CVE-2020-21813

Summary: CVE-2020-21813 affects GNU LibreDWG, specifically version 0.10.2641, with a heap-based buffer overflow exploitable via the function path output_TEXT in dwg2SVG.c:114. What is affected: LibreDWG 0.10.2641 (GNU LibreDWG). Root cause (as stated): heap-based buffer overflow in output_TEXT at...

CVE-2020-21813

A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via outputTEXT ../../programs/dwg2SVG.c:114...

GNU LibreDWG 缓冲区错误漏洞

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via htmlescape ... /... /programs/escape.c:46 to exploit the vulnerability and cause a heap buffer overflow...

GNU LibreDWG 缓冲区错误漏洞

LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via the bitreadB ... /... /src/bits.c:135 to exploit the vulnerability and cause a heap buffer overflow...

Linux kernel post-release reuse vulnerability

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in net/bluetooth/hcievent.c in Linux kernel versions prior to 5.12.4 when...

PT-2021-10675 · Gnu · Gnu Libredwg

Name of the Vulnerable Software and Affected Versions: GNU LibreDWG version 0.10 Description: A heap-based buffer overflow issue exists, which can be triggered via the read 2004 compressed section function in the decode.c file. Recommendations: For GNU LibreDWG version 0.10, consider applying a...

PT-2021-10684 · Gnu · Gnu Libredwg

Name of the Vulnerable Software and Affected Versions: GNU LibreDWG version 0.10 Description: An issue in GNU LibreDWG leads to a memory leak when crafted input is processed by the dwg decode eed function in the decode.c file. Recommendations: For GNU LibreDWG version 0.10, at the moment, there i...

USN-4954-1: GNU C Library vulnerabilities

Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service application crash or execute arbitrary code. CVE-2020-6096 It was...

USN-4954-1 glibc vulnerabilities

Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service application crash or execute arbitrary code. CVE-2020-6096 It was...

Ubuntu 16.04 LTS : GNU C Library vulnerabilities (USN-4954-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4954-1 advisory. Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow...

GNU Wget Input Validation Error Vulnerability

GNU Wget is a set of free software developed by the GNU Project developed by the Gnu Project for downloading over the Internet, which supports downloading over the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. An input validation error vulnerability exists in GNU Wget version 1.21.1 a...

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin a related issue to CVE-2018-1000007.

...

GNU Binutils Resource Management Error Vulnerability

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. A...

[SECURITY] Fedora 34 Update: exim-4.94.2-1.fc34

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

Fedora: Security Advisory for libmicrohttpd (FEDORA-2021-6d5578e756)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for libmicrohttpd (FEDORA-2021-5e10ad8c19)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability in the implementation of the read_header() function of the GNU Tar archive utility allows a hacker to trigger a service failure.

The vulnerability of the readheader function implementation in the GNU Tar archive viewer is related to the output of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created input file...

CVE-2021-3530

A flaw was discovered in GNU libiberty within demanglepath in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1790)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2021-1827)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...