Filtered by vendor Gnu
Subscribe
Total
989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13728 | 1 Gnu | 1 Ncurses | 2021-06-29 | 4.3 MEDIUM | 7.5 HIGH |
| There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2010-4051 | 1 Gnu | 1 Glibc | 2021-06-18 | 5.0 MEDIUM | N/A |
| The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow." | |||||
| CVE-2005-2541 | 1 Gnu | 1 Tar | 2021-06-18 | 10.0 HIGH | N/A |
| Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. | |||||
| CVE-2019-1010022 | 1 Gnu | 1 Glibc | 2021-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat." | |||||
| CVE-2021-20193 | 1 Gnu | 1 Tar | 2021-06-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2020-18395 | 1 Gnu | 1 Gama | 2021-06-01 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs. | |||||
| CVE-2021-20231 | 4 Fedoraproject, Gnu, Netapp and 1 more | 5 Fedora, Gnutls, Active Iq Unified Manager and 2 more | 2021-06-01 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences. | |||||
| CVE-2020-23861 | 1 Gnu | 1 Libredwg | 2021-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | |||||
| CVE-2020-21813 | 1 Gnu | 1 Libredwg | 2021-05-24 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. | |||||
| CVE-2020-21844 | 1 Gnu | 1 Libredwg | 2021-05-24 | 6.8 MEDIUM | 8.8 HIGH |
| GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. | |||||
| CVE-2020-21831 | 1 Gnu | 1 Libredwg | 2021-05-24 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637. | |||||
| CVE-2020-21815 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash). | |||||
| CVE-2020-21814 | 1 Gnu | 1 Libredwg | 2021-05-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97. | |||||
| CVE-2020-21816 | 1 Gnu | 1 Libredwg | 2021-05-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46. | |||||
| CVE-2020-21817 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash). | |||||
| CVE-2020-21818 | 1 Gnu | 1 Libredwg | 2021-05-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48. | |||||
| CVE-2020-21819 | 1 Gnu | 1 Libredwg | 2021-05-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51. | |||||
| CVE-2020-21830 | 1 Gnu | 1 Libredwg | 2021-05-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213. | |||||
| CVE-2020-21832 | 1 Gnu | 1 Libredwg | 2021-05-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417. | |||||
| CVE-2020-21834 | 1 Gnu | 1 Libredwg | 2021-05-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164. | |||||