16954 matches found
CVE-2025-7546 GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write
A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has bee...
CVE-2025-7545
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...
CVE-2025-7545
GNU Binutils 2.45 contains a heap-based buffer overflow in the function copy_section (binutils/objcopy.c). The issue requires local access to exploit. Public disclosure of the exploit exists. A patch identified as 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944 has been released and should be applied to...
CVE-2025-7545 GNU Binutils objcopy.c copy_section heap-based overflow
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...
CVE-2025-7545 GNU Binutils objcopy.c copy_section heap-based overflow
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...
CVE-2025-45582
A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the ‘--keep-old-files’ ‘-k’, the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to...
GNU Binutils 缓冲区错误漏洞
GNU Binutils is a set of open source tools for working with binaries such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A buffer overflow vulnerability exists in GNU Binutils, which stems from the failure of the...
SUSE CVE-2025-45582
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
CVE-2025-45582
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
AZL-65082 CVE-2025-45582 affecting package tar 1.35-2
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
CVE-2025-45582
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
UBUNTU-CVE-2025-45582
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().
...
Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2025-1770)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-45582
CVE-2025-45582 (GNU Tar) : GNU Tar up to 1.35 allows file overwrite via a two-step directory traversal attack. An attacker can craft two archives: first to place a ../ symlink to a sensitive directory, second to target a critical file by a relative path beginning with the symlink, causing the ext...
PT-2025-29264
Name of the Vulnerable Software and Affected Versions: GNU Tar versions through 1.35 Description: GNU Tar through version 1.35 is susceptible to a directory traversal vulnerability that allows for file overwrites within crafted TAR archives. The vulnerability requires a two-step process: first,...
CVE-2025-45582
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
CVE-2025-45582
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
...
CVE-2025-45582
Removed by vendor...