GLSA-202105-37 : Nextcloud Desktop Client: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-202105-37 Nextcloud Desktop Client: User-assisted execution of arbitrary code It was discovered that Nextcloud Desktop Client did not validate URLs. Impact : A remote attacker could entice a user to connect to a malicious Nextclou...

GLSA-202003-23 : libjpeg-turbo: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-202003-23 libjpeg-turbo: User-assisted execution of arbitrary code It was discovered that libjpeg-turbo incorrectly handled certain JPEG images. Impact : A remote attacker could entice a user to open a specially crafted JPEG file ...

GLSA-201803-13 : PLIB: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201803-13 PLIB: User-assisted execution of arbitrary code A stack-based buffer overflow within the error function of ssg/ssgParser.cxx was discovered in PLIB. Impact : A remote attacker, by enticing a user to open a specially...

GLSA-201803-04 : Newsbeuter: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201803-04 Newsbeuter: User-assisted execution of arbitrary code Newsbeuter does not properly escape shell meta-characters in an RSS item with a media enclosure in the podcast playback function of Podbeuter. Impact : A remote...

GLSA-201803-03 : Go: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201803-03 Go: User-assisted execution of arbitrary code A command injection flaw was discovered in the source code build phase because of the go get command, which does not block -fplugin= and -plugin arguments. Impact : A remote...

GLSA-201801-04 : LibXcursor: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201801-04 LibXcursor: User-assisted execution of arbitrary code It was discovered that libXcursor is prone to several heap overflows when parsing malicious files. Impact : A remote attacker, by enticing a user to process a special...

GLSA-201709-07 : Kpathsea: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201709-07 Kpathsea: User-assisted execution of arbitrary code It was discovered that the mpost program from the shellescapecommands list is capable of executing arbitrary external programs during the conversion of .tex files. The...

GLSA-201612-30 : SoX: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201612-30 SoX: User-assisted execution of arbitrary code A heap-based buffer overflow can be triggered when processing a malicious NIST Sphere or WAV audio file. Impact : A remote attacker could coerce the victim to run SoX agains...

GLSA-201512-07 : GStreamer: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201512-07 GStreamer: User-assisted execution of arbitrary code A buffer overflow vulnerability has been found in the parsing of H.264 formatted video. Impact : A remote attacker could entice a user to open a specially crafted H.26...

GLSA-201512-02 : IPython: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201512-02 IPython: User-assisted execution of arbitrary code IPython does not properly check the MIME type of a file. Impact : A remote attacker could entice a user to open a specially crafted text file using IPython, possibly...

GLSA-201412-53 : MIT Kerberos 5: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201412-53 MIT Kerberos 5: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could...

GLSA-201412-40 : FLAC: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201412-40 FLAC: User-assisted execution of arbitrary code A stack-based buffer overflow flaw has been discovered in FLAC. Impact : A remote attacker could entice a user to open a specially crafted .flac file using an application...

GLSA-201406-18 : rxvt-unicode: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201406-18 rxvt-unicode: User-assisted execution of arbitrary code rxvt-unicode does not properly handle OSC escape sequences, including those used to read and write X window properties. Impact : A remote attacker could entice a us...

GLSA-201405-18 : OpenConnect: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201405-18 OpenConnect: User-assisted execution of arbitrary code A stack-based buffer overflow error has been discovered in OpenConnect. Impact : A remote attacker could entice a user to connect to a malicious VPN server, possibly...

GLSA-201404-02 : libproxy: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201404-02 libproxy: User-assisted execution of arbitrary code A boundary error when processing the proxy.pac file could cause a stack-based buffer overflow. Impact : A man-in-the-middle attacker could provide a specially crafted...

GLSA-201403-07 : grep: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201403-07 grep: User-assisted execution of arbitrary code An integer overflow flaw has been discovered in grep. Impact : An attacker could entice a user to run grep on a specially crafted file, possibly resulting in execution of...

GLSA-201402-13 : DjVu: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201402-13 DjVu: User-assisted execution of arbitrary code A vulnerability has been discovered in DjVu. Please review the CVE identifier referenced below for details. Impact : A remote attacker could entice a user to open a special...

GLSA-201312-11 : Win32 Codecs: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201312-11 Win32 Codecs: User-assisted execution of arbitrary code A heap-based buffer overflow exists when handling Shockwave Flash files. Impact : A remote attacker could entice a user to open a specially crafted Flash file using...

GLSA-201310-06 : Aircrack-ng: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201310-06 Aircrack-ng: User-assisted execution of arbitrary code A buffer overflow vulnerability has been discovered in Aircrack-ng. Impact : A remote attacker could entice a user to open a specially crafted dump file using...

GLSA-201309-19 : TPP: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201309-19 TPP: User-assisted execution of arbitrary code TPP templates may contain a --exec clause, the contents of which are automatically executed without confirmation from the user. Impact : A remote attacker could entice a use...