The vulnerability of the GNU Binutils development tool, related to the handling of zero pointers, allows an attacker to execute a type of attack known as a “Denial-of-Service” (DoS) attack.

The vulnerability of the GNU Binutils development tool is related to a memory access error. Exploiting this vulnerability could allow an attacker to perform a type of attack known as a “Denial-of-Service” DoS attack while analyzing ELF files containing corrupted version information about symbols...

CVE-2023-0687

Removed by vendor...

PT-2023-1376 · Unknown +2 · Gnu C Library +2

Name of the Vulnerable Software and Affected Versions: GNU C Library version 2.38 Description: A critical issue has been identified in the GNU C Library, affecting the monstartup function of the gmon.c file in the Call Graph Monitor component. This issue leads to a buffer overflow. The inputs tha...

CVE-2023-25139

sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...

ALPINE-CVE-2023-25139

sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...

CVE-2023-25139

sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...

CVE-2023-25139

CVE-2023-25139 affects glibc 2.37. The issue is a buffer overflow in sprintf in certain scenarios when formatting a number with a buffer sized exactly for the string. For example, 1,234,567 padded to 13 may overflow by two bytes. The connected Siemens Tenable plugin repeats this description. The ...

GNU C Library 缓冲区错误漏洞

The GNU C Library glibc, libc6 is an open source, free C language compiler released under the LGPL license. A security vulnerability exists in the GNU C Library that stems from a buffer overflow out-of-bounds write in sprintf when certain buffer sizes are correct...

PT-2023-19717

Name of the Vulnerable Software and Affected Versions GNU Screen versions through 4.9.0 Description The issue allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. This occurs when GNU Screen is installed setuid or setgi...

ROS-20230203-03

A vulnerability in the GNU Binary Utilities binutils object code manipulation toolkit is related to a memory access error. Exploitation of the vulnerability could allow an attacker acting remotely to analyze an ELF file containing corrupted information. remotely, to analyze an ELF file containing...

CVE-2023-25139

sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...

ROS-20230203-01

A vulnerability in the GNU Tar archiver is related to the fromheader function in list.c via the V7 archive, in which mtime contains approximately 11 whitespace characters. Exploitation of the vulnerability could allow an attacker, acting remotely, to transmit special data to the application and...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU gzip (CVE-2022-1271)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU gzip due to an improper validation of file name by the zgrep utility. CVE-2022-1271 . The GNU gzip component is included as part of the Base OS image that is used by Watson Speech...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in GNU glibc (CVE-2021-3999)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in GNU glibc, due to improper bounds checking by the getcwd function. CVE-2021-3999. The GNU glibc component is included as part of the Base OS image that is used by Watson Speech Services...

Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2023-95d98f89a8)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for gmp (EulerOS-SA-2023-1255)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-gitui (FEDORA-2023-3ec32f6d4e)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for bindutils (EulerOS-SA-2023-1245)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...