Filtered by vendor Gnu
Subscribe
Total
1090 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20009 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec. | |||||
| CVE-2019-19126 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. | |||||
| CVE-2019-18862 | 1 Gnu | 1 Mailutils | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. | |||||
| CVE-2019-18397 | 2 Debian, Gnu | 2 Debian Linux, Fribidi | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat. | |||||
| CVE-2019-18276 | 3 Gnu, Netapp, Oracle | 5 Bash, Hci Management Node, Oncommand Unified Manager and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected. | |||||
| CVE-2019-18224 | 1 Gnu | 1 Libidn2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. | |||||
| CVE-2019-18192 | 1 Gnu | 1 Guix | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365. | |||||
| CVE-2019-17595 | 2 Gnu, Opensuse | 2 Ncurses, Leap | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | |||||
| CVE-2019-17594 | 2 Gnu, Opensuse | 2 Ncurses, Leap | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. | |||||
| CVE-2019-17544 | 2 Canonical, Gnu | 2 Ubuntu Linux, Aspell | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. | |||||
| CVE-2019-17451 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. | |||||
| CVE-2019-17450 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | |||||
| CVE-2019-16200 | 1 Gnu | 1 Serveez | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read. | |||||
| CVE-2019-16166 | 1 Gnu | 1 Cflow | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. | |||||
| CVE-2019-16165 | 1 Gnu | 1 Cflow | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU cflow through 1.6 has a use-after-free in the reference function in parser.c. | |||||
| CVE-2019-15847 | 2 Gnu, Opensuse | 2 Gcc, Leap | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same. | |||||
| CVE-2019-15767 | 1 Gnu | 1 Chess | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file. | |||||
| CVE-2019-15531 | 3 Debian, Fedoraproject, Gnu | 3 Debian Linux, Fedora, Libextractor | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. | |||||
| CVE-2019-14866 | 2 Gnu, Redhat | 2 Cpio, Enterprise Linux | 2024-11-21 | 6.9 MEDIUM | 7.3 HIGH |
| In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. | |||||
| CVE-2019-14444 | 4 Canonical, Gnu, Netapp and 1 more | 5 Ubuntu Linux, Binutils, Hci Management Node and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | |||||