18 matches found
Unbreakable Enterprise kernel security update
5.4.17-2136.349.3.1 - i40e: add validation for ringlen param Lukasz Czapnik Orabug: 38604171 CVE-2025-39973 - i40e: increase max descriptors for XL710 Justin Bronder Orabug: 38604171 CVE-2025-39973 5.4.17-2136.349.3 - Revert 'net/mlx5e: Update and set Xon/Xoff upon MTU set' Jakub Kicinski Orabug:...
gcc-toolset-13-annobin bug fix update
An update is available for gcc-toolset-13-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This package contains the tools needed to annotate binary file...
CVE-2023-52605
CVE-2023-52605 is present in connected MiracleLinux advisories with a vulnerability description citing a NULL pointer dereference in the Linux kernel (denial of service). The Initial document marks it as Rejected reason, but the connected Nessus/IBM advisories enumerate the CVE with concrete deta...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
Debian DLA-1444-1 : vim-syntastic security update
CVE-2018-11319 The improper handling of search for configuration files might be exploited for arbitrary code execution via a malicious gcc plugin. For Debian 8 'Jessie', this problem has been fixed in version 3.5.0-1+deb8u1. We recommend that you upgrade your vim-syntastic packages. NOTE: Tenable...
[SECURITY] [DLA 1444-1] vim-syntastic security update
Package : vim-syntastic Version : 3.5.0-1+deb8u1 CVE ID : CVE-2018-11319 CVE-2018-11319 The improper handling of search for configuration files might be exploited for arbitrary code execution via a malicious gcc plugin. For Debian 8 "Jessie", this problem has been fixed in version 3.5.0-1+deb8u1...
Syntastic Code Execution Vulnerability
Syntastic vim-syntastic is a syntax-checking plugin for use on Linux systems. A security vulnerability exists in Syntastic 3.9.0 and earlier versions, which stems from the program's failure to properly handle searches of configuration files. The vulnerability can be exploited by an attacker to...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
Directory traversal
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
CVE-2018-11319
Syntastic (vim-syntastic) up to version 3.9.0 is vulnerable due to how config files are searched: it traverses from the project directory upward toward root, enabling arbitrary code execution if an attacker can write to a parent directory of the checked project. Published fixes exist: Debian stre...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
Updated golang packages fix security vulnerability
Updated golang packages fix security vulnerabilities: Go before 1.9.4 allows "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked CVE-2018-6574...
CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked...
CVE-2018-6574
Removed by vendor...
CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked...