8 matches found
GNU Binutils format.c File Buffer Overflow Vulnerability
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
UBUNTU-CVE-2025-1153
A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfdsetformat of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The...
GNU Binutils 缓冲区错误漏洞
GNU Binutils GNU Binary Utilities is a set of programming language utility programs developed by the American GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
CVE-2020-13904
FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parseplaylist in libavformat/hls.c frees a pointer, and later that pointer is accessed in avprobeinputformat3 in libavformat/format.c...
CVE-2008-0072
CVE-2008-0072 is a format string vulnerability in Evolution (emf_multipart_encrypted/display path) that could allow arbitrary code execution when a crafted encrypted message is opened. Affected: Evolution 2.12.3 and earlier; root cause: improper handling of format strings in encrypted mail conten...
CVE-2007-0347
The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...
CVE-2007-0347
The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...
CVE-2007-0347
The iseow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" quote character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service database error via a ' character in certain messages, tickets, or Wiki entries...