OESA-2024-1754 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

OESA-2024-1755 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

Unspecified Vulnerability in GNU Emacs

GNU Emacs is a family of text editors in the American GNU community. GNU Emacs suffers from a security vulnerability that stems from specifying unsafe functions. No details of the vulnerability are provided at this time...

MGASA-2024-0240 Updated wget packages fix security vulnerability

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. CVE-2024-38428...

Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Date: 20-06-2024 Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on:...

Mageia: Security Advisory (MGASA-2024-0237)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in gcc-patch (npm)

--- -= Per source details. Do not edit below this line.=-...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1811)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : emacs -- Arbitrary shell code evaluation vulnerability (4f6c4c07-3179-11ef-9da5-1c697a616631)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4f6c4c07-3179-11ef-9da5-1c697a616631 advisory. GNU Emacs developers report: Emacs 29.4 is an emergency bugfix release intended to fix a security...

GNU Emacs 安全漏洞

GNU Emacs is a family of text editors in the American GNU community. GNU Emacs suffers from a security vulnerability that stems from specifying unsafe functions. No details of the vulnerability are provided at this time...

GNU Global Code Execution Vulnerability

GNU Global is a free code tagging system for the US GNU community. A code execution vulnerability exists in GNU Global that stems from the use of shell metacharacters, no details of the vulnerability are provided at this time...

GNU libcdio Buffer Overflow Vulnerability

GNU libcdio is a library developed by the GNU Project for accessing CD-ROMs and CD images, and is mainly used to handle CD-ROM file system reading, directory structure parsing and other functions. A buffer overflow vulnerability exists in GNU libcdio, which can be exploited by an attacker to...

The vulnerability of the userinfo URI component in the GNU Wget download manager allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the userinfo URI component of the GNU Wget download manager is related to unsafe behavior where data that should be contained within the userinfo sub-component is incorrectly interpreted as part of the host’s subcomponent. Exploiting this vulnerability could allow a malicious...

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...

ROS-20240619-03

A vulnerability in the userinfo URI subcomponent of the GNU Wget download manager is related to an insecure behavior whereby in which data that should be in the userinfo subcomponent is misinterpreted as being part of the host subcomponent. Exploitation of the vulnerability could allow an attacke...

SUSE CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

Advisory ROSA-SA-2024-2433

software: emacs 28.1 WASP: ROSA-CHROME packageevrstring: emacs-28.1-5 CVE-ID: CVE-2022-48339 BDU-ID: None CVE-Crit: N/A CVE-DESC.: A problem was discovered in GNU Emacs. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and srcdir paramet...

Mageia: Security Advisory (MGASA-2024-0223)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

DEBIAN-CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...