Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Pspp
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-39832 2 Fedoraproject, Gnu 2 Fedora, Pspp 2024-11-21 N/A 7.8 HIGH
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2022-39831 2 Fedoraproject, Gnu 2 Fedora, Pspp 2024-11-21 N/A 7.8 HIGH
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230.
CVE-2019-9211 3 Fedoraproject, Gnu, Suse 4 Fedora, Pspp, Backports and 1 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
CVE-2018-20230 1 Gnu 1 Pspp 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2017-12961 1 Gnu 1 Pspp 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-12960 1 Gnu 1 Pspp 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-12959 1 Gnu 1 Pspp 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.
CVE-2017-12958 1 Gnu 1 Pspp 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
CVE-2017-10792 1 Gnu 1 Pspp 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
CVE-2017-10791 1 Gnu 1 Pspp 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.