Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

GNU Mailman Unauthorized List Creation Vulnerability (CNVD-2025-09676)

GNU Mailman is a free suite of software for managing e-mail discussions and e-mail lists from the American GNU community. An unauthorized list creation vulnerability exists in GNU Mailman, which stems from unauthorized creation of lists and could lead to resource abuse. No details of the...

GNU Mailman Directory Traversal Vulnerability (CNVD-2025-09675)

GNU Mailman is a free suite of software for managing email discussions and email lists from the GNU community in the United States. GNU Mailman suffers from a directory traversal vulnerability that originates from a directory traversal that results in arbitrary file reads. An attacker could use t...

The vulnerability of the libtar package, related to reading data beyond the memory boundaries, allows an attacker to gain access to confidential information.

The vulnerability of the libtar package is related to the initiation of the malloc0 call for the gnulonglink variable. Exploiting this vulnerability may allow an attacker to gain access to confidential information...

The vulnerability of the libtar package, related to reading data beyond the memory boundaries, allows an attacker to gain access to confidential information.

The vulnerability of the libtar package is related to the initiation of the malloc0 call for the variable gnulongname. Exploiting this vulnerability may allow an attacker to gain access to confidential information...

RHEL 9 : glibc (RHSA-2025:4241)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4241 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache...

ALSA-2025:4244 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

RHEL 9 : glibc (RHSA-2025:4244)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4244 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

GNU Mailman Command Injection Vulnerability

GNU Mailman is a mailing list management software commonly used to create, manage and maintain mailing lists. A command injection vulnerability exists in GNU Mailman. The vulnerability stems from a failure to properly filter shell metacharacters in the subject line of an email message. An attacke...

SUSE CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

SUSE CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

Exploit for Path Traversal in Gnu Mailman

🚨 CVE-2025-43919: Directory Traversal in GNU Mailman 2.1.39...

[SECURITY] [DLA 4133-1] wget security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4133-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 21, 2025 https://wiki.debian.org/LTS -...