16955 matches found
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
UBUNTU-CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
AZL-42691 CVE-2024-38428 affecting package wget for versions less than 1.21.2-3
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
DEBIAN-CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
UBUNTU-CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
GNU Global 安全漏洞
GNU Global is a free code tagging system for the US GNU community. A code execution vulnerability exists in GNU Global that stems from the use of shell metacharacters, no details of the vulnerability are provided at this time...
GNU Wget Security Vulnerability
GNU Wget is a suite of free software from the US GNU community for making downloads over the network, which supports downloads over the three most common TCP/IP protocols, HTTP, HTTPS, and FTP. A security vulnerability exists in GNU Wget version 1.24.5, which stems from url.c incorrectly handling...
CVE-2024-38448
CVE-2024-38448 affects GNU Global htags up to 6.6.12, allowing code execution when dbpath (-d) is untrusted due to shell metacharacters. OpenSUSE advisories indicate a fix in global-6.6.13-1 (and related updates); apply the vendor patch to mitigate. No exploitation details are provided in the con...
CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...
PT-2024-28008 · Gnu +1 · Gnu Global +1
Name of the Vulnerable Software and Affected Versions: GNU Global versions 6.6.12 and earlier Description: The issue allows code execution in situations where dbpath also known as -d is untrusted, because shell metacharacters may be used. This can lead to execution of code when dbpath is not...
CVE-2024-38428
CVE-2024-38428 affects GNU Wget up to 1.24.5 and is caused by improper handling of semicolons in the userinfo subcomponent of a URI, which can cause data intended for userinfo to be misinterpreted as part of the host. The Connected documents confirm multiple advisories (Brocade SANnav/SANnav v2.x...
CVE-2024-38448
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...
Updated nano packages fix security vulnerability
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...