Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-24 | CVE-2017-18199 | NULL Pointer Dereference vulnerability in GNU Libcdio realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. | 6.5 |
| 2018-02-24 | CVE-2017-18198 | Out-of-bounds Read vulnerability in GNU Libcdio print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. | 8.8 |
| 2018-02-18 | CVE-2018-7208 | Improper Input Validation vulnerability in multiple products In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. | 7.8 |
| 2018-02-13 | CVE-2018-6952 | Double Free vulnerability in GNU Patch A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. | 7.5 |
| 2018-02-13 | CVE-2018-6951 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GNU patch through 2.7.6. | 7.5 |
| 2018-02-13 | CVE-2016-10713 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Patch An issue was discovered in GNU patch before 2.7.6. | 5.5 |
| 2018-02-09 | CVE-2018-6872 | Out-of-bounds Read vulnerability in GNU Binutils 2.30 The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment. | 5.5 |
| 2018-02-06 | CVE-2018-6759 | Improper Input Validation vulnerability in GNU Binutils 2.30 The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. | 5.5 |
| 2018-02-02 | CVE-2018-6551 | Integer Overflow or Wraparound vulnerability in GNU Glibc 2.24/2.25/2.26 The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption. | 9.8 |
| 2018-02-02 | CVE-2018-6543 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.30 In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. | 7.8 |