Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2021-01-04 CVE-2020-35495 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-476
5.5
5.5
2021-01-04 CVE-2020-35494 Use of Uninitialized Resource vulnerability in multiple products
There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-908
6.1
6.1
2021-01-04 CVE-2020-35493 Improper Input Validation vulnerability in multiple products
A flaw exists in binutils in bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-20
5.5
5.5
2020-12-27 CVE-2020-35448 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1.
local
low complexity
gnu netapp CWE-125
3.3
3.3
2020-12-09 CVE-2020-16599 NULL Pointer Dereference vulnerability in multiple products
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
local
low complexity
gnu netapp CWE-476
5.5
5.5
2020-12-09 CVE-2020-16593 NULL Pointer Dereference vulnerability in multiple products
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.
local
low complexity
gnu netapp CWE-476
5.5
5.5
2020-12-09 CVE-2020-16592 Use After Free vulnerability in multiple products
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
local
low complexity
gnu netapp fedoraproject CWE-416
5.5
5.5
2020-12-09 CVE-2020-16591 Out-of-bounds Read vulnerability in multiple products
A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.
local
low complexity
gnu netapp CWE-125
5.5
5.5
2020-12-09 CVE-2020-16590 Double Free vulnerability in multiple products
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
local
low complexity
gnu netapp CWE-415
5.5
5.5
2020-12-06 CVE-2020-29573 Out-of-bounds Write vulnerability in multiple products
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf.
network
low complexity
gnu redhat netapp CWE-787
7.5
7.5