194 matches found
Unity Linux 20.1070e Security Update: aspell (UTSA-2026-016693)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016693 advisory. objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
Astra Linux – Vulnerability in aspell
The libaspell.a file in GNU Aspell before version 0.60.8 has a buffer overflow issue for strings that end with a single '\0' byte. This issue occurs when the encoding is set to ucs-2 or ucs-4 outside of the application, as indicated by the ASPELLCONF environment variable...
Astra Linux – Vulnerability in aspell
The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...
Astra Linux – Vulnerability in aspell
In GNU Aspell 0.60.8, objstack has a heap-based buffer overflow in the acommon::ObjStack::duptop function called from acommon::StringMap::add and acommon::Config::lookuplist...
Unity Linux 20.1060e / 20.1070e Security Update: aspell (UTSA-2026-017600)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017600 advisory. libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the...
Unity Linux 20.1060e / 20.1070e Security Update: aspell (UTSA-2026-017553)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017553 advisory. libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. Tenable has...
MiracleLinux 8 : aspell-0.60.6.1-22.el8.ML.1 (AXSA:2022-3329:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3329:02 advisory. aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 Tenable has extracted the preceding description block directly from the MiracleLinux...
EUVD-2019-11500
Malware in sbrugna...
EUVD-2004-0547
Malware in sbrugna...
EUVD-2019-10981
Malware in sbrugna...
EUVD-2019-7894
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2013-3630
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-che...
NewStart CGSL MAIN 7.02 : aspell Vulnerability (NS-SA-2025-0205)
The remote NewStart CGSL host, running version MAIN 7.02, has aspell packages installed that are affected by a vulnerability: - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
Alibaba Cloud Linux 3 : 0199: aspell (ALINUX3-SA-2022:0199)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0199 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-25051: objstack in GNU Aspell 0.60.8 has a...
Linux Distros Unpatched Vulnerability : CVE-2019-20433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of...
Linux Distros Unpatched Vulnerability : CVE-2019-17544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. CVE-2019-1754...
CVE-2019-25051 affecting package aspell 0.60.8-5
CVE-2019-25051 affecting package aspell 0.60.8-5. This CVE either no longer is or was never applicable...
RHSA-2022:1808 Red Hat Security Advisory: aspell security update
Bulletin has no description...
CVE-2024-45312 Arbitrary language parameter can passed to `aspell` executable via spelling requests in overleaf
Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 or 4.2.7 for the 4.x series contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the aspell executable running on the...
CVE-2024-45312
Summary: CVE-2024-45312 affects Overleaf Community Edition and Server Pro before 5.0.7 (or 4.x before 4.2.7). The issue lets an arbitrary language parameter in client spelling requests reach the server’s aspell process, causing it to load a dictionary file with an arbitrary filename; access is li...