16955 matches found
CVE-2023-39804
CVE-2023-39804 corresponds to a GNU tar issue where mishandled extension attributes in a PAX archive can crash an application via xheader.c. The connected IBM bulletin maps this CVE to IBM API Connect onPrem v12 (12.1.0.0) and lists remediation by upgrading to v12.1.0.1. The IBM advisory presents...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
Unspecified vulnerability in Gnu emacs (CNVD-2025-15363)
Gnu emacs is a family of text editors in the American GNU community. Gnu emacs suffers from a security vulnerability that stems from Gnus treating inline MIME content as trusted. No details of the vulnerability are provided at this time...
Unspecified vulnerability in Gnu emacs (CNVD-2025-15364)
Gnu emacs is a family of text editors in the American GNU community. A security vulnerability exists in Gnu emacs that stems from the fact that arbitrary Lisp code is evaluated as part of the open Org mode. No details of the vulnerability are provided at this time...
CVE-2023-39804
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...
PT-2024-13307 · Gnu +1 · Midnight Commander +1
Name of the Vulnerable Software and Affected Versions: GNU Midnight Commander version 4.8.29-146-g299d9a2fb Description: A NULL pointer dereference was discovered via the function x error handler at tty/x11conn.c. This issue is disputed as it may be categorized as a usability problem, where an X...
Emacs 安全漏洞
Gnu emacs is a family of text editors in the American GNU community. Gnu emacs suffers from a security vulnerability that stems from enabling LaTeX preview for email attachments by default. No details of the vulnerability are provided at this time...
GNU Emacs 安全漏洞
GNU Emacs is a family of text editors in the American GNU community. A security vulnerability existed prior to GNU Emacs version 29.3, which stemmed from Gnus treating inline MIME content as trusted...
Exploit for Code Injection in Getgrav Grav
Graver =========== Description Proof of Concept script to e...
EulerOS Virtualization 2.11.0 : gdb (EulerOS-SA-2024-1441)
According to the versions of the gdb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU gdb GDB 13.0.50.20220805-git was discovered to contain a stack overflow via the function adadecode at /gdb/ada-lang.c...
Moderate: Red Hat Security Advisory: gmp update
An update for gmp is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : emacs (RHSA-2024:1408)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1408 advisory. GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp,...
USN-6409-1: GNU C Library vulnerabilities | Cloud Foundry
Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that the GNU C Library incorrectly handled the GLIBCTUNABLES environment variable. An attacker could possibly use this issue to perform a privilege escalation attack. CVE-2023-4911 It w...
FreeBSD : typo3-{11,12} -- multiple vulnerabilities (1ad3d264-e36b-11ee-9c27-40b034429ecf)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1ad3d264-e36b-11ee-9c27-40b034429ecf advisory. - In TYPO3 11.5.24, the filelist component allows attackers who have access to the administrat...
The vulnerability of the golang package in the Debian GNU/Linux operating system, which allows a attacker to trigger a Denial-of-Service Attack (DoS).
The vulnerability of the golang package in the Debian GNU/Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to trigger a Denial-of-Service Attack DoS...
The vulnerability of the golang package in the Debian GNU/Linux operating system, which allows a perpetrator to access confidential information
The vulnerability of the golang package in the Debian GNU/Linux operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information remotely...
SUSE SLES15 Security Update : gdb (SUSE-SU-2024:0899-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0899-1 advisory. - The bfdelfparsegnuproperties function in elf-properties.c in the Binary File Descriptor BFD library aka libbfd, as distributed in...
gimp: psp off-by-one RCE
A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process...
EulerOS Virtualization 2.10.0 : gdb (EulerOS-SA-2024-1377)
According to the versions of the gdb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at...
The vulnerability of the golang package in the Debian GNU/Linux operating system, allowing a hacker to execute arbitrary code
The vulnerability of the golang package in the Debian GNU/Linux operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...