Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35357 | 2 Debian, Gnu | 2 Debian Linux, Gnu Scientific Library | 2023-12-10 | N/A | 6.5 MEDIUM |
A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution. | |||||
CVE-2022-48065 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | N/A | 5.5 MEDIUM |
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. | |||||
CVE-2023-40305 | 1 Gnu | 1 Indent | 2023-12-10 | N/A | 5.5 MEDIUM |
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | |||||
CVE-2023-25585 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service. | |||||
CVE-2023-39129 | 1 Gnu | 1 Gdb | 2023-12-10 | N/A | 5.5 MEDIUM |
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. | |||||
CVE-2023-4156 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gawk, Enterprise Linux | 2023-12-10 | N/A | 7.1 HIGH |
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. | |||||
CVE-2022-28735 | 1 Gnu | 1 Grub2 | 2023-12-10 | N/A | 7.8 HIGH |
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain. | |||||
CVE-2022-47010 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | |||||
CVE-2020-19726 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 8.8 HIGH |
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. | |||||
CVE-2022-45703 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | |||||
CVE-2022-48063 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | |||||
CVE-2021-32256 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 6.5 MEDIUM |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||||
CVE-2022-47011 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | |||||
CVE-2023-25586 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service. | |||||
CVE-2021-46174 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.5 HIGH |
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | |||||
CVE-2022-35205 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | |||||
CVE-2023-1579 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | |||||
CVE-2021-34337 | 1 Gnu | 1 Mailman | 2023-12-10 | N/A | 6.3 MEDIUM |
An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces. | |||||
CVE-2023-36273 | 1 Gnu | 1 Libredwg | 2023-12-10 | N/A | 8.8 HIGH |
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | |||||
CVE-2023-1972 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 6.5 MEDIUM |
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. |