Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-17 | CVE-2018-14346 | Out-of-bounds Write vulnerability in multiple products GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). | 8.8 |
| 2018-07-12 | CVE-2018-13796 | Improper Input Validation vulnerability in GNU Mailman An issue was discovered in GNU Mailman before 2.1.28. | 6.5 |
| 2018-07-01 | CVE-2018-13033 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. | 5.5 |
| 2018-06-28 | CVE-2018-12934 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.30 remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). | 7.5 |
| 2018-06-23 | CVE-2018-12699 | Out-of-bounds Write vulnerability in multiple products finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. | 9.8 |
| 2018-06-23 | CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. | 7.5 |
| 2018-06-23 | CVE-2018-12697 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. | 7.5 |
| 2018-06-22 | CVE-2018-12641 | Resource Exhaustion vulnerability in GNU Binutils 2.30 An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. | 5.5 |
| 2018-05-18 | CVE-2018-11237 | Out-of-bounds Write vulnerability in multiple products An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. | 7.8 |
| 2018-05-18 | CVE-2018-11236 | Integer Overflow or Wraparound vulnerability in multiple products stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. | 9.8 |