Vulnerabilities > GNU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-20 | CVE-2015-8984 | Out-of-bounds Read vulnerability in GNU Glibc The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read. | 5.9 |
| 2017-03-17 | CVE-2017-6966 | Use After Free vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. | 5.5 |
| 2017-03-17 | CVE-2017-6965 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. | 5.5 |
| 2017-03-07 | CVE-2017-6508 | CRLF Injection vulnerability in GNU Wget CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL. | 6.1 |
| 2017-03-02 | CVE-2016-10228 | Improper Input Validation vulnerability in GNU Glibc The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | 5.9 |
| 2017-02-24 | CVE-2016-4493 | Out-of-bounds Read vulnerability in GNU Libiberty The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. | 5.5 |
| 2017-02-24 | CVE-2016-4492 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libiberty Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. | 4.4 |
| 2017-02-24 | CVE-2016-4491 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libiberty The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." | 5.5 |
| 2017-02-24 | CVE-2016-4490 | Integer Overflow or Wraparound vulnerability in GNU Libiberty Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. | 5.5 |
| 2017-02-24 | CVE-2016-4489 | Integer Overflow or Wraparound vulnerability in GNU Libiberty Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." | 5.5 |