SUSE CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

SUSE CVE-2019-1010180

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet...

SUSE CVE-2019-1010204

GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...

SUSE CVE-2020-6610

GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in readsectionsmap in decoder2007.c...

SUSE CVE-2020-9366

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact...

SUSE CVE-2020-12108

/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection...

SUSE CVE-2020-15011

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page...

SUSE CVE-2020-16599

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35, in bfdelfgetsymbolversionstring, as demonstrated in nm-new, that can cause a denial of service via a crafted file...

SUSE CVE-2020-21815

A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via outputTEXT ../../programs/dwg2SVG.c:114, which causes a denial of service application crash...

SUSE CVE-2020-21818

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48...

SUSE CVE-2020-21816

A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46...

SUSE CVE-2020-21819

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51...

SUSE CVE-2020-21830

A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bitcalcCRC ../../src/bits.c:2213...

SUSE CVE-2020-21832

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004compressedsection ../../src/decode.c:2417...

SUSE CVE-2020-21831

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004sectionhandles ../../src/decode.c:2637...

SUSE CVE-2020-21836

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004sectionpreview ../../src/decode.c:3175...

SUSE CVE-2020-21838

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionappinfo ../../src/decode.c:2842...

SUSE CVE-2020-21839

An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwgdecodeeed ../../src/decode.c:3638...

SUSE CVE-2020-21840

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bitsearchsentinel ../../src/bits.c:1985...

SUSE CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...