GNU Emacs 安全漏洞

GNU Emacs is a family of text editors in the American GNU community. GNU Emacs suffers from a security vulnerability that stems from specifying unsafe functions. No details of the vulnerability are provided at this time...

GNU Global Code Execution Vulnerability

GNU Global is a free code tagging system for the US GNU community. A code execution vulnerability exists in GNU Global that stems from the use of shell metacharacters, no details of the vulnerability are provided at this time...

GNU libcdio Buffer Overflow Vulnerability

GNU libcdio is a library developed by the GNU Project for accessing CD-ROMs and CD images, and is mainly used to handle CD-ROM file system reading, directory structure parsing and other functions. A buffer overflow vulnerability exists in GNU libcdio, which can be exploited by an attacker to...

The vulnerability of the userinfo URI component in the GNU Wget download manager allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the userinfo URI component of the GNU Wget download manager is related to unsafe behavior where data that should be contained within the userinfo sub-component is incorrectly interpreted as part of the host’s subcomponent. Exploiting this vulnerability could allow a malicious...

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...

ROS-20240619-03

A vulnerability in the userinfo URI subcomponent of the GNU Wget download manager is related to an insecure behavior whereby in which data that should be in the userinfo subcomponent is misinterpreted as being part of the host subcomponent. Exploitation of the vulnerability could allow an attacke...

SUSE CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

Advisory ROSA-SA-2024-2433

software: emacs 28.1 WASP: ROSA-CHROME packageevrstring: emacs-28.1-5 CVE-ID: CVE-2022-48339 BDU-ID: None CVE-Crit: N/A CVE-DESC.: A problem was discovered in GNU Emacs. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and srcdir paramet...

Mageia: Security Advisory (MGASA-2024-0223)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

DEBIAN-CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

UBUNTU-CVE-2024-38448

htags in GNU Global through 6.6.12 allows code execution in situations where dbpath aka -d is untrusted, because shell metacharacters may be used...

AZL-42691 CVE-2024-38428 affecting package wget for versions less than 1.21.2-3

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

DEBIAN-CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

UBUNTU-CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...