Lucene search
K

440 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.3 views

NewStart CGSL MAIN 6.06 : gettext Vulnerability (NS-SA-2025-0218)

The remote NewStart CGSL host, running version MAIN 6.06, has gettext packages installed that are affected by a vulnerability: - An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read- catalog.c, related to an invalid free in pogramparse in po-gram-gen....

9.8CVSS7AI score0.04293EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/09/18 8:45 a.m.3 views

grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write and Read.

When reading the language .mo file in grubmofileopen, grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data o...

6.7CVSS6AI score0.00234EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2025/09/11 10:6 a.m.9 views

Advisory ROSA-SA-2025-2996

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-23 affected versions grub2-2.06-23 CVE-ID: CVE-2024-45777 BDU-ID: 2025-07120 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gettext component of the Grub operating systems loader is related to integer overflow. Exploitation...

7.8CVSS7.5AI score0.00444EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 6:26 a.m.3 views

Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.

...

6.7CVSS7AI score0.00234EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:49 a.m.5 views

Grub2: grub-core/gettext: integer overflow leads to heap oob write.

...

6.7CVSS7AI score0.00231EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-6175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

9.8CVSS7.2AI score0.1966EPSS
Exploits4References2
CNVD
CNVD
added 2025/08/05 12:0 a.m.2 views

GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-17795)

GNU GRUB is a Linux system boot program from the GNU community. A buffer error vulnerability exists in GNU GRUB, which originates in the grub-core/gettext module, where the system does not properly limit the size of the data, and can be exploited by an attacker to run arbitrary code in the contex...

6.7CVSS7.6AI score0.00231EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/07/29 8:22 a.m.5 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2025-4382: Fixed TPM auto-decryption data exposure bsc1242971 Filter out the non-subvolume btrfs mount points when creating the relative path bsc1239674 CVE-2024-45781: Fixed ufs strcpy overflow bsc1233617 CVE-2024-56737: Fixed heap-based buff...

8.9CVSS7AI score0.01373EPSS
Exploits1References100
OSV
OSV
added 2025/07/29 8:20 a.m.5 views

SUSE-SU-2025:20511-1 Security update for grub2

This update for grub2 fixes the following issues: - CVE-2025-4382: Fixed TPM auto-decryption data exposure bsc1242971 - Filter out the non-subvolume btrfs mount points when creating the relative path bsc1239674 - CVE-2024-45781: Fixed ufs strcpy overflow bsc1233617 - CVE-2024-56737: Fixed...

8.8CVSS7.7AI score0.01373EPSS
Exploits1References51
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.7 views

The vulnerability of the gettext loader component in the Grub2 operating system allows a hacker to execute arbitrary code.

The vulnerability of the gettext loader component in operating system Grub is related to integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7AI score0.00231EPSS
Exploits0References8Affected Software6
RedhatCVE
RedhatCVE
added 2025/05/22 10:49 p.m.8 views

CVE-2022-3036

The Gettext override translations WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite set...

4.8CVSS5.7AI score0.0056EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.16 views

Photon OS 5.0: Gettext PHSA-2025-5.0-0485

An update of the gettext package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0485. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS6.9AI score0.0113EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.10 views

Photon OS 4.0: Gettext PHSA-2025-4.0-0765

An update of the gettext package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0765. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS6.9AI score0.0113EPSS
Exploits1References4
Photon
Photon
added 2025/03/06 12:0 a.m.17 views

Critical Photon OS Security Update - PHSA-2025-4.0-0765

Updates of 'rubygem-activesupport', 'libxml2', 'gettext' packages of Photon OS have been released...

9.8CVSS6.7AI score0.01498EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2018-18751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read- catalog.c, related to an invalid free in pogramparse in...

9.8CVSS6.8AI score0.04293EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/02/20 2:33 p.m.3 views

SUSE CVE-2024-45777

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the...

6.4CVSS6.7AI score0.00231EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2025/02/19 5:54 p.m.22 views

CVE-2024-45777

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the...

6.7CVSS6.5AI score0.00231EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/02/19 7:29 a.m.6 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References88
SUSE Linux
SUSE Linux
added 2025/02/19 7:29 a.m.7 views

Security update for grub2

This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...

8.9CVSS7.3AI score0.01373EPSS
Exploits1References94
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.5 views

GNU GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. A buffer error vulnerability exists in GNU GRUB, which originates in the grub-core/gettext module, where the system does not properly limit the size of the data, and can be exploited by an attacker to run arbitrary code in the contex...

6.7CVSS6.8AI score0.00231EPSS
Exploits0References3
Rows per page
Query Builder