Vulnerabilities > GNU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-24 | CVE-2016-4492 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libiberty Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. | 4.4 |
| 2017-02-24 | CVE-2016-4491 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libiberty The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." | 5.5 |
| 2017-02-24 | CVE-2016-4490 | Integer Overflow or Wraparound vulnerability in GNU Libiberty Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. | 5.5 |
| 2017-02-24 | CVE-2016-4489 | Integer Overflow or Wraparound vulnerability in GNU Libiberty Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." | 5.5 |
| 2017-02-24 | CVE-2016-4488 | Use After Free vulnerability in GNU Libiberty Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." | 5.5 |
| 2017-02-24 | CVE-2016-4487 | Use After Free vulnerability in GNU Libiberty Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." | 5.5 |
| 2017-02-07 | CVE-2016-2781 | Improper Input Validation vulnerability in GNU Coreutils chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 6.5 |
| 2017-01-23 | CVE-2016-9401 | Use After Free vulnerability in multiple products popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | 5.5 |
| 2017-01-12 | CVE-2016-8605 | Permission Issues vulnerability in multiple products The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. | 5.3 |
| 2016-06-10 | CVE-2016-4429 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. | 5.9 |