Lucene search
K

16992 matches found

CNVD
CNVD
added 2019/08/26 12:0 a.m.2 views

GNU Libextractor Heap Buffer Overflow Vulnerability (CNVD-2020-20390)

GNU Libextractor is a set of libraries from the GNU Project for extracting metadata from files. A heap buffer overflow vulnerability exists in the 'EXTRACTORdviextractmethod' function in the plugins/dviextractor.c file in GNU Libextractor 1.9 and earlier. The vulnerability stems from a networked...

6.5CVSS7.4AI score0.01696EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2019/08/24 12:0 a.m.23 views

[ASA-201908-14] gettext: arbitrary code execution

Arch Linux Security Advisory ASA-201908-14 ========================================== Severity: High Date : 2019-08-24 CVE-ID : CVE-2018-18751 Package : gettext Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-885 Summary ======= The package gettext before...

9.8CVSS1.9AI score0.04293EPSS
Exploits1References5
NVD
NVD
added 2019/08/23 5:15 p.m.13 views

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

6.5CVSS6.4AI score0.01696EPSS
Exploits0References6
OSV
OSV
added 2019/08/23 5:15 p.m.8 views

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

6.5CVSS6.4AI score
Exploits0References6
Prion
Prion
added 2019/08/23 5:15 p.m.21 views

Heap overflow

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

4.3CVSS6.4AI score0.01696EPSS
Exploits0References6Affected Software3
UbuntuCve
UbuntuCve
added 2019/08/23 5:15 p.m.22 views

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

6.5CVSS6.7AI score0.01696EPSS
Exploits0References4
CVE
CVE
added 2019/08/23 4:3 p.m.123 views

CVE-2019-15531

GNU Libextractor up to version 1.9 is affected by a heap-based buffer over-read in the DVI extractor (EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c). This could enable reading beyond allocated buffers. Public advisories (Debian DLA-2851-1, Mageia MGASA-2020-0015, OpenVAS/Nessus entries,...

6.5CVSS6.2AI score0.01696EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2019/08/23 4:3 p.m.24 views

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

6.3AI score0.01696EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2019/08/23 4:3 p.m.19 views

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c...

6.5CVSS6.4AI score0.01696EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/23 12:0 a.m.254 views

EulerOS 2.0 SP5 : binutils (EulerOS-SA-2019-1799)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a 'member access within null pointer'...

9.8CVSS7.1AI score0.08544EPSS
Exploits13References32
Tenable Nessus
Tenable Nessus
added 2019/08/23 12:0 a.m.29 views

EulerOS 2.0 SP5 : patch (EulerOS-SA-2019-1801)

According to the versions of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrar...

7.8CVSS6.5AI score0.11199EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/08/20 12:0 a.m.4 views

The vulnerability of the network software SKS Keyserver and the GNU Privacy Guard (GnuPG) software for encrypting information and generating digital signatures arises from the lack of verification of host data in the certificates. This allows attackers to trigger a service failure.

The vulnerability of the network software SKS Keyserver and the information encryption and digital signatures generation programs of GNU Privacy Guard GnuPG is related to the lack of verification of host data in the certificates. Exploiting this vulnerability could allow a malicious actor to caus...

7.8CVSS5.5AI score0.02663EPSS
Exploits1References8Affected Software5
CNVD
CNVD
added 2019/08/20 12:0 a.m.2 views

Unspecified vulnerability in GNU patch

GNU patch is a set of tools from the GNU Project for generating patch files. A security vulnerability in the 'doedscript' function of the pch.c file in GNU patch 2.7.6 and earlier stems from the program receiving a string that begins with the ! character. No details of the vulnerability are...

9.3CVSS7.6AI score0.02706EPSS
Exploits1References1
OSV
OSV
added 2019/08/16 4:15 a.m.35 views

CVE-2018-20969

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

7.8CVSS6.6AI score
Exploits0References9
NVD
NVD
added 2019/08/16 4:15 a.m.18 views

CVE-2018-20969

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

9.3CVSS7.3AI score0.02706EPSS
Exploits1References9
OSV
OSV
added 2019/08/16 4:15 a.m.3 views

ALPINE-CVE-2018-20969

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

7.8CVSS6.9AI score0.02706EPSS
Exploits1References1
OSV
OSV
added 2019/08/16 4:15 a.m.6 views

AZL-35102 CVE-2018-20969 affecting package patch for versions less than 2.7.6-9

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

7.8CVSS7.1AI score0.02706EPSS
Exploits1References1
OSV
OSV
added 2019/08/16 4:15 a.m.9 views

AZL-6786 CVE-2018-20969 affecting package patch for versions less than 2.7.6-7

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

7.8CVSS7.1AI score0.02706EPSS
Exploits1References1
OSV
OSV
added 2019/08/16 4:15 a.m.3 views

UBUNTU-CVE-2018-20969

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

7.8CVSS7.1AI score0.02706EPSS
Exploits1References4
Prion
Prion
added 2019/08/16 4:15 a.m.20 views

Code injection

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...

9.3CVSS7.3AI score0.0453EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder