Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-30 | CVE-2018-17794 | NULL Pointer Dereference vulnerability in GNU Binutils 2.31 An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. | 6.5 |
| 2018-09-23 | CVE-2018-17360 | Out-of-bounds Read vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-09-23 | CVE-2018-17359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-09-23 | CVE-2018-17358 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-09-04 | CVE-2018-16430 | Out-of-bounds Read vulnerability in multiple products GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. | 8.8 |
| 2018-08-22 | CVE-2018-10846 | Covert Timing Channel vulnerability in multiple products A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. | 5.6 |
| 2018-08-22 | CVE-2018-10845 | Covert Timing Channel vulnerability in multiple products It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. | 5.9 |
| 2018-08-22 | CVE-2018-10844 | Covert Timing Channel vulnerability in multiple products It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. | 5.9 |
| 2018-08-20 | CVE-2018-1000654 | Unspecified vulnerability in GNU Libtasn1 4.12/4.13 GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. | 5.5 |
| 2018-07-26 | CVE-2018-0618 | Cross-site Scripting vulnerability in multiple products Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |