16992 matches found
CVE-2018-20969
doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...
CVE-2018-20969
doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter...
CVE-2018-20969
CVE-2018-20969 / CVE-2019-13638 (GNU patch) : The vulnerability resides in do_ed_script in pch.c of GNU patch up to version 2.7.6, where do_ed_script does not block strings starting with a ! character when using ed-style payloads. This is tied to an upstream commit shared with CVE-2019-13638 and ...
GNU Wget: Arbitrary code execution
Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description A buffer overflow was discovered in GNU’s Wget. Impact An attacker could possibly execute arbitrary code with the privileges of the process or cause ...
glibc: Multiple vulnerabilities
Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...
WordPress Meta Box Plugin < 4.16.2 File Upload Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112628";...
WordPress Photo Gallery Plugin < 1.5.25 LFI Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112629";...
CVE-2019-1010180
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet...
CVE-2019-14444
applyrelocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation in byteputlittleendian function in elfcomm.c via an ELF file, as demonstrated by readelf...
NewStart CGSL MAIN 4.05 : tar Multiple Vulnerabilities (NS-SA-2019-0153)
The remote NewStart CGSL host, running version MAIN 4.05, has tar packages installed that are affected by multiple vulnerabilities: - Buffer overflow in tar 1.14 through 1.15.90 allows user- assisted attackers to cause a denial of service application crash and possibly execute code via unspecifie...
NewStart CGSL MAIN 4.05 : patch Vulnerability (NS-SA-2019-0138)
The remote NewStart CGSL host, running version MAIN 4.05, has patch packages installed that are affected by a vulnerability: - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in code...
NewStart CGSL CORE 5.04 / MAIN 5.04 : patch Vulnerability (NS-SA-2019-0029)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has patch packages installed that are affected by a vulnerability: - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result ...
NewStart CGSL CORE 5.05 / MAIN 5.05 : wget Vulnerability (NS-SA-2019-0082)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has wget packages installed that are affected by a vulnerability: - Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service DoS or may execute an arbitrary code via unspecified vector...
NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Multiple Vulnerabilities (NS-SA-2019-0060)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by multiple vulnerabilities: - The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service...
Fedora Update for kernel-headers FEDORA-2019-e37c348348
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Yara <= 3.8.1 Denial of Service (DoS) Vulnerability
Yara is prone to a denial of service DoS vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
WordPress Popup Builder Plugin < 3.45 SQL Injection Vulnerability
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
GnuCOBOL Buffer Overflow Vulnerability (CNVD-2019-26279)
GnuCOBOL is a COBOL language compiler. A buffer overflow vulnerability exists in the 'cbencodeprogramid' function of the cobc/typeck.c file in GnuCOBOL version 2.2. The vulnerability stems from a networked system or product performing operations in memory without properly validating data...
Fedora Update for java-11-openjdk FEDORA-2019-56a658c60c
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2019-14541
GnuCOBOL 2.2 has a stack-based buffer overflow in cbencodeprogramid in cobc/typeck.c via crafted COBOL source code...