Filtered by vendor Gnu
Subscribe
Total
288 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-9040 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt. | |||||
CVE-2017-7224 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. | |||||
CVE-2016-4488 | 1 Gnu | 1 Libiberty | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." | |||||
CVE-2016-4429 | 3 Canonical, Gnu, Opensuse | 4 Ubuntu Linux, Glibc, Leap and 1 more | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. | |||||
CVE-2016-4008 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Libtasn1 and 1 more | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate. | |||||
CVE-2016-2037 | 2 Debian, Gnu | 2 Debian Linux, Cpio | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file. | |||||
CVE-2015-8777 | 1 Gnu | 1 Glibc | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. | |||||
CVE-2009-5078 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2023-12-10 | 6.4 MEDIUM | 6.5 MEDIUM |
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document. |