SUSE CVE-2019-9073

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in bfdelfslurpversiontables in elf.c...

SUSE CVE-2019-9074

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c...

SUSE CVE-2019-9076

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elfreadnotes in elf.c...

SUSE CVE-2019-9200

A heap-based buffer underwrite exists in ImageStream::getLine located at Stream.cc in Poppler 0.74.0 that can for example be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impa...

SUSE CVE-2019-9903

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find located at Dict.cc, which can for example be triggered by passing a crafted pdf file to the pdfunite binary...

SUSE CVE-2019-11191

The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist because installexeccreds is called too late in loadaoutbinary in fs/binfmtaout.c, and thus the ptracemayaccess check has a race condition...

SUSE CVE-2019-11696

Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability...

SUSE CVE-2019-12972

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in bfddoprnt in bfd.c because elfobjectp in elfcode.h mishandles an eshstrndx section of type SHTGROUP by omitting a trailing '\0' character...

SUSE CVE-2019-17450

findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

SUSE CVE-2019-17451

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in bfddwarf2findnearestline in dwarf2.c, as demonstrated by nm...

SUSE CVE-2019-18797

LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operatorSass::BinaryExpression in eval.cpp...

SUSE CVE-2020-5419

RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking...

SUSE CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary...

SUSE CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

SUSE CVE-2020-10931

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service daemon crash via a crafted binary protocol header to tryreadcommandbinary in memcached.c...

SUSE CVE-2020-16590

A double free vulnerability exists in the Binary File Descriptor BFD aka libbrd in GNU Binutils 2.35 in the processsymboltable, as demonstrated in readelf, via a crafted file...

SUSE CVE-2020-16591

A Denial of Service vulnerability exists in the Binary File Descriptor BFD in GNU Binutils 2.35 due to an invalid read in processsymboltable, as demonstrated in readeif...

SUSE CVE-2020-16592

A use after free issue exists in the Binary File Descriptor BFD library aka libbfd in GNU Binutils 2.34 in bfdhashlookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file...

SUSE CVE-2020-16593

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35, in scanunitforsymbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file...

SUSE CVE-2020-16599

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35, in bfdelfgetsymbolversionstring, as demonstrated in nm-new, that can cause a denial of service via a crafted file...