Vulnerabilities > GNU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-04 | CVE-2017-14129 | Out-of-bounds Read vulnerability in GNU Binutils 2.29 The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-09-04 | CVE-2017-14128 | Out-of-bounds Read vulnerability in GNU Binutils 2.29 The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | 5.5 |
| 2017-08-29 | CVE-2017-13757 | Out-of-bounds Read vulnerability in GNU Binutils 2.29 The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. | 5.5 |
| 2017-08-29 | CVE-2017-13734 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13733 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13731 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13730 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. | 6.5 |
| 2017-08-29 | CVE-2017-13729 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Ncurses 6.0 There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. | 6.5 |
| 2017-08-28 | CVE-2017-13716 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29 The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | 5.5 |