Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
a1153c5de5bd786a24a28e3e31ce5ead66ccd16a90c162f15c858d17d6001e7f
Ubuntu Security Notice 4929-1 - Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
c45f0b4e1c0fde4746b7b25c887fd512e3f5fcbea47069d93e4d57eb89927b5c
Red Hat Security Advisory 2021-1468-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
1a4ce9c00ca6e5255273a2b36e66d370775badb33a04f790cc54020804c5a70f
NodeBB Emoji plugin version 3.2.1 suffers from an arbitrary file write vulnerability.
b8efb1e731fd411b0d82d14ee601854ed4c4affe7d5760b5648cf818e59afbaa
Ubuntu Security Notice 4928-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Various other issues were also addressed.
be51491c5d6d6a3dfb44d83819cbe818550f9918ad2e93299d0796121b896c6e
Red Hat Security Advisory 2021-1452-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. Perf Tools is a collection of performance analysis tools, including a high performance multi-threaded malloc() implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.
5d41edca2cc85cc097fff41b21e2b23e9b187fa52958e3c5cb6066efe04a15fb
Cacti version 1.2.12 remote code execution exploit that leverages a remote SQL vulnerability.
5599594befaf80c893938a8659f1ac8a0b62ce19e5b98e608838251275c379bd
Red Hat Security Advisory 2021-1448-01 - Red Hat Advanced Cluster Management for Kubernetes 2.0.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve some security issues and bugs. Issues addressed include a code execution vulnerability.
e0ed9dcea65dc8c6aed72a7323bfdf194a8e68c45019b280ca356c117d319f9c
Fog Project version 1.5.9 suffers from a remote shell upload vulnerability.
7e8cccd3841e142272092a1936ee9f391365414d6ca4534f3ca93844e16d8c1b
Debian Linux Security Advisory 4882-1 - Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image.
5fc3f278bb64bcfcf29ee82912aa943b536f0376eb4d1d1fd72ad6bc7fcf84c7
Debian Linux Security Advisory 4883-1 - It was discovered that missing input sanitising in the template() function of the Underscore JavaScript library could result in the execution of arbitrary code.
c0b2dfa2b994cca132b9bed945a3e229ea9da1d689d20e73ba313f909884cb9e
Debian Linux Security Advisory 4884-1 - Multiple vulnerabilities have been discovered in ldb, a LDAP-like embedded database built on top of TDB.
c3a33b4c07f5fde2dde893faaf3574e6b961a8454fd101f414eb42a540ea80e7
Debian Linux Security Advisory 4885-1 - Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure.
6a526fc31321b64c4acb5653a9654f65c2eb9bacc8eeae0a6e619452216f22f7
Debian Linux Security Advisory 4886-1 - Several vulnerabilites have been discovered in the chromium web browser.
91464af4bd71134e1890c13d6173cde4ec8cdf26c54b9235f08b83830896fcfa
Debian Linux Security Advisory 4887-1 - A use-after-free was discovered in Lib3MF, a C++ implementation of the 3D Manufacturing Format, which could result in the execution of arbitrary code if a malformed file is opened.
35bbd49deeb21382d5b1f4fdf3c475a6b5944ac8965d93701e6f7e9c6bd90db3
Debian Linux Security Advisory 4888-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or memory disclosure.
59e07669cdeed8f06fc9b1e8019517c110224b603dd928949ce5f0729cdf99b0
Debian Linux Security Advisory 4889-1 - Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in incomplete page/blocking protection, denial of service or cross-site scripting.
49b1118e5e434a47257059a1f6acac6dd79c19b2654b3272799d4a74621cc53a
Debian Linux Security Advisory 4890-1 - Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters.
60fe6ac5fd6c7b4347f726fe140eae03e02e88ad5e42ce04e067b8d63dd4276d
Debian Linux Security Advisory 4891-1 - Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service.
1cc0c8e922520ac710a5eb680952a81085830ab697d578ee126aa8cdb6ed32ad
Debian Linux Security Advisory 4892-1 - It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when 'svg' or 'math' are in the allowed tags, 'p' or 'br' are in allowed tags, 'style', 'title', 'noscript', 'script', 'textarea', 'noframes', 'iframe', or 'xmp' are in allowed tags and 'strip_comments=False' is set.
e925541c26637d55f5311218ab1047e942a1ea57bb81e223c144e1e77c463d88
Debian Linux Security Advisory 4893-1 - Jan-Niklas Sohn discovered that missing input sanitising in the XInput extension of the X.org X server may result in privilege escalation if the X server is running privileged.
fca9892ceaa552967e97ff8b515414e8335d4aac2313b7bc5bf3a80a7f6744a6
Debian Linux Security Advisory 4894-1 - It was discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a directory traversal flaw due to inadequate checking of symbolic links.
d061787b973d1c843767158272f68254956904b392fc7c66dc0920757d06b8d4
Debian Linux Security Advisory 4895-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.
a90591c14b940c58ca0deaa0ce3ecba9d1b79aee98db18f5c67359115f4cc1be
Debian Linux Security Advisory 4896-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform XML External Entity (XXE) attacks, and access private content.
e00b69e4ff46ca105c70362ee5ece24f6f93cc7b36e5b41b63549ad18bd8c25b
Debian Linux Security Advisory 4897-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. In adddition a number of security issues were addressed in the OpenPGP support.
d046261a5bea547646c1ad71555d4faa8f38e2e133e219e9721c0bfe1ba81218