Filtered by vendor Gnu
Subscriptions
Total
1183 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-5320 | 1 Gnu | 1 Glibc | 2025-04-20 | N/A |
| scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. | ||||
| CVE-2017-14939 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte. | ||||
| CVE-2017-14130 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. | ||||
| CVE-2017-12836 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Cvs | 2025-04-20 | N/A |
| CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar." | ||||
| CVE-2017-14128 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | ||||
| CVE-2015-8982 | 1 Gnu | 1 Glibc | 2025-04-20 | N/A |
| Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | ||||
| CVE-2016-8605 | 2 Fedoraproject, Gnu | 2 Fedora, Guile | 2025-04-20 | N/A |
| The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected. | ||||
| CVE-2017-12959 | 1 Gnu | 1 Pspp | 2025-04-20 | N/A |
| There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | ||||
| CVE-2015-8985 | 1 Gnu | 1 Glibc | 2025-04-20 | 5.9 Medium |
| The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. | ||||
| CVE-2017-12958 | 1 Gnu | 1 Pspp | 2025-04-20 | N/A |
| There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | ||||
| CVE-2017-14932 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. | ||||
| CVE-2017-14062 | 2 Debian, Gnu | 2 Debian Linux, Libidn2 | 2025-04-20 | 9.8 Critical |
| Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2017-12459 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. | ||||
| CVE-2017-9755 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | ||||
| CVE-2017-12456 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | ||||
| CVE-2017-12454 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | ||||
| CVE-2017-12452 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | ||||
| CVE-2017-12450 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | ||||
| CVE-2017-12449 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | ||||
| CVE-2017-10685 | 1 Gnu | 1 Ncurses | 2025-04-20 | 0.0 Low |
| In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack. | ||||