GNU : Security Vulnerabilities, CVEs, Published In May 2019
An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a.
Max CVSS
8.8
EPSS Score
0.22%
Published
2019-05-01
Updated
2020-08-24
An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rec_type_check_enum at rec-types.c in librec.a.
Max CVSS
8.8
EPSS Score
0.22%
Published
2019-05-01
Updated
2020-08-24
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_field_name_equal_p at rec-field-name.c in librec.a, leading to a crash.
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-05-01
Updated
2019-05-01
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function rec_rset_get_props at rec-rset.c in librec.a, leading to a crash.
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-05-01
Updated
2019-05-01
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
Max CVSS
9.8
EPSS Score
5.37%
Published
2019-05-17
Updated
2020-08-24
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.
Max CVSS
8.1
EPSS Score
0.29%
Published
2019-05-22
Updated
2020-08-24
6 vulnerabilities found