SUSE CVE-2015-8107

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code...

SUSE CVE-2015-8778

Integer overflow in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via the size argument to the hcreater function, which triggers out-of-bounds heap-memory access...

SUSE CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...

SUSE CVE-2015-8948

idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read...

SUSE CVE-2015-8972

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess aka gnuchess before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode...

SUSE CVE-2015-8982

Integer overflow in the strxfrm function in the GNU C Library aka glibc or libc6 before 2.21 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow...

SUSE CVE-2015-8983

Integer overflow in the IOwstroverflow function in libio/wstrops.c in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors related to computing a size in bytes, which...

SUSE CVE-2015-8985

The popfailstack function in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial of service assertion failure and application crash via vectors related to extended regular expression processing...

SUSE CVE-2016-3075

Stack-based buffer overflow in the nssdns implementation of the getnetbyname function in GNU C Library aka glibc before 2.24 allows context-dependent attackers to cause a denial of service stack consumption and application crash via a long name...

SUSE CVE-2016-4429

Stack-based buffer overflow in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 allows remote servers to cause a denial of service crash or possibly unspecified other impact via a flood of crafted ICMP and UDP packets...

SUSE CVE-2016-6131

The demangler in GNU Libiberty allows remote attackers to cause a denial of service infinite loop, stack overflow, and crash via a cycle in the references of remembered mangled types...

SUSE CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...

SUSE CVE-2016-6323

The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by applications compiled using gccg...

SUSE CVE-2016-7123

Cross-site request forgery CSRF vulnerability in the admin web interface in GNU Mailman before 2.1.15 allows remote attackers to hijack the authentication of administrators...

SUSE CVE-2016-8605

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Th...

SUSE CVE-2016-10325

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipmessagetostr function defined in osipparser2/osipmessagetostr.c, resulting in a remote DoS...

SUSE CVE-2016-10713

An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input file...

SUSE CVE-2017-5337

Multiple heap-based buffer overflows in the readattribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate...

SUSE CVE-2017-5357

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service crash via a malformed command, which triggers an invalid free...

SUSE CVE-2017-7223

GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow of size 1 while attempting to unget an EOF character from the input stream, potentially leading to a program crash...