OESA-2026-2475 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

DEBIAN-CVE-2024-45780

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...

UBUNTU-CVE-2024-45780

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...

PT-2023-2960

Name of the Vulnerable Software and Affected Versions Barracuda Email Security Gateway versions 5.1.3.001 through 9.2.0.006 Description A remote command injection vulnerability exists in the Barracuda Email Security Gateway product, affecting versions 5.1.3.001 through 9.2.0.006. The vulnerabilit...

MGASA-2017-0251 Updated atril packages fix security vulnerability

It was discovered that Atril made insecure use of tar when opening tar comic book archives CBT. Opening a malicious CBT archive could result in the execution of arbitrary code. This update disables the CBT format entirely CVE-2017-1000083...

Updated evince packages fix security vulnerability

Felix Wilhelm discovered that Evince did not safely invoke tar when handling tar comic book cbt files. An attacker could use this to construct a malicious cbt comic book format file that, when opened in Evince, executes arbitrary code. Please note that this update disables support for cbt files i...