Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-19188 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-02-28 | N/A | 6.5 MEDIUM |
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
CVE-2023-25585 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 5.5 MEDIUM |
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service. | |||||
CVE-2023-39129 | 1 Gnu | 1 Gdb | 2024-02-28 | N/A | 5.5 MEDIUM |
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. | |||||
CVE-2022-47695 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 7.8 HIGH |
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. | |||||
CVE-2020-35342 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 7.5 HIGH |
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. | |||||
CVE-2022-48064 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2024-02-28 | N/A | 5.5 MEDIUM |
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | |||||
CVE-2020-19726 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 8.8 HIGH |
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. | |||||
CVE-2023-25588 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 5.5 MEDIUM |
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service. | |||||
CVE-2022-28736 | 1 Gnu | 1 Grub2 | 2024-02-28 | N/A | 7.8 HIGH |
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If an attacker can control the GRUB2's memory allocation pattern sensitive data may be exposed and arbitrary code execution can be achieved. | |||||
CVE-2022-48063 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 5.5 MEDIUM |
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | |||||
CVE-2022-28735 | 1 Gnu | 1 Grub2 | 2024-02-28 | N/A | 7.8 HIGH |
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain. | |||||
CVE-2022-35205 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 5.5 MEDIUM |
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | |||||
CVE-2022-28733 | 1 Gnu | 1 Grub2 | 2024-02-28 | N/A | 8.1 HIGH |
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer. | |||||
CVE-2022-45703 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 7.8 HIGH |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | |||||
CVE-2020-19185 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-02-28 | N/A | 6.5 MEDIUM |
Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
CVE-2022-47696 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 7.8 HIGH |
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. | |||||
CVE-2022-48065 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2024-02-28 | N/A | 5.5 MEDIUM |
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. | |||||
CVE-2023-4156 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gawk, Enterprise Linux | 2024-02-28 | N/A | 7.1 HIGH |
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. | |||||
CVE-2021-32256 | 1 Gnu | 1 Binutils | 2024-02-28 | N/A | 6.5 MEDIUM |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||||
CVE-2020-19189 | 3 Debian, Gnu, Netapp | 3 Debian Linux, Ncurses, Active Iq Unified Manager | 2024-02-28 | N/A | 6.5 MEDIUM |
Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |