Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-14 | CVE-2019-9771 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. | 7.5 |
| 2019-03-14 | CVE-2019-9770 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. | 7.5 |
| 2019-02-26 | CVE-2019-9192 | Uncontrolled Recursion vulnerability in GNU Glibc In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. | 7.5 |
| 2019-02-26 | CVE-2018-20796 | Uncontrolled Recursion vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. | 7.5 |
| 2019-02-26 | CVE-2009-5155 | Data Processing Errors vulnerability in multiple products In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | 7.5 |
| 2019-02-24 | CVE-2019-9077 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU Binutils 2.32. | 7.8 |
| 2019-02-24 | CVE-2019-9075 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 7.8 |
| 2019-02-24 | CVE-2019-9070 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. | 7.8 |
| 2019-01-18 | CVE-2019-6488 | Improper Resource Shutdown or Release vulnerability in GNU Glibc The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy. | 7.8 |
| 2019-01-02 | CVE-2018-20657 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698. | 7.5 |