Filtered by vendor Gnu
Subscriptions
Total
1068 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-47007 | 1 Gnu | 1 Binutils | 2024-08-03 | 5.5 Medium |
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | ||||
CVE-2022-46663 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Less, Enterprise Linux | 2024-08-03 | 7.5 High |
In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | ||||
CVE-2022-45939 | 4 Debian, Fedoraproject, Gnu and 1 more | 5 Debian Linux, Fedora, Emacs and 2 more | 2024-08-03 | 7.8 High |
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input. | ||||
CVE-2022-45703 | 1 Gnu | 1 Binutils | 2024-08-03 | 7.8 High |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | ||||
CVE-2022-45332 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.8 High |
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||||
CVE-2022-44840 | 1 Gnu | 1 Binutils | 2024-08-03 | 7.8 High |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | ||||
CVE-2022-41550 | 1 Gnu | 1 Osip | 2024-08-03 | 6.5 Medium |
GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. | ||||
CVE-2022-39831 | 2 Fedoraproject, Gnu | 2 Fedora, Pspp | 2024-08-03 | 7.8 High |
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230. | ||||
CVE-2022-39832 | 2 Fedoraproject, Gnu | 2 Fedora, Pspp | 2024-08-03 | 7.8 High |
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
CVE-2022-39046 | 2 Gnu, Netapp | 12 Glibc, H300s, H300s Firmware and 9 more | 2024-08-03 | 7.5 High |
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. | ||||
CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-08-03 | 7.5 High |
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | ||||
CVE-2022-38533 | 2 Fedoraproject, Gnu | 2 Fedora, Binutils | 2024-08-03 | 5.5 Medium |
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | ||||
CVE-2022-35164 | 1 Gnu | 1 Libredwg | 2024-08-03 | 9.8 Critical |
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. | ||||
CVE-2022-35206 | 1 Gnu | 1 Binutils | 2024-08-03 | 5.5 Medium |
Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c. | ||||
CVE-2022-35205 | 1 Gnu | 1 Binutils | 2024-08-03 | 5.5 Medium |
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | ||||
CVE-2022-33025 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.8 High |
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. | ||||
CVE-2022-33032 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.8 High |
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||||
CVE-2022-33034 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.8 High |
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. | ||||
CVE-2022-33024 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.5 High |
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. | ||||
CVE-2022-33033 | 1 Gnu | 1 Libredwg | 2024-08-03 | 7.8 High |
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. |