Filtered by vendor Gnu
Subscribe
Total
989 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1000409 | 1 Gnu | 1 Glibc | 2019-04-04 | 6.9 MEDIUM | 7.0 HIGH |
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. | |||||
CVE-2018-0494 | 4 Canonical, Debian, Gnu and 1 more | 6 Ubuntu Linux, Debian Linux, Wget and 3 more | 2019-03-14 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line. | |||||
CVE-2017-17122 | 1 Gnu | 1 Binutils | 2019-03-13 | 6.8 MEDIUM | 7.8 HIGH |
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. | |||||
CVE-2017-17126 | 1 Gnu | 1 Binutils | 2019-03-13 | 6.8 MEDIUM | 7.8 HIGH |
The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers. | |||||
CVE-2015-5276 | 1 Gnu | 1 Gcc | 2019-02-12 | 5.0 MEDIUM | N/A |
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors. | |||||
CVE-2019-6455 | 1 Gnu | 1 Recutils | 2019-01-17 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c. | |||||
CVE-2019-6456 | 1 Gnu | 1 Recutils | 2019-01-17 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. | |||||
CVE-2019-6460 | 1 Gnu | 1 Recutils | 2019-01-17 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a. | |||||
CVE-2018-20430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2019-01-11 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. | |||||
CVE-2018-20431 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2019-01-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. | |||||
CVE-2012-0035 | 2 Eric M Ludlam, Gnu | 2 Cedet, Emacs | 2018-12-07 | 9.3 HIGH | N/A |
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file. | |||||
CVE-2017-16827 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
CVE-2017-17123 | 1 Gnu | 1 Binutils | 2018-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. | |||||
CVE-2017-17124 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary. | |||||
CVE-2017-16828 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | |||||
CVE-2017-16830 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
CVE-2017-17121 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. | |||||
CVE-2017-16831 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. | |||||
CVE-2017-16826 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file. | |||||
CVE-2017-16829 | 1 Gnu | 1 Binutils | 2018-11-27 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. |