6 matches found
EUVD-2018-9683
Malware in sbrugna...
CVE-2018-17942
The converttodecimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing...
Updated coreutils packages fix security vulnerabilities
A flaw was found in GNU Coreutils through 8.29 in chown-core.c. The functions chown and chgrp do not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...
Heap overflow
The converttodecimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing...
CVE-2018-17942
The converttodecimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing...
CVE-2018-17942
CVE-2018-17942 affects Gnulib’s convert_to_decimal (vasnprintf.c): a heap-based buffer overflow caused by not allocating space for the trailing null during %f processing. It impacts Gnulib prior to 2018-09-23; OSV and related advisories note a security update/fix. The CVSSv3 vector is CVSS:3.0/AV...