Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-13731 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13730 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13729 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. | 6.5 |
| 2017-08-29 | CVE-2017-13728 | Infinite Loop vulnerability in GNU Ncurses 6.0 There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. | 7.5 |
| 2017-08-28 | CVE-2017-13716 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29 The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | 5.5 |
| 2017-08-28 | CVE-2016-0634 | OS Command Injection vulnerability in GNU Bash 4.3 The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine. | 7.5 |
| 2017-08-28 | CVE-2014-9483 | Information Exposure vulnerability in GNU Emacs 24.4 Emacs 24.4 allows remote attackers to bypass security restrictions. | 7.5 |
| 2017-08-27 | CVE-2017-13710 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | 7.5 |
| 2017-08-25 | CVE-2015-1395 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. | 7.5 |
| 2017-08-25 | CVE-2014-9637 | Resource Management Errors vulnerability in multiple products GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. | 5.5 |