26 matches found
EUVD-2017-8691
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-17531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
GNU Global Code Execution Vulnerability
GNU Global is a free code tagging system for the US GNU community. A code execution vulnerability exists in GNU Global that stems from the use of shell metacharacters, no details of the vulnerability are provided at this time...
SUSE CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
DEBIAN-CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
UBUNTU-CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
PT-2024-28008 · Gnu +1 · Gnu Global +1
Name of the Vulnerable Software and Affected Versions: GNU Global versions 6.6.12 and earlier Description: The issue allows code execution in situations where dbpath also known as -d is untrusted, because shell metacharacters may be used. This can lead to execution of code when dbpath is not...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
CVE-2024-38448 affects GNU Global htags up to 6.6.12, allowing code execution when dbpath (-d) is untrusted due to shell metacharacters. OpenSUSE advisories indicate a fix in global-6.6.13-1 (and related updates); apply the vendor patch to mitigate. No exploitation details are provided in the con...
SUSE CVE-2017-17531
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
GNU GLOBAL: Arbitrary code execution
Background GNU GLOBAL is a source code tagging system that works the same way across diverse environments, such as Emacs editor, Vi editor, Less viewer, Bash shell, various web browsers, etc. Description A vulnerability was found in an undocumented function of gozilla. Impact A remote attacker...
[SECURITY] Fedora 27 Update: global-6.5.7-4.fc27
GNU GLOBAL is a source code tag system that works the same way across diverse environments. It supports C, C++, Yacc, Java, PHP and assembler source code...
GNU GLOBAL 'gozilla.c' Arbitrary Code Execution Vulnerability
GNU GLOBAL is a software tool used to label program code for easy reading. An arbitrary code execution vulnerability exists in the GNU GLOBAL 'gozilla.c' handling of the BROWSER environment variable, which can be exploited by a remote attacker to submit a special URL request to execute arbitrary...
CVE-2017-17531
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...