Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2019-20015 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG 0.92.
network
low complexity
gnu opensuse CWE-770
6.5
6.5
2019-12-27 CVE-2019-20013 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG before 0.93.
network
low complexity
gnu opensuse CWE-770
6.5
6.5
2019-12-27 CVE-2019-20012 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG 0.92.
network
low complexity
gnu opensuse CWE-770
6.5
6.5
2019-12-27 CVE-2019-20009 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG before 0.93.
network
low complexity
gnu opensuse CWE-770
6.5
6.5
2019-12-20 CVE-2015-8313 Information Exposure Through Discrepancy vulnerability in multiple products
GnuTLS incorrectly validates the first byte of padding in CBC modes
network
high complexity
gnu debian CWE-203
5.9
5.9
2019-11-29 CVE-2019-14865 Unspecified vulnerability in GNU Grub2
A flaw was found in the grub2-set-bootflag utility of grub2.
local
low complexity
gnu
5.5
5.5
2019-10-14 CVE-2019-17595 Out-of-bounds Read vulnerability in multiple products
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
network
low complexity
gnu opensuse CWE-125
5.4
5.4
2019-10-14 CVE-2019-17594 Out-of-bounds Read vulnerability in multiple products
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
local
low complexity
gnu opensuse CWE-125
5.3
5.3
2019-10-10 CVE-2019-17451 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
network
low complexity
gnu opensuse canonical CWE-190
6.5
6.5
2019-10-10 CVE-2019-17450 Uncontrolled Recursion vulnerability in multiple products
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
network
low complexity
gnu opensuse canonical CWE-674
6.5
6.5