| 2021-01-04 | CVE-2020-35495 | NULL Pointer Dereference vulnerability in multiple products
There's a flaw in binutils /bfd/pef.c. | 5.5 |
| 2021-01-04 | CVE-2020-35494 | Use of Uninitialized Resource vulnerability in multiple products
There's a flaw in binutils /opcodes/tic4x-dis.c. | 6.1 |
| 2021-01-04 | CVE-2020-35493 | A flaw exists in binutils in bfd/pef.c. | 5.5 |
| 2020-12-14 | CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications. | 5.6 |
| 2020-12-14 | CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications. | 5.6 |
| 2020-12-14 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications. | 5.6 |
| 2020-12-11 | CVE-2020-27825 | Race Condition vulnerability in multiple products
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). | 5.7 |
| 2020-12-10 | CVE-2020-27350 | Integer Overflow or Wraparound vulnerability in multiple products
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. | 5.7 |
| 2020-12-09 | CVE-2020-16599 | NULL Pointer Dereference vulnerability in multiple products
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | 5.5 |
| 2020-12-09 | CVE-2020-16593 | NULL Pointer Dereference vulnerability in multiple products
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. | 5.5 |