Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2018-12-07 CVE-2018-19931 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31.
local
low complexity
gnu netapp canonical CWE-787
7.8
7.8
2018-12-04 CVE-2018-19591 Improper Input Validation vulnerability in multiple products
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed.
network
low complexity
gnu fedoraproject CWE-20
7.5
7.5
2018-12-03 CVE-2018-16868 Information Exposure Through Discrepancy vulnerability in GNU Gnutls
A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data.
high complexity
gnu CWE-203
5.6
5.6
2018-11-12 CVE-2018-19217 NULL Pointer Dereference vulnerability in GNU Ncurses 6.1
In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack.
network
low complexity
gnu CWE-476
6.5
6.5
2018-11-12 CVE-2018-19211 NULL Pointer Dereference vulnerability in GNU Ncurses 6.1
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack.
local
low complexity
gnu CWE-476
5.5
5.5
2018-10-29 CVE-2018-18751 Double Free vulnerability in multiple products
An issue was discovered in GNU gettext 0.19.8.
network
low complexity
gnu canonical redhat CWE-415
critical
 9.8
9.8
2018-10-29 CVE-2018-18701 Infinite Loop vulnerability in GNU Binutils 2.31
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-835
5.5
5.5
2018-10-29 CVE-2018-18700 Infinite Loop vulnerability in GNU Binutils 2.31
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-835
5.5
5.5
2018-10-23 CVE-2018-18607 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18606 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5