Filtered by vendor Gnu
Subscriptions
Total
1162 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-13728 | 1 Gnu | 1 Ncurses | 2025-04-20 | N/A |
| There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-14129 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | ||||
| CVE-2017-13730 | 1 Gnu | 1 Ncurses | 2025-04-20 | N/A |
| There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. | ||||
| CVE-2017-15670 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-20 | N/A |
| The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | ||||
| CVE-2017-14062 | 2 Debian, Gnu | 2 Debian Linux, Libidn2 | 2025-04-20 | 9.8 Critical |
| Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2017-14061 | 1 Gnu | 1 Libidn2 | 2025-04-20 | N/A |
| Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2017-15922 | 1 Gnu | 1 Libextractor | 2025-04-20 | N/A |
| In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. | ||||
| CVE-2017-13716 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | ||||
| CVE-2017-15671 | 1 Gnu | 1 Glibc | 2025-04-20 | N/A |
| The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). | ||||
| CVE-2017-17124 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary. | ||||
| CVE-2017-13710 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | ||||
| CVE-2017-9750 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | ||||
| CVE-2017-15600 | 1 Gnu | 1 Libextractor | 2025-04-20 | N/A |
| In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. | ||||
| CVE-2017-15266 | 1 Gnu | 1 Libextractor | 2025-04-20 | N/A |
| In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. | ||||
| CVE-2017-15267 | 1 Gnu | 1 Libextractor | 2025-04-20 | N/A |
| In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. | ||||
| CVE-2017-15601 | 1 Gnu | 1 Libextractor | 2025-04-20 | N/A |
| In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. | ||||
| CVE-2017-1000383 | 1 Gnu | 1 Emacs | 2025-04-20 | N/A |
| GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary. | ||||
| CVE-2017-15938 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). | ||||
| CVE-2017-7614 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. | ||||
| CVE-2017-14940 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. | ||||