Alibaba Cloud Linux 3 : 0194: mailman:2.1 (ALINUX3-SA-2022:0194)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0194 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-42096: GNU Mailman before 2.1.35...

Alibaba Cloud Linux 3 : 0120: binutils (ALINUX3-SA-2022:0120)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0120 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-1010204: GNU binutils gold gold...

Alibaba Cloud Linux 3 : 0063: wget (ALINUX3-SA-2022:0063)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0063 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-5953: Buffer overflow in GNU Wget 1.20.1 a...

Alibaba Cloud Linux 3 : 0199: aspell (ALINUX3-SA-2022:0199)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0199 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-25051: objstack in GNU Aspell 0.60.8 has a...

Alibaba Cloud Linux 3 : 0228: nano (ALINUX3-SA-2024:0228)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0228 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-5742: A vulnerability was found in GNU Nan...

libarchive: heap buffer over-read in header_gnu_longlink

A flaw was found in the libarchive library. A specially-crafted tar file may trigger a head-based buffer over-read condition due to incorrect handling of truncation in the middle of a long GNU linkname. This issue can cause an application crash leading to a denial of service...

gimp: dds buffer overflow RCE

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process...

GNU Screen 安全漏洞

Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from an arbitrary file creation vulnerability that stems from the logfilereopen function not properly dropping permissions, no...

GNU Screen 安全漏洞

Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from a security vulnerability that stems from TTY hijacking, but no details of the vulnerability are available at this time...

GNU Screen 安全漏洞

Gnu Screen is an application from the American GNU community. It provides the effect of getting multiple virtual terminals on one physical terminal. Gnu Screen suffers from a security vulnerability that stems from a pseudo-terminal default mode change, which can be exploited by an attacker to cau...

ROS-2-514

2.514 Memory Leak in GNU Tar CVE-2021-20193 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a DoS attack on a target system. The vulnerability exists due to a memory leak in the readheader function in list.c. A remote attacker could pass a specially crafted...

Amazon Linux 2023 : elfutils, elfutils-default-yama-scope, elfutils-devel (ALAS2023-2025-969)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-969 advisory. A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function libdwthreadtail in the library libdwalloc.c of the component eu-readelf...

ALSA-2025:7510 Moderate: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

Moderate: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red H...

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

CVE-2025-47815

A flaw was found in the GNU PSPP ZIP Reader functionality. This vulnerability allows attackers to cause a heap-based buffer overflow via a crafted ZIP archive. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

PT-2025-20829 · Gnu · Gnu Screen

Name of the Vulnerable Software and Affected Versions: Screen versions 5.0.0 Description: The issue is related to the logfile reopen function in the GNU screen terminal multiplexer. When Screen runs with setuid-root privileges, it does not drop privileges while operating on a user-supplied path...

Moderate: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 For more details about th...

ALSA-2025:4787 Moderate: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 For more details about th...