Vulnerabilities > GNU > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-14 | CVE-2019-17595 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | 5.4 |
2019-10-14 | CVE-2019-17594 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | 5.3 |
2019-10-10 | CVE-2019-17451 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 6.5 |
2019-10-10 | CVE-2019-17450 | Uncontrolled Recursion vulnerability in multiple products find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | 6.5 |
2019-09-09 | CVE-2019-16166 | Out-of-bounds Read vulnerability in GNU Cflow 1.5/1.6 GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. | 6.5 |
2019-09-09 | CVE-2019-16165 | Use After Free vulnerability in GNU Cflow 1.5/1.6 GNU cflow through 1.6 has a use-after-free in the reference function in parser.c. | 6.5 |
2019-08-23 | CVE-2019-15531 | Out-of-bounds Read vulnerability in multiple products GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. | 6.5 |
2019-07-30 | CVE-2019-14444 | Integer Overflow or Wraparound vulnerability in multiple products apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | 5.5 |
2019-07-24 | CVE-2019-14250 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. | 5.5 |
2019-07-23 | CVE-2019-1010204 | Incorrect Conversion between Numeric Types vulnerability in multiple products GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. | 5.5 |