Vulnerabilities > GNU
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-27 | CVE-2017-13090 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The retr.c:fd_read_body() function is called when processing OK responses. | 9.3 |
2017-10-27 | CVE-2017-13089 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. | 9.3 |
2017-10-26 | CVE-2017-15922 | Out-of-bounds Read vulnerability in GNU Libextractor 1.4 In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. | 4.3 |
2017-10-22 | CVE-2017-15804 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. | 9.8 |
2017-10-20 | CVE-2017-15671 | Missing Release of Resource after Effective Lifetime vulnerability in GNU Glibc The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). | 4.3 |
2017-10-20 | CVE-2017-15670 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | 7.5 |
2017-10-18 | CVE-2017-15602 | Infinite Loop vulnerability in GNU Libextractor 1.4 In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size. | 5.0 |
2017-10-18 | CVE-2017-15601 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libextractor 1.4 In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. | 5.0 |
2017-10-18 | CVE-2017-15600 | NULL Pointer Dereference vulnerability in GNU Libextractor 1.4 In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. | 5.0 |
2017-10-18 | CVE-2011-5320 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. | 6.2 |