Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-08 | CVE-2017-11112 | Improper Input Validation vulnerability in GNU Ncurses 6.0 In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. | 7.5 |
| 2017-07-02 | CVE-2017-10792 | NULL Pointer Dereference vulnerability in GNU Pspp 0.10.5Pre2 There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. | 6.5 |
| 2017-07-02 | CVE-2017-10791 | Integer Overflow or Wraparound vulnerability in GNU Pspp 0.10.5Pre2 There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. | 6.5 |
| 2017-07-02 | CVE-2017-10790 | NULL Pointer Dereference vulnerability in GNU Libtasn1 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. | 7.5 |
| 2017-06-29 | CVE-2017-10685 | Use of Externally-Controlled Format String vulnerability in GNU Ncurses 6.0 In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. | 9.8 |
| 2017-06-29 | CVE-2017-10684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. | 9.8 |
| 2017-06-27 | CVE-2015-5180 | NULL Pointer Dereference vulnerability in multiple products res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). | 7.5 |
| 2017-06-26 | CVE-2017-9955 | Out-of-bounds Read vulnerability in GNU Binutils 2.28 The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program. | 5.5 |
| 2017-06-26 | CVE-2017-9954 | Out-of-bounds Read vulnerability in GNU Binutils 2.28 The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program. | 5.5 |
| 2017-06-21 | CVE-2017-9778 | Allocation of Resources Without Limits or Throttling vulnerability in GNU GDB GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. | 5.5 |