbleweed...
openSUSE: Security Advisory for guile1, lilypond (openSUSE-SU-2023:0137-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2023-0325)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0325 Updated lilypond packages fix a security vulnerability
Updated lilypond packages fix a security vulnerability: LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a...
Updated lilypond packages fix a security vulnerability
Updated lilypond packages fix a security vulnerability: LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a...
openSUSE 15 Security Update : guile1, lilypond (openSUSE-SU-2023:0137-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0137-1 advisory. - The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other...
OPENSUSE-SU-2023:0137-1 Security update for guile1, lilypond
This update for guile1, lilypond fixes the following issues: guile1: - Add service file to download release from git excluding the directory with commercial non free files. - Update to version 2.2.6 to enable lilypond to be updated to 2.24.1 to fix boo1210502 and CVE-2020-17354. lilypond: - Updat...
Security update for guile1, lilypond (important)
openSUSE Security Update: Security update for guile1, lilypond Announcement ID: openSUSE-SU-2023:0137-1 Rating: important References: 1210502 Cross-References: CVE-2016-8605 CVE-2020-17354 CVSS scores: CVE-2016-8605 NVD : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2020-17354 NVD : 8.6...
Fedora: Security Advisory for lilypond (FEDORA-2023-6edb8fab0d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for lilypond (FEDORA-2023-fb8bc496c2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for lilypond-doc (FEDORA-2023-fb8bc496c2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...