CLSA-2026-1779371406 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix shell injection in netrw via the tempfile suffix when reading sftp:// or file:// URLs by escaping the tempfile and restricting the suffix regex to word characters...

CLSA-2026-1779700361 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix shell injection in netrw via the tempfile suffix when reading sftp:// or file:// URLs by escaping the tempfile and restricting the suffix regex to word characters...

CLSA-2026-1779694105 Fix CVE(s): CVE-2026-42307

SECURITY UPDATE: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters runtime/autoload/netrw.vim, upstream patch 9.2.0383 - debian/patches/CVE-2026-42307.patch: fix shell-injection in netrw via...

CLSA-2026-1779436673 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters runtime/autoload/netrw.vim, upstream patch 9.2.0383...

vim: Fix of CVE-2026-42307

CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...

CLSA-2026-1779279626 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...

CLSA-2026-1779212372 vim: Fix of CVE-2026-42307

CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...

Azure Linux 3.0 Security Update: nano (CVE-2024-5742)

The version of nano installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5742 advisory. - A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary...

MiracleLinux 8 : python3-3.6.8-62.el8.ML.1 (AXSA:2024-8353:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8353:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8498:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8498:01 advisory. python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python39:3.9/python39: python: The zipfile module is...

MiracleLinux 7 : ruby-2.0.0.648-36.el7 (AXSA:2019-4276:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4276:03 advisory. ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by large request in WEBrick CVE-2018-8777 ruby: Buffer under-read in Stringunpack...

TencentOS Server 3: python39:3.9 and python39-devel:3.9 (TSSA-2024:0768)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0768 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2011-3577

Malware in sbrugna...

EUVD-2008-7226

Malware in sbrugna...

EUVD-2009-5036

Malware in sbrugna...

EUVD-2023-58821

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-11979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them...

Linux Distros Unpatched Vulnerability : CVE-2023-6597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The...

Azure Linux 3.0 Security Update: python3 (CVE-2024-4030)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4030 advisory. - On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict readin...

TencentOS Server 3: python3.11 (TSSA-2024:0257)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0257 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...