Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-09-09 CVE-2019-16166 Out-of-bounds Read vulnerability in GNU Cflow 1.5/1.6
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c.
network
low complexity
gnu CWE-125
6.5
6.5
2019-09-09 CVE-2019-16165 Use After Free vulnerability in GNU Cflow 1.5/1.6
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c.
network
low complexity
gnu CWE-416
6.5
6.5
2019-08-23 CVE-2019-15531 Out-of-bounds Read vulnerability in multiple products
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
network
low complexity
gnu debian fedoraproject CWE-125
6.5
6.5
2019-07-30 CVE-2019-14444 Integer Overflow or Wraparound vulnerability in multiple products
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.
local
low complexity
gnu opensuse canonical netapp CWE-190
5.5
5.5
2019-07-24 CVE-2019-14250 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32.
local
low complexity
gnu canonical opensuse CWE-190
5.5
5.5
2019-07-23 CVE-2019-1010204 Incorrect Conversion between Numeric Types vulnerability in multiple products
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read.
local
low complexity
gnu netapp CWE-681
5.5
5.5
2019-07-17 CVE-2019-13636 Link Following vulnerability in GNU Patch
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files.
network
high complexity
gnu CWE-59
5.9
5.9
2019-07-15 CVE-2019-1010025 Use of Insufficiently Random Values vulnerability in GNU Glibc
GNU Libc current is affected by: Mitigation bypass.
network
low complexity
gnu CWE-330
5.3
5.3
2019-07-15 CVE-2019-1010024 Information Exposure vulnerability in GNU Glibc
GNU Libc current is affected by: Mitigation bypass.
network
low complexity
gnu CWE-200
5.3
5.3
2019-06-26 CVE-2019-12972 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
local
low complexity
gnu opensuse canonical CWE-125
5.5
5.5