Lucene search
+L

26 matches found

Oracle linux
Oracle linux
added 2021/11/16 12:0 a.m.116 views

GNOME security, bug fix, and enhancement update

accountsservice 0.6.55-2 - Add support for user templates so user can specify default session Resolves: 1812788 gdm 40.0-14 - Fix XDMCP Resolves: 2004170 - Fix crash at shutdown Related: 2004170 40.0-13 - Disable Wayland on HyperV - Fix Xorg fallback Related: 1998989 40.0-12 - Redisable on server...

9.8CVSS7.5AI score0.14542EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2021/11/09 6:30 p.m.12 views

gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix)

autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...

5.5CVSS7.3AI score0.00639EPSS
Exploits1References4
OSV
OSV
added 2021/11/09 9:15 a.m.54 views

RLSA-2021:4381 Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558...

9.8CVSS9.1AI score0.14542EPSS
Exploits8References69
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:0687-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.00639EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.20 views

openSUSE: Security Advisory for gnome-autoar (openSUSE-SU-2021:0390-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6.4AI score0.00639EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.23 views

Fedora: Security Advisory for gnome-screenshot (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.28 views

Fedora: Security Advisory for yelp-tools (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.23 views

Fedora: Security Advisory for eog (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.11 views

Fedora: Security Advisory for tracker3 (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.13 views

Fedora: Security Advisory for gnome-shell-extension-background-logo (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.14 views

Fedora: Security Advisory for gnome-shell (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.11 views

Fedora: Security Advisory for evolution (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.19 views

Fedora: Security Advisory for gnome-user-docs (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2AI score
Exploits0References2
Prion
Prion
added 2021/03/17 6:15 a.m.31 views

Directory traversal

autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...

2.1CVSS5.8AI score0.00639EPSS
Exploits1References3Affected Software2
Debian CVE
Debian CVE
added 2021/03/17 5:51 a.m.36 views

CVE-2021-28650

autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...

5.5CVSS7.6AI score0.00528EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/03/08 12:0 a.m.36 views

openSUSE Security Update : gnome-autoar (openSUSE-2021-390)

This update for gnome-autoar fixes the following issues : - CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal bsc1181930. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network...

5.5CVSS6.4AI score0.00639EPSS
Exploits1References2
OSV
OSV
added 2021/03/06 5:5 a.m.9 views

OPENSUSE-SU-2021:0390-1 Security update for gnome-autoar

This update for gnome-autoar fixes the following issues: - CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal bsc1181930. This update was imported from the SUSE:SLE-15:Update update project...

5.5CVSS5.6AI score0.00639EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/03/06 12:0 a.m.42 views

Security update for gnome-autoar (moderate)

openSUSE Security Update: Security update for gnome-autoar Announcement ID: openSUSE-SU-2021:0390-1 Rating: moderate References: 1181930 Cross-References: CVE-2020-36241 CVSS scores: CVE-2020-36241 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-36241 SUSE: 3.9...

3.9CVSS6.3AI score0.00639EPSS
Exploits1References1
Mageia
Mageia
added 2021/03/04 4:53 p.m.33 views

Updated gnome-autoar packages fix security vulnerability

Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution CVE-2020-36241...

5.5CVSS3.8AI score0.00639EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/03/03 12:0 a.m.33 views

SUSE SLED15 / SLES15 Security Update : gnome-autoar (SUSE-SU-2021:0687-1)

This update for gnome-autoar fixes the following issues : CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal bsc1181930. Note that Tenable Network Security has extracted the preceding description block directly fr...

5.5CVSS6.4AI score0.00639EPSS
Exploits1References4
Rows per page
Query Builder