Filtered by vendor Gnu
Subscribe
Total
1090 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-5044 | 1 Gnu | 1 Libgfortran | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation. | |||||
CVE-2014-10375 | 1 Gnu | 1 Exosip | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. | |||||
CVE-2013-4412 | 3 Berlios, Debian, Gnu | 3 Slim, Debian Linux, Glibc | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
slim has NULL pointer dereference when using crypt() method from glibc 2.17 | |||||
CVE-2012-6711 | 2 Gnu, Redhat | 2 Bash, Enterprise Linux | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv(). | |||||
CVE-2012-0824 | 1 Gnu | 1 Gnusound | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
gnusound 0.7.5 has format string issue | |||||
CVE-2009-5155 | 2 Gnu, Netapp | 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | |||||
CVE-2006-7254 | 1 Gnu | 1 Glibc | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. | |||||
CVE-2005-3590 | 1 Gnu | 1 Glibc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory. | |||||
CVE-2002-2439 | 1 Gnu | 1 Gcc | 2024-11-20 | 4.6 MEDIUM | 7.8 HIGH |
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. | |||||
CVE-1999-0199 | 1 Gnu | 1 Glibc | 2023-12-14 | 7.5 HIGH | 9.8 CRITICAL |
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999. |