VYPR

Vendor CVEs

GNU

All CVEs

1,137 total · sorted by risk
  • CVE-2017-16826HigNov 15, 2017
    risk 0.51cvss 7.8epss 0.02

    The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other…

  • CVE-2017-15996HigOct 29, 2017
    risk 0.51cvss 7.8epss 0.02

    elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized…

  • CVE-2017-15020HigOct 5, 2017
    risk 0.51cvss 7.8epss 0.02

    dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related…

  • CVE-2017-14745HigSep 26, 2017
    risk 0.51cvss 7.8epss 0.01

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and…

  • CVE-2017-14729HigSep 25, 2017
    risk 0.51cvss 7.8epss 0.02

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and…

  • CVE-2017-14333HigSep 12, 2017
    risk 0.51cvss 7.8epss 0.01

    The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of…

  • CVE-2017-12799HigAug 10, 2017
    risk 0.51cvss 7.8epss 0.03

    The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.

  • CVE-2017-12459HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted…

  • CVE-2017-12458HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file.

  • CVE-2017-12457HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file.

  • CVE-2017-12456HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.

  • CVE-2017-12455HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

  • CVE-2017-12454HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.

  • CVE-2017-12453HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

  • CVE-2017-12452HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.

  • CVE-2017-12451HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file.

  • CVE-2017-12450HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha…

  • CVE-2017-12449HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file.

  • CVE-2017-12448HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file.…

  • CVE-2017-9949HigJun 26, 2017
    risk 0.51cvss 7.8epss 0.02

    The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer…

  • CVE-2017-9755HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated…

  • CVE-2017-9754HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or…

  • CVE-2017-9753HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and…

  • CVE-2017-9752HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as…

  • CVE-2017-9751HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2017-9745HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other…

  • CVE-2017-9744HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified…

  • CVE-2017-9743HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2016-4973HigJun 7, 2017
    risk 0.51cvss 7.8epss 0.00

    Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.

  • CVE-2017-9043HigMay 18, 2017
    risk 0.51cvss 7.8epss 0.02

    readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9042HigMay 18, 2017
    risk 0.51cvss 7.8epss 0.02

    readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2015-8107HigApr 13, 2017
    risk 0.51cvss 7.8epss 0.03

    Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.

  • CVE-2017-5932HigMar 27, 2017
    risk 0.51cvss 7.8epss 0.00

    The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter.

  • CVE-2017-5618HigMar 20, 2017
    risk 0.51cvss 7.8epss 0.01

    GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.

  • CVE-2006-2362HigMay 15, 2006
    risk 0.51cvss 7.3epss 0.12

    Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted…

  • CVE-2016-6321HigDec 9, 2016
    risk 0.50cvss 7.5epss 0.15

    Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka…

  • CVE-2026-5928HigApr 20, 2026
    risk 0.49cvss 7.5epss 0.00

    Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated…

  • CVE-2026-1584HigApr 9, 2026
    risk 0.49cvss 7.5epss 0.01

    A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the…

  • CVE-2026-4046HigMar 30, 2026
    risk 0.49cvss 7.5epss 0.00

    The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by…

  • CVE-2026-4437HigMar 20, 2026
    risk 0.49cvss 7.5epss 0.00

    Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that…

  • CVE-2018-12934HigJun 28, 2018
    risk 0.49cvss 7.5epss 0.03

    remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.

  • CVE-2018-12698HigJun 23, 2018
    risk 0.49cvss 7.5epss 0.07

    demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of…

  • CVE-2018-12697HigJun 23, 2018
    risk 0.49cvss 7.5epss 0.05

    A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.

  • CVE-2018-6952HigFeb 13, 2018
    risk 0.49cvss 7.5epss 0.08

    A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

  • CVE-2018-6951HigFeb 13, 2018
    risk 0.49cvss 7.5epss 0.09

    An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.

  • CVE-2018-6003HigJan 22, 2018
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.

  • CVE-2017-15938HigOct 27, 2017
    risk 0.49cvss 7.5epss 0.05

    dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name…

  • CVE-2017-15602HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.

  • CVE-2017-15601HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.

  • CVE-2017-15600HigOct 18, 2017
    risk 0.49cvss 7.5epss 0.02

    In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.

Page 3 of 23