SUSE SLED15 / SLES15 Security Update : emacs (SUSE-SU-2022:4304-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4304-1 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code fil...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to arbitrary code execution due to CVE-2022-25308

Summary GNU FriBidi is used by IBM App Connect Enterprise Certified Container for handling unicode. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to arbitrary code execution and denial of service. This bulletin provides pat...

USN-5750-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service...

GNU Emacs Command Injection Vulnerability

GNU Emacs is a family of text editors from the GNU community in the U.S. A command injection vulnerability exists in GNU Emacs version 28.2 and earlier, which stems from lib-src/etags.c's use of system C library functions when implementing the ctags program. An attacker could exploit the...

SUSE SLES12 Security Update : binutils (SUSE-SU-2022:4277-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4277-1 advisory. The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcppfile.h bsc1142579. -...

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

DEBIAN-CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

UBUNTU-CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

CVE-2022-45939

The CVE-2022-45939 issue affects GNU Emacs up to version 28.2. The root cause is in lib-src/etags.c using the system() C library call to invoke the external ctags/etags binary, enabling local command execution when file names contain shell metacharacters (example: using commands like ctags *) in ...

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

emacs -- arbitary shell command execution vulnerability of ctags

lu4nx reports: GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggeste...

Debian dla-3205 : inetutils - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3205 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3205-1 [email protected]...

PT-2022-7423 · Gnu Emacs +9 · Gnu Emacs +9

Name of the Vulnerable Software and Affected Versions: GNU Emacs versions through 28.2 Description: The issue is related to the incorrect neutralization of special elements in the lib-src/etags.c component of the ctags program in the EMACS text editor. This can allow an attacker to execute comman...

SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2022:4146-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4146-1 advisory. The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcppfile.h...

Fedora: Security Advisory for python3.7 (FEDORA-2022-4f547d1cc6)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python3.8 (FEDORA-2022-cb47d98a05)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

gcc: uncontrolled recursion in libiberty/rust-demangle.c

A flaw was discovered in the GNU libiberty library within the demanglepath function in rust-demangle.c, as distributed in the GNU Compiler Collection GCC. This flaw allows a crafted symbol to cause stack memory to be exhausted, leading to a crash...

EulerOS 2.0 SP9 : binutils (EulerOS-SA-2022-2719)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-n...