EulerOS Virtualization 3.0.6.0 : patch (EulerOS-SA-2020-1766)

According to the version of the patch package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and...

EulerOS Virtualization 3.0.6.0 : bash (EulerOS-SA-2020-1716)

According to the version of the bash package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective U...

EulerOS Virtualization 3.0.6.0 : gdb (EulerOS-SA-2020-1788)

According to the version of the gdb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a...

EulerOS Virtualization 3.0.6.0 : binutils (EulerOS-SA-2020-1743)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU...

GNU Mailman Arbitrary Content Injection Vulnerability

GNU Mailman is a free suite of software from the GNU Project for managing e-mail discussions and e-mail lists. The software can be integrated with Web projects to make it easy for users to manage e-mail subscription accounts and provides built-in archiving, automatic forwarding processing, conten...

CVE-2020-15011

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page...

CVE-2020-15011

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page...

CVE-2020-15011

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page...

Code injection

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page...

CVE-2020-15011

CVE-2020-15011 affects GNU Mailman prior to 2.1.33. The vulnerability allows arbitrary content injection via the Cgi/private.py private archive login page. Affected product: GNU Mailman 2.1.x (before 2.1.33). Impact described in sources as arbitrary content injection, with other related CVEs ofte...

CVE-2020-15011

Removed by vendor...

Fedora: Security Advisory for nghttp2 (FEDORA-2020-f7d15c8b77)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for kernel-headers (FEDORA-2020-e47d28bc2b)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-12108

/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection...

Linux/ARM 0.0.0.0:1337/TCP Bindshell Shellcode

100 bytes small null-free Linux/ARM shellcode that binds /bin/sh to 0.0.0.0:1337/TCP. Title: Linux/ARM Raspberry Pi - Bind 0.0.0.0:1337/TCP Shell /bin/sh + Null-Free Shellcode 100 bytes Date: 2020-06-09 Architecture: armv6l GNU/Linux Website: http://www.theanuragsrivastava.com Author: Anurag...

CVE-2020-14150

GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash. NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash...

Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode

102 bytes small Linux/x86 add map in /etc/hosts file polymorphic shellcode. Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-15 Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux...

GNU Bison Denial of Service Vulnerability

GNU Bison is free software for the automatic generation of syntax parser programs. A denial of service vulnerability exists in GNU Bison versions prior to 3.5.4. An attacker could exploit this vulnerability to cause the application to crash...

CVE-2020-14150

GNU Bison before 3.5.4 allows attackers to cause a denial of service application crash. NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash...

DEBIAN-CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...