Vulnerabilities (CVE)

Vendor filter

Gnu Subscribe

Filter

696 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-20482 2 Gnu, Debian 2 Tar, Debian Linux 2019-02-14 1.9
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be...
CVE-2018-20483 1 Gnu 1 Wget 2019-02-14 2.1
set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g.,...
CVE-2015-5276 1 Gnu 1 Gcc 2019-02-12 5.0
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via...
CVE-2016-10739 1 Gnu 1 Glibc 2019-02-08 4.6
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume...
CVE-2019-7309 1 Gnu 1 Glibc 2019-02-06 2.1
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
CVE-2019-6488 1 Gnu 1 Glibc 2019-02-05 4.6
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly...
CVE-2018-16868 1 Gnu 1 Gnutls 2019-01-31 3.3
A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use...
CVE-2018-20657 1 Gnu 1 Binutils 2019-01-31 5.0
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to...
CVE-2018-20712 1 Gnu 1 Binutils 2019-01-22 4.3
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
CVE-2018-20651 1 Gnu 1 Binutils 2019-01-18 4.3
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A...
CVE-2019-6455 1 Gnu 1 Recutils 2019-01-17 4.3
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.
CVE-2019-6456 1 Gnu 1 Recutils 2019-01-17 4.3
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a.
CVE-2019-6457 1 Gnu 1 Recutils 2019-01-17 4.3
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
CVE-2019-6458 1 Gnu 1 Recutils 2019-01-17 4.3
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
CVE-2019-6459 1 Gnu 1 Recutils 2019-01-17 4.3
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.
CVE-2019-6460 1 Gnu 1 Recutils 2019-01-17 4.3
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a.
CVE-2018-20673 1 Gnu 1 Binutils 2019-01-15 4.3
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer...
CVE-2018-20671 1 Gnu 1 Binutils 2019-01-14 4.3
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.
CVE-2018-20430 2 Gnu, Debian 2 Libextractor, Debian Linux 2019-01-11 4.3
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
CVE-2018-18309 1 Gnu 1 Binutils 2019-01-11 4.3
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault...