Filtered by vendor Gnu
Subscriptions
Total
1068 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-20230 | 1 Gnu | 1 Pspp | 2024-09-16 | N/A |
An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
CVE-2017-12453 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | ||||
CVE-2020-15706 | 7 Canonical, Debian, Gnu and 4 more | 18 Ubuntu Linux, Debian Linux, Grub2 and 15 more | 2024-09-16 | 6.4 Medium |
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. | ||||
CVE-2017-7226 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well. | ||||
CVE-2017-12457 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | ||||
CVE-2005-1039 | 1 Gnu | 1 Coreutils | 2024-09-16 | N/A |
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. | ||||
CVE-2013-4487 | 2 Gnu, Opensuse | 2 Gnutls, Opensuse | 2024-09-16 | N/A |
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466. | ||||
CVE-2017-14529 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. | ||||
CVE-2011-5024 | 1 Gnu | 1 Mailman | 2024-09-16 | N/A |
Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter. | ||||
CVE-2000-1219 | 1 Gnu | 2 G\+\+, Gcc | 2024-09-16 | N/A |
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows. | ||||
CVE-2009-5082 | 2 Gnu, Openwall | 2 Groff, Owl | 2024-09-16 | N/A |
The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
CVE-2004-2459 | 1 Gnu | 1 Gnubiff | 2024-09-16 | N/A |
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | ||||
CVE-2013-4466 | 1 Gnu | 1 Gnutls | 2024-09-16 | N/A |
Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. | ||||
CVE-2010-0002 | 1 Gnu | 1 Bash | 2024-09-16 | N/A |
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename. | ||||
CVE-2017-14745 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | ||||
CVE-2021-46705 | 3 Gnu, Opensuse, Suse | 3 Grub2, Factory, Linux Enterprise Server | 2024-09-16 | 5.1 Medium |
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1. | ||||
CVE-2017-12451 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | ||||
CVE-2017-14974 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | ||||
CVE-2017-13716 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | ||||
CVE-2017-1000455 | 1 Gnu | 1 Guixsd | 2024-09-16 | N/A |
GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix. |