Vulnerabilities > GNU > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-07 | CVE-2018-19932 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. | 5.5 |
2018-12-03 | CVE-2018-16868 | Information Exposure Through Discrepancy vulnerability in GNU Gnutls A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. | 5.6 |
2018-11-12 | CVE-2018-19217 | NULL Pointer Dereference vulnerability in GNU Ncurses 6.1 In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. | 6.5 |
2018-11-12 | CVE-2018-19211 | NULL Pointer Dereference vulnerability in GNU Ncurses 6.1 In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. | 5.5 |
2018-10-29 | CVE-2018-18701 | Infinite Loop vulnerability in GNU Binutils 2.31 An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. | 5.5 |
2018-10-29 | CVE-2018-18700 | Infinite Loop vulnerability in GNU Binutils 2.31 An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. | 5.5 |
2018-10-23 | CVE-2018-18607 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
2018-10-23 | CVE-2018-18606 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
2018-10-23 | CVE-2018-18605 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. | 5.5 |
2018-10-18 | CVE-2018-18484 | Uncontrolled Recursion vulnerability in GNU Binutils 2.31 An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. | 5.5 |