GHSA-5PJJ-7M4P-WFH2 ocrodjvu is vulnerable to Arbitrary File Modification via symlink attack

ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...

ocrodjvu is vulnerable to Arbitrary File Modification via symlink attack

ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine...

SUSE SLES15 Security Update : gzip (SUSE-SU-2022:1674-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1674-1 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for...

openSUSE: Security Advisory for SUSE (SUSE-SU-2022:1396-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for tar (SUSE-SU-2022:1548-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for java-1.8.0-openjdk-aarch32 (FEDORA-2022-efaa7e8775)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : gzip (SUSE-SU-2022:1650-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1650-1 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for...

Apache Tomcat Request Mix-up Vulnerability (May 2022) - Windows

Apache Tomcat is prone to a request mix-up vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Oracle Linux 7 : glibc (ELSA-2022-9358)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9358 advisory. - The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its path argument on the...

AlmaLinux 8 : cpio (ALSA-2022:1991)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1991 advisory. - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an...

AlmaLinux 8 : aspell (ALSA-2022:1808)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:1808 advisory. - objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

Microsoft Windows Multiple Vulnerabilities (KB5014012)

This host is missing an important security update according to Microsoft KB5014012 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Moderate: Red Hat Security Advisory: cockpit security, bug fix, and enhancement update

An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: Red Hat Security Advisory: aspell security update

An update for aspell is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2022:1808 Moderate: aspell security update

GNU Aspell is a spell checker designed to eventually replace Ispell. It can either be used as a library or as an independent spell checker. Security Fixes: aspell: Heap-buffer-overflow in acommon::ObjStack::duptop CVE-2019-25051 For more details about the security issues, including the impact, a...

aspell security update

An update is available for aspell. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNU Aspell is a spell checker designed to eventually replace Ispell. It can...

RLSA-2022:2008 Moderate: cockpit security, bug fix, and enhancement update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. The following packages have been upgraded to a later upstream version: cockpit 264....

ALSA-2022:2008 Moderate: cockpit security, bug fix, and enhancement update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. The following packages have been upgraded to a later upstream version: cockpit 264....

Moderate: cockpit security, bug fix, and enhancement update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. The following packages have been upgraded to a later upstream version: cockpit 264....

NewStart CGSL CORE 5.05 / MAIN 5.05 : glibc Vulnerability (NS-SA-2022-0042)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has glibc packages installed that are affected by a vulnerability: - The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an...