Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-10-15 CVE-2018-18309 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-119
5.5
2018-10-04 CVE-2018-17985 Resource Exhaustion vulnerability in GNU Binutils 2.31
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-400
5.5
2018-09-30 CVE-2018-17794 NULL Pointer Dereference vulnerability in GNU Binutils 2.31
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.
network
low complexity
gnu CWE-476
6.5
2018-09-23 CVE-2018-17360 Out-of-bounds Read vulnerability in GNU Binutils 2.31.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-125
5.5
2018-09-23 CVE-2018-17359 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-119
5.5
2018-09-23 CVE-2018-17358 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-119
5.5
2018-08-22 CVE-2018-10846 A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found.
local
high complexity
gnu redhat canonical fedoraproject debian
5.6
2018-08-22 CVE-2018-10845 It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack.
network
high complexity
gnu redhat canonical fedoraproject debian
5.9
2018-08-22 CVE-2018-10844 It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack.
network
high complexity
gnu redhat canonical fedoraproject debian
5.9
2018-08-20 CVE-2018-1000654 Unspecified vulnerability in GNU Libtasn1 4.12/4.13
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed.
local
low complexity
gnu
5.5