Filtered by vendor Gnu
Subscriptions
Total
1073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17794 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. | ||||
| CVE-2018-17360 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. | ||||
| CVE-2018-17359 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | ||||
| CVE-2018-17358 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | ||||
| CVE-2018-16868 | 1 Gnu | 1 Gnutls | 2024-11-21 | 5.6 Medium |
| A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server. | ||||
| CVE-2018-16430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | N/A |
| GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. | ||||
| CVE-2018-14524 | 1 Gnu | 1 Libredwg | 2024-11-21 | N/A |
| dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs. | ||||
| CVE-2018-14471 | 1 Gnu | 1 Libredwg | 2024-11-21 | N/A |
| dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file. | ||||
| CVE-2018-14443 | 1 Gnu | 1 Libredwg | 2024-11-21 | N/A |
| get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV). | ||||
| CVE-2018-14347 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | N/A |
| GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). | ||||
| CVE-2018-14346 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | N/A |
| GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). | ||||
| CVE-2018-13796 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site. | ||||
| CVE-2018-13033 | 2 Gnu, Redhat | 6 Binutils, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. | ||||
| CVE-2018-12934 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt. | ||||
| CVE-2018-12886 | 1 Gnu | 1 Gcc | 2024-11-21 | N/A |
| stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | ||||
| CVE-2018-12699 | 3 Canonical, Gnu, Redhat | 3 Ubuntu Linux, Binutils, Enterprise Linux | 2024-11-21 | N/A |
| finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | ||||
| CVE-2018-12698 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2024-11-21 | N/A |
| demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. | ||||
| CVE-2018-12697 | 3 Canonical, Gnu, Redhat | 4 Ubuntu Linux, Binutils, Ansible Tower and 1 more | 2024-11-21 | N/A |
| A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | ||||
| CVE-2018-12641 | 2 Gnu, Redhat | 3 Binutils, Ansible Tower, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. | ||||
| CVE-2018-11237 | 5 Canonical, Gnu, Netapp and 2 more | 11 Ubuntu Linux, Glibc, Data Ontap Edge and 8 more | 2024-11-21 | 7.8 High |
| An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. | ||||