Filtered by vendor Gnu
Subscriptions
Total
1093 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-10684 | 1 Gnu | 1 Ncurses | 2025-04-20 | N/A |
| In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack. | ||||
| CVE-2017-10790 | 1 Gnu | 1 Libtasn1 | 2025-04-20 | N/A |
| The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. | ||||
| CVE-2017-10791 | 1 Gnu | 1 Pspp | 2025-04-20 | N/A |
| There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-1000366 | 8 Debian, Gnu, Mcafee and 5 more | 26 Debian Linux, Glibc, Web Gateway and 23 more | 2025-04-20 | N/A |
| glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. | ||||
| CVE-2017-1000383 | 1 Gnu | 1 Emacs | 2025-04-20 | N/A |
| GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary. | ||||
| CVE-2016-9401 | 3 Debian, Gnu, Redhat | 9 Debian Linux, Bash, Enterprise Linux and 6 more | 2025-04-20 | 5.5 Medium |
| popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | ||||
| CVE-2016-8606 | 2 Fedoraproject, Gnu | 2 Fedora, Guile | 2025-04-20 | N/A |
| The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. | ||||
| CVE-2016-7543 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Bash, Enterprise Linux | 2025-04-20 | N/A |
| Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. | ||||
| CVE-2016-6131 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. | ||||
| CVE-2016-5417 | 1 Gnu | 1 Glibc | 2025-04-20 | N/A |
| Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures. | ||||
| CVE-2016-4492 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. | ||||
| CVE-2016-4456 | 1 Gnu | 1 Gnutls | 2025-04-20 | 7.5 High |
| The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. | ||||
| CVE-2016-4487 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." | ||||
| CVE-2016-4488 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." | ||||
| CVE-2016-4489 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." | ||||
| CVE-2016-4491 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." | ||||
| CVE-2016-4493 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. | ||||
| CVE-2016-4973 | 1 Gnu | 1 Libssp | 2025-04-20 | N/A |
| Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature. | ||||
| CVE-2016-2226 | 1 Gnu | 1 Libiberty | 2025-04-20 | N/A |
| Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. | ||||
| CVE-2016-10228 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-20 | N/A |
| The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | ||||