Export limit exceeded: 367185 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (1261 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-7210 1 Gnu 1 Binutils 2025-04-20 N/A
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.
CVE-2017-1000383 1 Gnu 1 Emacs 2025-04-20 N/A
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
CVE-2017-1000366 8 Debian, Gnu, Mcafee and 5 more 26 Debian Linux, Glibc, Web Gateway and 23 more 2025-04-20 N/A
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
CVE-2016-8606 2 Fedoraproject, Gnu 2 Fedora, Guile 2025-04-20 N/A
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
CVE-2016-8605 2 Fedoraproject, Gnu 2 Fedora, Guile 2025-04-20 N/A
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected.
CVE-2016-7543 3 Fedoraproject, Gnu, Redhat 3 Fedora, Bash, Enterprise Linux 2025-04-20 N/A
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
CVE-2017-7223 1 Gnu 1 Binutils 2025-04-20 N/A
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
CVE-2017-7224 1 Gnu 1 Binutils 2025-04-20 N/A
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.
CVE-2016-4456 1 Gnu 1 Gnutls 2025-04-20 7.5 High
The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.
CVE-2016-6131 1 Gnu 1 Libiberty 2025-04-20 N/A
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
CVE-2016-5417 1 Gnu 1 Glibc 2025-04-20 N/A
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.
CVE-2016-4973 1 Gnu 1 Libssp 2025-04-20 N/A
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
CVE-2016-4493 1 Gnu 1 Libiberty 2025-04-20 N/A
The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.
CVE-2016-4492 1 Gnu 1 Libiberty 2025-04-20 N/A
Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.
CVE-2016-4491 1 Gnu 1 Libiberty 2025-04-20 N/A
The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."
CVE-2016-4490 1 Gnu 1 Libiberty 2025-04-20 N/A
Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.
CVE-2016-4489 1 Gnu 1 Libiberty 2025-04-20 N/A
Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."
CVE-2016-4488 1 Gnu 1 Libiberty 2025-04-20 N/A
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec."
CVE-2016-4487 1 Gnu 1 Libiberty 2025-04-20 N/A
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."
CVE-2016-2226 1 Gnu 1 Libiberty 2025-04-20 N/A
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.