Filtered by vendor Gnu
Subscribe
Total
288 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17451 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. | |||||
CVE-2015-8313 | 2 Debian, Gnu | 2 Debian Linux, Gnutls | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
GnuTLS incorrectly validates the first byte of padding in CBC modes | |||||
CVE-2019-20009 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | |||||
CVE-2020-10029 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. | |||||
CVE-2019-20015 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec. | |||||
CVE-2019-20012 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec. | |||||
CVE-2019-17450 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | |||||
CVE-2019-20013 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec. | |||||
CVE-2020-6615 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | |||||
CVE-2020-6610 | 2 Gnu, Opensuse | 3 Libredwg, Backports, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | |||||
CVE-2020-6611 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | |||||
CVE-2019-12972 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | |||||
CVE-2019-16165 | 1 Gnu | 1 Cflow | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c. | |||||
CVE-2019-15531 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Libextractor | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. | |||||
CVE-2019-1010204 | 2 Gnu, Netapp | 4 Binutils, Binutils Gold, Hci Management Node and 1 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened. | |||||
CVE-2019-14444 | 4 Canonical, Gnu, Netapp and 1 more | 5 Ubuntu Linux, Binutils, Hci Management Node and 2 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | |||||
CVE-2019-11638 | 1 Gnu | 1 Recutils | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash. | |||||
CVE-2019-11637 | 1 Gnu | 1 Recutils | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash. | |||||
CVE-2019-16166 | 1 Gnu | 1 Cflow | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. | |||||
CVE-2019-14250 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. |