Vulnerabilities (CVE)

Vendor filter

Gnu Subscribe

Filter

753 total CVE
CVE Vendors Products Updated CVSS
CVE-2014-6271 1 Gnu 1 Bash 2019-10-09 10.0
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the...
CVE-2019-1010023 1 Gnu 1 Glibc 2019-10-09 6.8
GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks...
CVE-2017-17080 1 Gnu 1 Binutils 2019-10-03 4.3
elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and...
CVE-2017-12133 1 Gnu 1 Glibc 2019-10-03 4.3
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
CVE-2018-1000654 1 Gnu 1 Libtasn1 2019-10-03 7.1
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program...
CVE-2018-6003 2 Gnu, Fedoraproject 2 Libtasn1, Fedora 2019-10-03 5.0
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
CVE-2018-12700 2 Gnu, Canonical 2 Binutils, Ubuntu Linux 2019-10-03 5.0
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-18701 1 Gnu 1 Binutils 2019-10-03 4.3
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in...
CVE-2018-18605 3 Gnu, Debian, Netapp 3 Binutils, Debian Linux, Data Ontap 2019-10-03 4.3
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section...
CVE-2017-15020 1 Gnu 1 Binutils 2019-10-03 6.8
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...
CVE-2017-9778 1 Gnu 1 Gdb 2019-10-03 4.3
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for...
CVE-2017-5618 1 Gnu 1 Screen 2019-10-03 7.2
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.
CVE-2017-14129 1 Gnu 1 Binutils 2019-10-03 4.3
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application...
CVE-2017-8393 1 Gnu 1 Binutils 2019-10-03 5.0
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are...
CVE-2017-14930 1 Gnu 1 Binutils 2019-10-03 7.1
Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2018-13033 2 Gnu, Redhat 5 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2019-10-03 4.3
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by...
CVE-2017-10685 1 Gnu 1 Ncurses 2019-10-03 7.5
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
CVE-2018-12641 1 Gnu 1 Binutils 2019-10-03 4.3
An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template,...
CVE-2018-20657 2 Gnu, F5 2 Binutils, Traffix Signaling Delivery Controller 2019-10-03 5.0
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to...
CVE-2018-10846 3 Gnu, Debian, Redhat 6 Gnutls, Debian Linux, Enterprise Linux Desktop and 3 more 2019-10-03 1.9
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover...