| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2014-6271 |
1 Gnu |
1 Bash |
2019-10-09 |
10.0 |
| GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the... |
| CVE-2019-1010023 |
1 Gnu |
1 Glibc |
2019-10-09 |
6.8 |
| GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks... |
| CVE-2017-17080 |
1 Gnu |
1 Binutils |
2019-10-03 |
4.3 |
| elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and... |
| CVE-2017-12133 |
1 Gnu |
1 Glibc |
2019-10-03 |
4.3 |
| Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path. |
| CVE-2018-1000654 |
1 Gnu |
1 Libtasn1 |
2019-10-03 |
7.1 |
| GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program... |
| CVE-2018-6003 |
2 Gnu, Fedoraproject |
2 Libtasn1, Fedora |
2019-10-03 |
5.0 |
| An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. |
| CVE-2018-12700 |
2 Gnu, Canonical |
2 Binutils, Ubuntu Linux |
2019-10-03 |
5.0 |
| A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion. |
| CVE-2018-18701 |
1 Gnu |
1 Binutils |
2019-10-03 |
4.3 |
| An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in... |
| CVE-2018-18605 |
3 Gnu, Debian, Netapp |
3 Binutils, Debian Linux, Data Ontap |
2019-10-03 |
4.3 |
| A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section... |
| CVE-2017-15020 |
1 Gnu |
1 Binutils |
2019-10-03 |
6.8 |
| dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact... |
| CVE-2017-9778 |
1 Gnu |
1 Gdb |
2019-10-03 |
4.3 |
| GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for... |
| CVE-2017-5618 |
1 Gnu |
1 Screen |
2019-10-03 |
7.2 |
| GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. |
| CVE-2017-14129 |
1 Gnu |
1 Binutils |
2019-10-03 |
4.3 |
| The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application... |
| CVE-2017-8393 |
1 Gnu |
1 Binutils |
2019-10-03 |
5.0 |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are... |
| CVE-2017-14930 |
1 Gnu |
1 Binutils |
2019-10-03 |
7.1 |
| Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. |
| CVE-2018-13033 |
2 Gnu, Redhat |
5 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 2 more |
2019-10-03 |
4.3 |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by... |
| CVE-2017-10685 |
1 Gnu |
1 Ncurses |
2019-10-03 |
7.5 |
| In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack. |
| CVE-2018-12641 |
1 Gnu |
1 Binutils |
2019-10-03 |
4.3 |
| An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template,... |
| CVE-2018-20657 |
2 Gnu, F5 |
2 Binutils, Traffix Signaling Delivery Controller |
2019-10-03 |
5.0 |
| The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to... |
| CVE-2018-10846 |
3 Gnu, Debian, Redhat |
6 Gnutls, Debian Linux, Enterprise Linux Desktop and 3 more |
2019-10-03 |
1.9 |
| A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover... |
