| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-18700 |
1 Gnu |
1 Binutils |
2018-12-10 |
4.3 |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in... |
| CVE-2018-18701 |
1 Gnu |
1 Binutils |
2018-12-10 |
4.3 |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in... |
| CVE-2018-18751 |
3 Gnu, Canonical, Redhat |
3 Gettext, Ubuntu Linux, Enterprise Linux |
2018-12-07 |
7.5 |
| An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt. |
| CVE-2012-0035 |
2 Eric M Ludlam, Gnu |
2 Cedet, Emacs |
2018-12-07 |
9.3 |
| Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent... |
| CVE-2018-18607 |
2 Gnu, Debian |
2 Binutils, Debian Linux |
2018-12-06 |
4.3 |
| An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS... |
| CVE-2018-18606 |
2 Gnu, Debian |
2 Binutils, Debian Linux |
2018-12-06 |
4.3 |
| An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge... |
| CVE-2018-18605 |
2 Gnu, Debian |
2 Binutils, Debian Linux |
2018-12-06 |
4.3 |
| A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section... |
| CVE-2015-7547 |
11 Sophos, Oracle, Canonical and 8 more |
31 Big-ip Policy Enforcement Manager, Linux Enterprise Debuginfo, Helion Openstack and 28 more |
2018-11-30 |
6.8 |
| Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute... |
| CVE-2015-0235 |
2 Oracle, Gnu |
3 Glibc, Communications Applications, Oracle Pillar Axiom |
2018-11-30 |
10.0 |
| Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2)... |
| CVE-2014-7169 |
1 Gnu |
1 Bash |
2018-11-30 |
10.0 |
| GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted... |
| CVE-2014-6271 |
1 Gnu |
1 Bash |
2018-11-30 |
10.0 |
| GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the... |
| CVE-2018-17794 |
1 Gnu |
1 Binutils |
2018-11-28 |
4.3 |
| An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. |
| CVE-2018-17985 |
1 Gnu |
1 Binutils |
2018-11-27 |
4.3 |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many... |
| CVE-2018-8945 |
1 Gnu |
1 Binutils |
2018-11-27 |
4.3 |
| The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. |
| CVE-2018-7643 |
1 Gnu |
1 Binutils |
2018-11-27 |
6.8 |
| The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump. |
| CVE-2018-7642 |
1 Gnu |
1 Binutils |
2018-11-27 |
4.3 |
| The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and... |
| CVE-2018-7570 |
1 Gnu |
1 Binutils |
2018-11-27 |
4.3 |
| The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and... |
| CVE-2018-7569 |
1 Gnu |
1 Binutils |
2018-11-27 |
4.3 |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt... |
| CVE-2018-7568 |
1 Gnu |
1 Binutils |
2018-11-27 |
4.3 |
| The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with... |
| CVE-2018-7208 |
1 Gnu |
1 Binutils |
2018-11-27 |
6.8 |
| In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation... |
