Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers...

openSUSE: Security Advisory for go1.13 (openSUSE-SU-2020:1087-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python27 (FEDORA-2020-e9251de272)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Platform Software clients.

Summary GNU Binutils is used by IBM Netezza Platform Software. IBM Netezza Platform Software has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-17450 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by an infinite recursion in findabstractinstance in...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2020-41850)

GNU LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in the decodeR13R2000 of the decode.c file in GNU LibreDWG version 0.9.3 and earlier. The vulnerability stems from a networked system or product performing operations in memory without...

Security Bulletin: GNU C library (glibc) vulnerabilities affect IBM SmartCloud Entry (CVE-2014-8121)

Summary IBM SmartCloud Entry is vulnerable to GNU C library glibc vulnerabilities. Remote attackers can exploit them to cause the application to enter into an infinite loop. Vulnerability Details CVEID: CVE-2014-8121 DESCRIPTION: GNU C Library glibc is vulnerable to a denial of service, caused by...

CVE-2020-15807

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files...

CVE-2020-15807

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files...

Null pointer dereference

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files...

CVE-2020-15807

GNU LibreDWG (C library) prior to version 0.11 is affected by a NULL pointer dereference when processing crafted input files. This vulnerability, CVE-2020-15807, is documented across multiple feeds (NVD entry notes a NULL pointer dereference; Red Hat/SUSE/CNVD mirrors echo the same description). ...

CVE-2020-15807

GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files...

SecGen

This is a Ruby application called SecGen, which creates vulnerable virtual machines for learning and practicing security penetration testing techniques. The application uses Vagrant, Puppet, and Ruby to generate randomly vulnerable virtual machines based on a scenario specification. The scenario...

CVE-2019-20914

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwgencodecommonentityhandledata in commonentityhandledata.spec...

CVE-2019-20910

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decodeR13R2000 in decode.c, a different vulnerability than CVE-2019-20011...

CVE-2019-20911

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bitcalcCRC in bits.c, related to a for loop...

CVE-2019-20911

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bitcalcCRC in bits.c, related to a for loop...

CVE-2019-20914

An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwgencodecommonentityhandledata in commonentityhandledata.spec...

CVE-2019-20913

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwgencodeentity in commonentitydata.spec...

CVE-2019-20915

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...

CVE-2019-20912

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bitreadTF...