GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

...

GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service

...

GNU Binutils objdump Memory Leak Vulnerability

GNU Binutils is a toolset for creating, assembling and linking programs. A memory leak vulnerability exists in GNU Binutils. The vulnerability stems from improper memory management in the displayinfo function in the bucomm.c file. No details of the vulnerability are provided at this time...

CLSA-2025-1744875112 gcc: Fix of CVE-2020-11023

CVE-2020-11023: Fix issue where untrusted HTML containing elements could execute untrusted code in DOM manipulation methods...

Medium: glibc

Issue Overview: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-0395 Affected...

CVE-2025-32776 OpenRazer Vulnerable to Out of Bounds Read

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory le...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-30203 DESCRIPTION: GNU Emacs could provide weaker than expected security,...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-42503 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of...

ABB Cylon Aspect 3.08.02 (bbmdUpdate.php) - Remote Code Execution

ABB Cylon Aspect 3.08.02 bbmdUpdate.php - Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable building energy management an...

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

ALSA-2025:3828 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

The GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service

...

[SECURITY] Fedora 42 Update: exim-4.98.2-1.fc42

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

CBL Mariner 2.0 Security Update: gdb (CVE-2022-48065)

The version of gdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48065 advisory. - GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function...

CBL Mariner 2.0 Security Update: gdb (CVE-2022-48064)

The version of gdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48064 advisory. - GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the functi...

The vulnerability of the bfd_mach_o_get_synthetic_symtab() function in the bfd/mach-o.c component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the bfdmachogetsyntheticsymtab function in the bfd/mach-o.c component of the GNU Binutils development environment is related to errors during variable initialization. Exploiting this vulnerability could allow an attacker to cause a service failure...