ReportizFlow
Filtered by vendor Gnu
Subscriptions
Total
1150 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39128 | 1 Gnu | 1 Gdb | 2024-11-21 | 5.5 Medium |
| GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | ||||
| CVE-2023-2789 | 1 Gnu | 1 Cflow | 2024-11-21 | 3.5 Low |
| A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-11-21 | 5.5 Medium |
| Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | ||||
| CVE-2022-48065 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2024-11-21 | 5.5 Medium |
| GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. | ||||
| CVE-2022-48064 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2024-11-21 | 5.5 Medium |
| GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | ||||
| CVE-2022-48063 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | ||||
| CVE-2022-47696 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.8 High |
| An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. | ||||
| CVE-2022-47695 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.8 High |
| An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. | ||||
| CVE-2022-47673 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.8 High |
| An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. | ||||
| CVE-2022-47011 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | ||||
| CVE-2022-47010 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | ||||
| CVE-2022-47008 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | ||||
| CVE-2022-47007 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | ||||
| CVE-2022-45703 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.8 High |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | ||||
| CVE-2022-44840 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.8 High |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | ||||
| CVE-2022-3775 | 2 Gnu, Redhat | 6 Grub2, Enterprise Linux, Rhel Aus and 3 more | 2024-11-21 | 7.1 High |
| When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. | ||||
| CVE-2022-39832 | 2 Fedoraproject, Gnu | 2 Fedora, Pspp | 2024-11-21 | 7.8 High |
| An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2022-39831 | 2 Fedoraproject, Gnu | 2 Fedora, Pspp | 2024-11-21 | 7.8 High |
| An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230. | ||||
| CVE-2022-39046 | 2 Gnu, Netapp | 12 Glibc, H300s, H300s Firmware and 9 more | 2024-11-21 | 7.5 High |
| An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. | ||||
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | 7.5 High |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | ||||