DEBIAN-CVE-2021-20284

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

CVE-2021-20284

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

CVE-2021-20284

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

Heap overflow

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

Open redirect

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

UBUNTU-CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

CVE-2021-20197

CVE-2021-20197 is a local race-condition vulnerability in GNU Binutils (affecting ar, objcopy, strip, ranlib) up to version 2.35. An unprivileged user can exploit a symlink-based race window when these tools run as a privileged user to gain ownership of arbitrary files. The provided documents con...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

CVE-2021-20284

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

CVE-2021-20284

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

CVE-2021-20284

CVE-2021-20284 affects GNU Binutils (version 2.35.1) with a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section (elf.c) caused by incorrect calculation of the number of symbols. The vulnerability is described as having a highest impact on availability. The provided materials iden...

OESA-2021-1090 screen security update

Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Security Fixes: encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly...

GNU Binutils 缓冲区错误漏洞

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A heap buffer overflow vulnerability exists in bfdelfslurpsecondaryrelocsection in elf.c in GNU Binutils version 2.35.1. The vulnerability stems fr...

Revive Adserver 跨站脚本漏洞

Revive Adserver is an open source ad server under the GNU General Public License license with an integrated banner management interface and a tracking system for collecting statistical information. A reflected cross-site scripting vulnerability exists in the statsBreakdown parameter in stats.php ...

TYPO3 cross-site scripting vulnerability (CNVD-2021-22139)

TYPO3 is a free and open source content management system written in PHP under the GNU General Public License. A cross-site scripting vulnerability exists in the database field used as descriptionColumn in TYPO3 versions prior to 10.4.14, 11.1.1. No detailed vulnerability details are available at...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : GNU Screen vulnerability (USN-4747-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4747-1 advisory. Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause...