Vulnerabilities > GNU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2016-10228 | Improper Input Validation vulnerability in GNU Glibc The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | 5.9 |
| 2017-02-24 | CVE-2016-4493 | Out-of-bounds Read vulnerability in GNU Libiberty The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. | 5.5 |
| 2017-02-24 | CVE-2016-4492 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libiberty Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. | 4.4 |
| 2017-02-24 | CVE-2016-4491 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libiberty The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." | 5.5 |
| 2017-02-24 | CVE-2016-4490 | Integer Overflow or Wraparound vulnerability in GNU Libiberty Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. | 5.5 |
| 2017-02-24 | CVE-2016-4489 | Integer Overflow or Wraparound vulnerability in GNU Libiberty Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." | 5.5 |
| 2017-02-24 | CVE-2016-4488 | Use After Free vulnerability in GNU Libiberty Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." | 5.5 |
| 2017-02-24 | CVE-2016-4487 | Use After Free vulnerability in GNU Libiberty Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." | 5.5 |
| 2017-02-07 | CVE-2016-2781 | Improper Input Validation vulnerability in GNU Coreutils chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 6.5 |
| 2017-01-23 | CVE-2016-9401 | Use After Free vulnerability in multiple products popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | 5.5 |