Lucene search
K

333 matches found

Rosalinux
Rosalinux
added 2021/07/02 4:39 p.m.38 views

Advisory ROSA-SA-2021-1826

Software: ed 1.9 OS: Cobalt 7.9 CVE-ID: CVE-2015-2987 CVE-Crit: MEDIUM CVE-DESC: Type74 ED before 4.0 incorrectly uses 128-bit ECB encryption for small files, making it easier for attackers to obtain plaintext data by differential cryptanalysis of a file with an original length of less than 128...

7.5CVSS7AI score0.03044EPSS
Exploits0
CNNVD
CNNVD
added 2021/06/10 12:0 a.m.4 views

Irzip 代码问题漏洞

Irzip is a compression utility that excels at compressing large files. A null pointer dereference vulnerability exists in lzodecompressbuf in stream.c in Irzip version 0.621, which can be exploited by an attacker to cause a denial of service via specially crafted compressed files...

5.5CVSS5.7AI score0.00929EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2019:14005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03044EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2020:1608-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03044EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.5 views

The vulnerability in the regex.c component of the text editor ed, which allows a hacker to trigger a service failure.

The vulnerability of the regex.c component in the text editor ed is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS7.2AI score0.03044EPSS
Exploits0References5Affected Software3
CBLMariner
CBLMariner
added 2020/11/05 4:21 a.m.20 views

CVE-2015-2987 affecting package ed 1.14.2-8

CVE-2015-2987 affecting package ed 1.14.2-8. A patched version of the package is available...

2.6CVSS7.5AI score0.00695EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/27 9:27 a.m.5 views

ed-tech.co.kr Cross Site Scripting vulnerability OBB-1367657

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.4 views

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.

...

9.3CVSS7.7AI score0.0556EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.4 views

do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 but the ! syntax is specific to ed and is unrelated to a shell metacharacter.

...

9.3CVSS7.9AI score0.0453EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.19 views

SUSE SLES12 Security Update : ed (SUSE-SU-2020:1608-1)

This update for ed fixes the following security issue : CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. bsc1019807 Note that Tenable Network Security has extracted the preceding description block directly from t...

7.5CVSS7.4AI score0.03044EPSS
Exploits0References4
OSV
OSV
added 2020/06/11 1:16 p.m.6 views

SUSE-SU-2020:1608-1 Security update for ed

This update for ed fixes the following security issue: - CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. bsc1019807...

7.5CVSS7.6AI score0.03044EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/05/16 12:0 a.m.22 views

Fedora: Security Advisory for pure-ftpd (FEDORA-2020-84fb0920fd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.07112EPSS
Exploits0References2
Fedora
Fedora
added 2020/05/15 3:29 a.m.53 views

[SECURITY] Fedora 31 Update: pure-ftpd-1.0.49-5.fc31

Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...

7.5CVSS0.5AI score0.07112EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.96 views

EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...

6.1CVSS6.5AI score0.81466EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.39 views

EulerOS Virtualization for ARM 64 3.0.2.0 : patch (EulerOS-SA-2020-1225)

According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead t...

9.3CVSS6.8AI score0.06096EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for ed (EulerOS-SA-2019-2572)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03044EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for ed (EulerOS-SA-2019-2507)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03044EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.43 views

Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1065)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.2AI score0.0453EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for ed (EulerOS-SA-2019-1962)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03044EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/01/13 12:0 a.m.39 views

EulerOS Virtualization for ARM 64 3.0.5.0 : patch (EulerOS-SA-2020-1065)

According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch fil...

9.3CVSS7.5AI score0.0556EPSS
Exploits1References3
Rows per page
Query Builder