Filtered by vendor Gnu
Subscribe
Total
1065 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21841 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135. | |||||
| CVE-2021-3530 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. | |||||
| CVE-2021-3549 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.8 MEDIUM | 7.1 HIGH |
| An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. | |||||
| CVE-2020-21817 | 1 Gnu | 1 Libredwg | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash). | |||||
| CVE-2020-21813 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. | |||||
| CVE-2021-30184 | 2 Fedoraproject, Gnu | 2 Fedora, Chess | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. | |||||
| CVE-2020-21836 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175. | |||||
| CVE-2019-25051 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Aspell | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). | |||||
| CVE-2021-38185 | 1 Gnu | 1 Cpio | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | |||||
| CVE-2020-21816 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46. | |||||
| CVE-2021-40491 | 2 Debian, Gnu | 2 Debian Linux, Inetutils | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. | |||||
| CVE-2021-38604 | 3 Fedoraproject, Gnu, Oracle | 8 Fedora, Glibc, Communications Cloud Native Core Binding Support Function and 5 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix. | |||||
| CVE-2020-21830 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213. | |||||
| CVE-2021-3466 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Libmicrohttpd, Enterprise Linux | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.9.70 is vulnerable. | |||||
| CVE-2020-21832 | 1 Gnu | 1 Libredwg | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417. | |||||
| CVE-2020-25647 | 4 Fedoraproject, Gnu, Netapp and 1 more | 8 Fedora, Grub2, Ontap Select Deploy Administration Utility and 5 more | 2024-02-28 | 7.2 HIGH | 7.6 HIGH |
| A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-16593 | 2 Gnu, Netapp | 4 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. | |||||
| CVE-2020-35507 | 4 Broadcom, Gnu, Netapp and 1 more | 9 Brocade Fabric Operating System, Binutils, Cloud Backup and 6 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. | |||||
| CVE-2020-35496 | 4 Broadcom, Fedoraproject, Gnu and 1 more | 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. | |||||
| CVE-2021-27645 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Glibc | 2024-02-28 | 1.9 LOW | 2.5 LOW |
| The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c. | |||||