Filtered by vendor Gnu
Subscribe
Total
378 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-1569 | 1 Gnu | 2 Gnutls, Libtasn1 | 2023-12-10 | 5.0 MEDIUM | N/A |
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. | |||||
CVE-2013-4122 | 2 Cmu, Gnu | 2 Cyrus-sasl, Glibc | 2023-12-10 | 4.3 MEDIUM | N/A |
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference. | |||||
CVE-2009-5029 | 1 Gnu | 1 Glibc | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd. | |||||
CVE-2013-7038 | 1 Gnu | 1 Libmicrohttpd | 2023-12-10 | 6.4 MEDIUM | N/A |
The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. | |||||
CVE-2012-3480 | 1 Gnu | 1 Glibc | 2023-12-10 | 4.6 MEDIUM | N/A |
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | |||||
CVE-2012-3509 | 3 Canonical, Debian, Gnu | 4 Ubuntu Linux, Debian Linux, Binutils and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. | |||||
CVE-2012-1175 | 1 Gnu | 1 Gnash | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow. | |||||
CVE-2013-4458 | 2 Gnu, Suse | 3 Glibc, Linux Enterprise Debuginfo, Linux Enterprise Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914. | |||||
CVE-2013-4332 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions. | |||||
CVE-2012-0864 | 1 Gnu | 1 Glibc | 2023-12-10 | 6.8 MEDIUM | N/A |
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | |||||
CVE-2013-2207 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2023-12-10 | 2.6 LOW | N/A |
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. | |||||
CVE-2012-5667 | 1 Gnu | 1 Grep | 2023-12-10 | 4.4 MEDIUM | N/A |
Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow. | |||||
CVE-2011-4609 | 1 Gnu | 1 Glibc | 2023-12-10 | 5.0 MEDIUM | N/A |
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | |||||
CVE-2013-0242 | 1 Gnu | 1 Glibc | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters. | |||||
CVE-2009-5081 | 1 Gnu | 1 Groff | 2023-12-10 | 3.3 LOW | N/A |
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969. | |||||
CVE-2010-3856 | 1 Gnu | 1 Glibc | 2023-12-10 | 7.2 HIGH | N/A |
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. | |||||
CVE-2010-0296 | 1 Gnu | 1 Glibc | 2023-12-10 | 7.2 HIGH | N/A |
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. | |||||
CVE-2010-0624 | 1 Gnu | 2 Cpio, Tar | 2023-12-10 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | |||||
CVE-2010-0731 | 1 Gnu | 1 Gnutls | 2023-12-10 | 7.5 HIGH | N/A |
The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. | |||||
CVE-2010-1160 | 1 Gnu | 1 Nano | 2023-12-10 | 1.9 LOW | N/A |
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. |