Ubuntu 16.04 ESM : Emacs vulnerability (USN-5781-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5781-1 advisory. It was discovered that Emacs did not properly manage certain inputs. An attacker could possibly use this issue to execute arbitrary commands. Tenable has extracte...

Mageia: Security Advisory (MGASA-2022-0457)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated emacs packages fix security vulnerability

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

Fedora: Security Advisory for rust-sequoia-octopus-librnp (FEDORA-2022-7002ec8b22)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-2789)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for python3.7 (FEDORA-2022-fdb2739feb)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-5770-1: GCC vulnerability

Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...

USN-5770-1 gcc-5, gccgo-6 vulnerability

Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially crafted input. This could potentially lead to less randomness in random number generation...

USN-5768-1: GNU C Library vulnerabilities

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2016-10228, CVE-2019-25013,...

USN-5768-1 glibc vulnerabilities

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2016-10228, CVE-2019-25013,...

Ubuntu 16.04 ESM : GNU C Library vulnerabilities (USN-5768-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5768-1 advisory. Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could...

Ubuntu 16.04 ESM : GCC vulnerability (USN-5770-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5770-1 advisory. Todd Eisenberger discovered that certain versions of GNU Compiler Collection GCC could be made to clobber the status flag of RDRAND and RDSEED with specially...

EulerOS 2.0 SP8 : binutils (EulerOS-SA-2022-2789)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Assertion fail in the displaydebugnames function in binutils/dwarf.c may lead to program crash and denial of service.CVE-2022-38126 An issue was...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : GNU binutils vulnerability (USN-5762-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5762-1 advisory. It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause...

Fedora: Security Advisory for vim (FEDORA-2022-1e14f3ae45)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

emacs -- multiple vulnerabilities

Xi Lu reports: CVE-2022-48337 GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u ...

CVE-2022-23467 Out of Bounds Read in OpenRazer Driver

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razerattrreaddpistages, potentially bypassing KASLR. To exploit this vulnerability an attacker would...

USN-5762-1: GNU binutils vulnerability

It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

SUSE SLED15 / SLES15 Security Update : emacs (SUSE-SU-2022:4310-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4310-1 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code fil...

SUSE SLED15 / SLES15 Security Update : emacs (SUSE-SU-2022:4304-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4304-1 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code fil...