Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-23856 | 2 Fedoraproject, Gnu | 2 Fedora, Cflow | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee. | |||||
CVE-2020-21834 | 1 Gnu | 1 Libredwg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164. | |||||
CVE-2020-21818 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48. | |||||
CVE-2021-20197 | 4 Broadcom, Gnu, Netapp and 1 more | 6 Brocade Fabric Operating System Firmware, Binutils, Cloud Backup and 3 more | 2024-02-28 | 3.3 LOW | 6.3 MEDIUM |
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. | |||||
CVE-2020-21844 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. | |||||
CVE-2021-31879 | 3 Broadcom, Gnu, Netapp | 8 Brocade Fabric Operating System Firmware, Wget, 500f and 5 more | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | |||||
CVE-2021-33574 | 4 Debian, Fedoraproject, Gnu and 1 more | 20 Debian Linux, Fedora, Glibc and 17 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. | |||||
CVE-2020-21840 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985. | |||||
CVE-2020-21842 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051. | |||||
CVE-2020-21833 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440. | |||||
CVE-2021-20294 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. | |||||
CVE-2020-21815 | 1 Gnu | 1 Libredwg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash). | |||||
CVE-2020-18395 | 1 Gnu | 1 Gama | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs. | |||||
CVE-2020-21831 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637. | |||||
CVE-2020-21843 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. | |||||
CVE-2021-20284 | 2 Gnu, Netapp | 3 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. | |||||
CVE-2020-21835 | 1 Gnu | 1 Libredwg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. | |||||
CVE-2020-21839 | 1 Gnu | 1 Libredwg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. | |||||
CVE-2020-21838 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842. | |||||
CVE-2021-20193 | 1 Gnu | 1 Tar | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability. |