CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

GNU : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000156 20 Exec Code 2018-04-06 2018-06-28
6.8
None Remote Medium Not required Partial Partial Partial
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
2 CVE-2018-1000097 119 Exec Code Overflow 2018-03-12 2018-04-13
6.8
None Remote Medium Not required Partial Partial Partial
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file..
3 CVE-2018-16430 125 2018-09-03 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
4 CVE-2018-11236 190 Exec Code Overflow 2018-05-18 2018-10-31
6.8
None Remote Medium Not required Partial Partial Partial
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
5 CVE-2018-7643 190 DoS Overflow 2018-03-02 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.
6 CVE-2018-7208 20 DoS 2018-02-17 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.
7 CVE-2018-6543 190 DoS Overflow 2018-02-02 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
8 CVE-2018-6323 190 DoS Overflow 2018-01-26 2018-02-16
6.8
None Remote Medium Not required Partial Partial Partial
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
9 CVE-2017-1000409 119 Overflow 2018-01-31 2018-02-15
6.9
None Local Medium Not required Complete Complete Complete
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
10 CVE-2017-18198 125 DoS 2018-02-24 2018-10-31
6.8
None Remote Medium Not required Partial Partial Partial
print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.
11 CVE-2017-17531 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
12 CVE-2017-17426 190 Overflow 2017-12-05 2017-12-15
6.8
None Remote Medium Not required Partial Partial Partial
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
13 CVE-2017-17126 119 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.
14 CVE-2017-17125 119 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.
15 CVE-2017-17124 119 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.
16 CVE-2017-17122 190 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.
17 CVE-2017-17121 119 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section.
18 CVE-2017-16832 190 DoS 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file.
19 CVE-2017-16831 190 DoS Overflow 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file.
20 CVE-2017-16830 190 DoS Overflow 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file.
21 CVE-2017-16829 125 DoS 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file.
22 CVE-2017-16828 190 DoS Overflow 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame.
23 CVE-2017-16827 119 DoS Overflow 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file.
24 CVE-2017-16826 119 DoS Overflow 2017-11-15 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file.
25 CVE-2017-15996 119 DoS Overflow 2017-10-29 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.
26 CVE-2017-15020 119 DoS Overflow 2017-10-04 2017-10-11
6.8
None Remote Medium Not required Partial Partial Partial
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.
27 CVE-2017-14745 190 DoS Overflow 2017-09-26 2017-09-29
6.8
None Remote Medium Not required Partial Partial Partial
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
28 CVE-2017-14729 119 DoS Overflow 2017-09-25 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
29 CVE-2017-14482 77 Exec Code 2017-09-14 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
30 CVE-2017-12799 119 DoS Overflow 2017-08-10 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
31 CVE-2017-12459 787 Exec Code 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file.
32 CVE-2017-12458 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file.
33 CVE-2017-12457 476 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file.
34 CVE-2017-12456 125 2017-08-04 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.
35 CVE-2017-12455 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.
36 CVE-2017-12454 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.
37 CVE-2017-12453 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.
38 CVE-2017-12452 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.
39 CVE-2017-12451 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file.
40 CVE-2017-12450 787 Exec Code 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file.
41 CVE-2017-12449 125 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file.
42 CVE-2017-12448 416 Exec Code 2017-08-04 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c.
43 CVE-2017-9756 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
44 CVE-2017-9755 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
45 CVE-2017-9754 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
46 CVE-2017-9753 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
47 CVE-2017-9752 119 DoS Overflow 2017-06-19 2017-06-26
6.8
None Remote Medium Not required Partial Partial Partial
bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file in the _bfd_vms_get_value and _bfd_vms_slurp_etir functions during "objdump -D" execution.
48 CVE-2017-9751 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
49 CVE-2017-9750 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
50 CVE-2017-9749 119 DoS Exec Code Overflow 2017-06-19 2018-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
Total number of vulnerabilities : 117   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.