Low: binutils

Issue Overview: In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file. CVE-2022-38533 Affected Packages: binutils Issue Correction: Run dnf update binutils --releasever 2023.0.20230322 o...

SUSE CVE-2012-4552

Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

EulerOS Virtualization 2.9.1 : binutils (EulerOS-SA-2023-1184)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain...

EulerOS 2.0 SP8 : binutils (EulerOS-SA-2022-2789)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Assertion fail in the displaydebugnames function in binutils/dwarf.c may lead to program crash and denial of service.CVE-2022-38126 An issue was...

CVE-2022-38533

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...

Heap overflow

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...

CVE-2022-38533

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...

CVE-2022-38533

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...

CVE-2022-38533

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...

osCommerce 跨站脚本漏洞

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce2 v2.3.4.1 previously had a security vulnerability that stemmed from a security issue with the function tepdberror. No detailed vulnerability details are available...

yasm error function denial of service vulnerability

yasm is yasm open source a completely rewritten Netwide assembler. A denial of service vulnerability exists in yasm version 1.3.0, which stems from a post-release reuse of the error function in modules/preprocs/nasm/nasm-pp.c. An attacker could exploit this vulnerability to cause a denial of...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the error function of modules/preprocs/nasm/nasm-pp.c. Exploiting this vulnerability is possible by opening a maliciously crafted file. Remediation There is no fixed version for yasm. References - GitHub Issue Credit:...

Code injection

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

CVE-2012-2142

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

CVE-2012-2142

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

Simple DirectMedia Layer Design Vulnerability

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A security vulnerability exists in the libSDL2.a file in SDL version 2.0.9. When used with libSDL2image.a in SDL2image 2.0.4. Invalid...

Poppler Buffer Overflow Vulnerability (CNVD-2019-14070)

Poppler is a C++ class library for generating PDF, the library is inherited from Xpdf PDF reader. A buffer overflow vulnerability exists in the 'error ' function of the Error.cc file in Poppler version 0.75.0, which originates from a networked system or product that performs an operation in memor...

CVE-2019-11026

FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc...

CVE-2019-11026

Poppler 0.75.0 is affected by CVE-2019-11026 due to FontInfoScanner::scanFonts in FontInfo.cc causing infinite recursion, which can trigger error handling. Publicly cited entries (e.g., REDHAT_UNPATCHED-POPPLER-RHEL8.NASL and related Nessus plugins) describe this as an unpatched vulnerability wit...

PT-2019-12146 · Poppler · Poppler

Name of the Vulnerable Software and Affected Versions: Poppler version 0.75.0 Description: The issue is related to infinite recursion in the FontInfoScanner::scanFonts function in FontInfo.cc, which leads to a call to the error function in Error.cc. Recommendations: For Poppler version 0.75.0, at...