Vulnerabilities (CVE)

Vendor filter

Gnu Subscribe

Filter

531 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17451 1 Gnu 1 Binutils 2019-10-15 4.3
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.
CVE-2019-17450 1 Gnu 1 Binutils 2019-10-15 4.3
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
CVE-2019-1010023 1 Gnu 1 Glibc 2019-10-09 6.8
GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks...
CVE-2017-14128 1 Gnu 1 Binutils 2019-10-03 4.3
The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application...
CVE-2017-9955 1 Gnu 1 Binutils 2019-10-03 4.3
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a...
CVE-2017-14129 1 Gnu 1 Binutils 2019-10-03 4.3
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application...
CVE-2017-13716 1 Gnu 1 Binutils 2019-10-03 7.1
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a...
CVE-2017-12967 1 Gnu 1 Binutils 2019-10-03 4.3
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a...
CVE-2017-12132 1 Gnu 1 Glibc 2019-10-03 4.3
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
CVE-2017-12960 1 Gnu 1 Pspp 2019-10-03 5.0
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-8393 1 Gnu 1 Binutils 2019-10-03 5.0
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are...
CVE-2017-9954 1 Gnu 1 Binutils 2019-10-03 4.3
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a...
CVE-2017-5618 1 Gnu 1 Screen 2019-10-03 7.2
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
CVE-2017-9778 1 Gnu 1 Gdb 2019-10-03 4.3
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for...
CVE-2017-6969 1 Gnu 1 Binutils 2019-10-03 6.4
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
CVE-2017-7226 1 Gnu 1 Binutils 2019-10-03 6.4
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen,...
CVE-2017-9039 1 Gnu 1 Binutils 2019-10-03 4.3
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
CVE-2017-8421 1 Gnu 1 Binutils 2019-10-03 7.1
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file....
CVE-2017-12959 1 Gnu 1 Pspp 2019-10-03 5.0
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.
CVE-2017-13728 1 Gnu 1 Ncurses 2019-10-03 4.3
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.