Lucene search
K

269 matches found

openvas
openvas
added 2023/10/18 12:0 a.m.13 views

Ubuntu: Security Advisory (USN-6423-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.1657EPSS
Exploits1References2
nessus
nessus
added 2023/10/18 12:0 a.m.24 views

SUSE SLED15 / SLES15 Security Update : libcue (SUSE-SU-2023:4090-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4090-1 advisory. - CVE-2023-43641: Fixed a buffer overflow while parsing a malicious file bsc1215728. Tenable has extracted the precedin...

8.8CVSS7.9AI score0.1657EPSS
Exploits1References4
ubuntu
ubuntu
added 2023/10/17 11:30 a.m.56 views

USN-6423-2: CUE vulnerability

USN-6423-1 fixed a vulnerability in CUE. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code...

8.8CVSS8.4AI score0.1657EPSS
Exploits1
osv
osv
added 2023/10/17 11:30 a.m.5 views

USN-6423-2 libcue vulnerability

USN-6423-1 fixed a vulnerability in CUE. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code...

8.8CVSS6AI score0.1657EPSS
Exploits1References2
openvas
openvas
added 2023/10/16 12:0 a.m.17 views

Fedora: Security Advisory for libcue (FEDORA-2023-1fe05ac8d9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.1657EPSS
Exploits1References2
nessus
nessus
added 2023/10/14 12:0 a.m.25 views

FreeBSD : libcue -- out-of-bounds array access (ae0ee356-6ae1-11ee-bfb6-8c164567ca3c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ae0ee356-6ae1-11ee-bfb6-8c164567ca3c advisory. - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are...

8.8CVSS8.3AI score0.1657EPSS
Exploits1References3
susecve
susecve
added 2023/10/13 12:25 a.m.6 views

SUSE CVE-2023-43641

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it ...

8.8CVSS7.7AI score0.1657EPSS
Exploits1References4
openvas
openvas
added 2023/10/13 12:0 a.m.16 views

Fedora: Security Advisory for libcue (FEDORA-2023-eec9ce5935)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.1657EPSS
Exploits1References2
veracode
veracode
added 2023/10/12 5:49 a.m.30 views

Remote Code Execution (RCE)

libcue is vulnerable to Remote Code Execution. The vulnerability is due to improper out of bound array checks. This can be exploited by the attacker by making the user to download a cue sheet and parse the file to gain code execution...

8.8CVSS7.8AI score0.1657EPSS
Exploits1References10Affected Software1
fedora
fedora
added 2023/10/12 1:46 a.m.21 views

[SECURITY] Fedora 38 Update: libcue-2.2.1-13.fc38

Libcue is intended for parsing a so-called cue sheet from a char string or a file pointer. For handling of the parsed data a convenient API is available...

8.8CVSS8.9AI score0.1657EPSS
Exploits1
redhatcve
redhatcve
added 2023/10/11 6:43 a.m.54 views

CVE-2023-43641

A flaw was found in libcue, which is consumed by the tracker-miners application. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious web page, allowing remote code execution...

8.8CVSS6.8AI score0.1657EPSS
Exploits1References4
wolfi
wolfi
added 2023/10/10 9:28 p.m.43 views

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, grype, bom, weaviate, pulumi, amass, secrets-store-csi-driver, newrelic-infrastructure-agent, flux-source-controller, gobuster, spark-operator, coredns, ip-masq-agent, src, cortex, rqlite, haproxy-ingress, skaffold, terraform-provider-azurerm,...

6.1AI score
Exploits0
thn
thn
added 2023/10/10 6:50 a.m.70 views

libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution RCE on affected hosts. Tracked as CVE-2023-43641 CVSS score: 8.8, the issue is described as a case of memory corruption in libcue, a library designed...

8.8CVSS9AI score0.56192EPSS
Exploits1
gentoo
gentoo
added 2023/10/10 12:0 a.m.26 views

libcue: Arbitrary Code Execution

Background libcue is a CUE Sheet Parser Library. Description libcue does not check bounds in a loop and suffers from an integer overflow flaw which can be exploited to take over the program. Impact Untrusted CUE sheet files can lead to arbitrary code execution. app-misc/tracker-minerscue uses...

8.8CVSS7.9AI score0.1657EPSS
Exploits1
nessus
nessus
added 2023/10/10 12:0 a.m.30 views

GLSA-202310-10 : libcue: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202310-10 libcue: Arbitrary Code Execution - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment ca...

8.8CVSS8.2AI score0.1657EPSS
Exploits1References3
nvd
nvd
added 2023/10/09 10:15 p.m.13 views

CVE-2023-43641

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it ...

8.8CVSS8.7AI score0.1657EPSS
Exploits1References10
osv
osv
added 2023/10/09 10:15 p.m.1 views

DEBIAN-CVE-2023-43641

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it ...

8.8CVSS8.2AI score0.1657EPSS
Exploits1References1
cve
cve
added 2023/10/09 9:1 p.m.431 views

CVE-2023-43641

CVE-2023-43641 affects libcue, a library for parsing CUE sheets. Versions

8.8CVSS8.7AI score0.1657EPSS
Exploits1References10Affected Software1
osv
osv
added 2023/10/09 9:1 p.m.18 views

CVE-2023-43641 libcue vulnerable to out-of-bounds array access

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it ...

8.8CVSS9AI score0.1657EPSS
Exploits1References12
vulnrichment
vulnrichment
added 2023/10/09 9:1 p.m.18 views

CVE-2023-43641 libcue vulnerable to out-of-bounds array access

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it ...

8.8CVSS7.2AI score0.1657EPSS
Exploits1References10
Rows per page
Query Builder