82 matches found
EUVD-2009-2934
Malware in sbrugna...
EUVD-2013-1104
Malware in sbrugna...
EUVD-2022-3053
Malicious code in bioql PyPI...
CVE-2013-1064
apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2...
CVE-2009-2947
Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...
Cross-site Scripting (XSS)
xapian-core is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to improper handling of HTML escaping by Xapian::MSet::snippet in queryparser/termgeneratorinternal.cc. This allows an attacker to potentially execute arbitrary scripts in the context of a user's web browser wh...
MGASA-2023-0121 Updated xapian packages fix security vulnerability
Xapian database corruption on disk full is possible. It doesn't happen in every case as ENOSPC needs to happen on a particular operation during the commit but then not happen on a repeat attempt at that operation. bdo1032398...
Updated xapian packages fix security vulnerability
Xapian database corruption on disk full is possible. It doesn't happen in every case as ENOSPC needs to happen on a particular operation during the commit but then not happen on a repeat attempt at that operation. bdo1032398...
PT-2023-36338 · Xapian · Xapian
Name of the Vulnerable Software and Affected Versions: Xapian affected versions not specified Description: The issue concerns Xapian database corruption that can occur when the disk is full. This corruption does not happen in every case, as it requires a specific error ENOSPC to occur during a...
Mageia: Security Advisory (MGASA-2023-0121)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3355-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3355-1] xapian-core bugfix update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3355-1 [email protected] https://www.debian.org/lts/security/ Olly Betts March 18, 2023 https://wiki.debian.org/LTS -...
DLA-3355-1 xapian-core - security update
Bulletin has no description...
Debian dla-3355 : libxapian-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3355 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3355-1 [email protected] https://www.debian.org/lts/security/...
SUSE CVE-2018-0499
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
new packages: xapian-core
An update is available for xapian-core. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
xapian-core Cross-site Scripting vulnerability
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
GHSA-7QW4-W7HF-22Q3 xapian-core Cross-site Scripting vulnerability
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
xapian-core Cross-site Scripting vulnerability
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
xapian-core bug fix and enhancement update
An update is available for xapian-core. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...