333 matches found
Advisory ROSA-SA-2021-1826
Software: ed 1.9 OS: Cobalt 7.9 CVE-ID: CVE-2015-2987 CVE-Crit: MEDIUM CVE-DESC: Type74 ED before 4.0 incorrectly uses 128-bit ECB encryption for small files, making it easier for attackers to obtain plaintext data by differential cryptanalysis of a file with an original length of less than 128...
Irzip 代码问题漏洞
Irzip is a compression utility that excels at compressing large files. A null pointer dereference vulnerability exists in lzodecompressbuf in stream.c in Irzip version 0.621, which can be exploited by an attacker to cause a denial of service via specially crafted compressed files...
SUSE: Security Advisory (SUSE-SU-2019:14005-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1608-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability in the regex.c component of the text editor ed, which allows a hacker to trigger a service failure.
The vulnerability of the regex.c component in the text editor ed is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
CVE-2015-2987 affecting package ed 1.14.2-8
CVE-2015-2987 affecting package ed 1.14.2-8. A patched version of the package is available...
ed-tech.co.kr Cross Site Scripting vulnerability OBB-1367657
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
...
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 but the ! syntax is specific to ed and is unrelated to a shell metacharacter.
...
SUSE SLES12 Security Update : ed (SUSE-SU-2020:1608-1)
This update for ed fixes the following security issue : CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. bsc1019807 Note that Tenable Network Security has extracted the preceding description block directly from t...
SUSE-SU-2020:1608-1 Security update for ed
This update for ed fixes the following security issue: - CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. bsc1019807...
Fedora: Security Advisory for pure-ftpd (FEDORA-2020-84fb0920fd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 31 Update: pure-ftpd-1.0.49-5.fc31
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)
According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...
EulerOS Virtualization for ARM 64 3.0.2.0 : patch (EulerOS-SA-2020-1225)
According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead t...
Huawei EulerOS: Security Advisory for ed (EulerOS-SA-2019-2572)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ed (EulerOS-SA-2019-2507)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1065)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ed (EulerOS-SA-2019-1962)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.5.0 : patch (EulerOS-SA-2020-1065)
According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch fil...