Filtered by vendor Gnu
Subscribe
Total
1096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4412 | 1 Gnu | 1 Glibc | 2025-04-11 | 7.5 HIGH | N/A |
| Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow. | |||||
| CVE-2012-3406 | 3 Canonical, Gnu, Redhat | 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. | |||||
| CVE-2011-4328 | 1 Gnu | 1 Gnash | 2025-04-11 | 5.0 MEDIUM | N/A |
| plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information. | |||||
| CVE-2010-0624 | 1 Gnu | 2 Cpio, Tar | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | |||||
| CVE-2010-4756 | 1 Gnu | 1 Glibc | 2025-04-11 | 4.0 MEDIUM | N/A |
| The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | |||||
| CVE-2013-2207 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2025-04-11 | 2.6 LOW | N/A |
| pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. | |||||
| CVE-2012-1663 | 1 Gnu | 1 Gnutls | 2025-04-11 | 7.5 HIGH | N/A |
| Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list. | |||||
| CVE-2009-4880 | 1 Gnu | 1 Glibc | 2025-04-11 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391. | |||||
| CVE-2012-0864 | 1 Gnu | 1 Glibc | 2025-04-11 | 6.8 MEDIUM | N/A |
| Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | |||||
| CVE-2010-4337 | 1 Gnu | 1 Gnash | 2025-04-11 | 3.3 LOW | N/A |
| The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files. | |||||
| CVE-2013-2116 | 1 Gnu | 1 Gnutls | 2025-04-11 | 5.0 MEDIUM | N/A |
| The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. | |||||
| CVE-2009-5044 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2025-04-11 | 3.3 LOW | N/A |
| contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. | |||||
| CVE-2010-3856 | 1 Gnu | 1 Glibc | 2025-04-11 | 7.2 HIGH | N/A |
| ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. | |||||
| CVE-2013-1619 | 1 Gnu | 1 Gnutls | 2025-04-11 | 4.0 MEDIUM | N/A |
| The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | |||||
| CVE-2010-0296 | 1 Gnu | 1 Glibc | 2025-04-11 | 7.2 HIGH | N/A |
| The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. | |||||
| CVE-2013-7039 | 1 Gnu | 1 Libmicrohttpd | 2025-04-11 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header. | |||||
| CVE-2010-0001 | 1 Gnu | 1 Gzip | 2025-04-11 | 6.8 MEDIUM | N/A |
| Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error. | |||||
| CVE-2012-1175 | 1 Gnu | 1 Gnash | 2025-04-11 | 6.8 MEDIUM | N/A |
| Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow. | |||||
| CVE-2009-5080 | 1 Gnu | 1 Groff | 2025-04-11 | 3.3 LOW | N/A |
| The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files via a symlink attack on a file in a temporary directory, a different vulnerability than CVE-2004-1296. | |||||
| CVE-2010-0731 | 1 Gnu | 1 Gnutls | 2025-04-11 | 7.5 HIGH | N/A |
| The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. | |||||