Vulnerabilities (CVE)

Vendor filter

Gnu Subscribe

Filter

755 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-14129 1 Gnu 1 Binutils 2019-10-03 4.3
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application...
CVE-2017-17080 1 Gnu 1 Binutils 2019-10-03 4.3
elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and...
CVE-2017-10685 1 Gnu 1 Ncurses 2019-10-03 7.5
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
CVE-2017-9778 1 Gnu 1 Gdb 2019-10-03 4.3
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for...
CVE-2017-5618 1 Gnu 1 Screen 2019-10-03 7.2
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
CVE-2018-18701 1 Gnu 1 Binutils 2019-10-03 4.3
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in...
CVE-2018-13033 2 Gnu, Redhat 5 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2019-10-03 4.3
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by...
CVE-2017-14933 1 Gnu 1 Binutils 2019-10-03 4.3
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.
CVE-2017-17125 1 Gnu 1 Binutils 2019-10-03 6.8
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other...
CVE-2018-10846 3 Gnu, Debian, Redhat 6 Gnutls, Debian Linux, Enterprise Linux Desktop and 3 more 2019-10-03 1.9
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover...
CVE-2017-15021 1 Gnu 1 Binutils 2019-10-03 4.3
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a...
CVE-2017-6969 1 Gnu 1 Binutils 2019-10-03 6.4
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
CVE-2017-12133 1 Gnu 1 Glibc 2019-10-03 4.3
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
CVE-2018-20796 2 Gnu, Netapp 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more 2019-10-03 5.0
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
CVE-2018-1000654 1 Gnu 1 Libtasn1 2019-10-03 7.1
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program...
CVE-2017-15020 1 Gnu 1 Binutils 2019-10-03 6.8
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...
CVE-2017-14930 1 Gnu 1 Binutils 2019-10-03 7.1
Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2018-6003 2 Gnu, Fedoraproject 2 Libtasn1, Fedora 2019-10-03 5.0
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
CVE-2017-12132 1 Gnu 1 Glibc 2019-10-03 4.3
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
CVE-2018-10844 3 Gnu, Debian, Redhat 6 Gnutls, Debian Linux, Enterprise Linux Desktop and 3 more 2019-10-03 4.3
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing...