Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-15021 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. | |||||
CVE-2017-16829 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
CVE-2017-13710 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | |||||
CVE-2014-9483 | 1 Gnu | 1 Emacs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Emacs 24.4 allows remote attackers to bypass security restrictions. | |||||
CVE-2017-14061 | 1 Gnu | 1 Libidn2 | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
CVE-2017-7507 | 1 Gnu | 1 Gnutls | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. | |||||
CVE-2017-12451 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | |||||
CVE-2017-15266 | 1 Gnu | 1 Libextractor | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. | |||||
CVE-2017-9754 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
CVE-2017-12449 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | |||||
CVE-2017-14940 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. | |||||
CVE-2017-1000455 | 1 Gnu | 1 Guixsd | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix. | |||||
CVE-2017-12454 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | |||||
CVE-2017-17121 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. | |||||
CVE-2017-14129 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
CVE-2017-12458 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | |||||
CVE-2017-15996 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions. | |||||
CVE-2017-11113 | 1 Gnu | 1 Ncurses | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data. | |||||
CVE-2017-14932 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. | |||||
CVE-2017-12450 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. |