16981 matches found
CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
Design/Logic Flaw
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
UBUNTU-CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
CVE-2021-3549
CVE-2021-3549 concerns GNU Binutils’ objdump with an out-of-bounds flaw in processing large sections via avr_elf32_load_records_from_section(), potentially causing a crash or memory corruption. Affected product: GNU binutils (objdump) version 2.36. Impact includes possible integrity and availabil...
CVE-2021-3549
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...
PT-2021-7938 · Gnu +1 · Gnu Binutils +1
Name of the Vulnerable Software and Affected Versions: GNU binutils version 2.36 Description: An out of bounds flaw was found in the GNU binutils objdump utility. This issue is related to the avr elf32 load records from section function and can result in a crash or memory corruption if a large...
GNU Screen: User-assisted execution of arbitrary code
Background GNU Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Description It was discovered that GNU screen did not properly handle certain UTF-8 character sequences. Impact A remote attacker could entice a user...
Oracle Linux 8 : mailman:2.1 (ELSA-2021-1751)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1751 advisory. 3:2.1.29-11 - Fixes for CVE-2020-12108 and CVE-2020-15011 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 8 : bash (ELSA-2021-1679)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1679 advisory. 4.4.19-14 - Fix hang when limit for nproc is very high Resolves: 1890888 4.4.19-13 - Correctly drop saved UID when effective UID is not equal to its real UID...
DEBIAN-CVE-2021-33574
The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...
CVE-2021-33574
The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...
UBUNTU-CVE-2021-33574
The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...
CVE-2021-33574
The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...
PT-2021-5558 · Gnu +7 · Glibc +7
Name of the Vulnerable Software and Affected Versions: glibc versions 2.32 and 2.33 Description: The issue is related to the mq notify function in the GNU C Library, which has a use-after-free problem. This occurs when the function uses the notification thread attributes object, passed through it...
GNU cflow Resource Management Error Vulnerability (CNVD-2021-36540)
GNU cflow is a flowchart generator for the GNU community that reads C source files and generates externally referenced flowcharts. A resource management error vulnerability exists in cflow version 1.6, which stems from the existence of a post-release use of the callchar name, int line function in...
Fedora: Security Advisory for dotnet5.0 (FEDORA-2021-721731dc86)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: Multiple vulnerabilities in GNU binutils affect IBM Netezza Analytics
Summary GNU binutils is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs by upgrading GNU binutils to latest version 2.36.1 Vulnerability Details CVEID: CVE-2021-20284 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by a heap-based buff...