Filtered by vendor Gnu
Subscribe
Total
1079 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5618 | 1 Gnu | 1 Screen | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. | |||||
| CVE-2017-12450 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | |||||
| CVE-2017-15671 | 1 Gnu | 1 Glibc | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). | |||||
| CVE-2016-4489 | 1 Gnu | 1 Libiberty | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." | |||||
| CVE-2017-14061 | 1 Gnu | 1 Libidn2 | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2017-7224 | 1 Gnu | 1 Binutils | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. | |||||
| CVE-2017-15938 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). | |||||
| CVE-2015-8107 | 1 Gnu | 1 A2ps | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. | |||||
| CVE-2017-7301 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash. | |||||
| CVE-2017-8393 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash. | |||||
| CVE-2017-14745 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | |||||
| CVE-2017-7225 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. | |||||
| CVE-2017-9755 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
| CVE-2016-0634 | 1 Gnu | 1 Bash | 2025-04-20 | 6.0 MEDIUM | 7.5 HIGH |
| The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. | |||||
| CVE-2017-14333 | 1 Gnu | 1 Binutils | 2025-04-20 | 4.3 MEDIUM | 7.8 HIGH |
| The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. | |||||
| CVE-2017-17125 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
| CVE-2017-13089 | 2 Debian, Gnu | 2 Debian Linux, Wget | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. | |||||
| CVE-2017-9748 | 1 Gnu | 1 Binutils | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug. | |||||
| CVE-2017-8396 | 1 Gnu | 1 Binutils | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | |||||
| CVE-2016-2781 | 1 Gnu | 1 Coreutils | 2025-04-20 | 2.1 LOW | 6.5 MEDIUM |
| chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | |||||