Lucene search
K

16992 matches found

NVD
NVD
added 2020/08/25 2:15 p.m.13 views

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

7.1CVSS5.4AI score0.01265EPSS
Exploits0References3
OSV
OSV
added 2020/08/25 2:15 p.m.21 views

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

5.5CVSS6.8AI score
Exploits0References3
OSV
OSV
added 2020/08/25 2:15 p.m.2 views

ALPINE-CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

5.5CVSS7.1AI score0.01265EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/08/25 2:15 p.m.35 views

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

7.1CVSS6.1AI score0.01265EPSS
Exploits0References2
Prion
Prion
added 2020/08/25 2:15 p.m.18 views

Design/Logic Flaw

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

7.1CVSS5.4AI score0.01265EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/08/25 2:15 p.m.2 views

UBUNTU-CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

5.5CVSS6.1AI score0.01265EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/08/25 1:45 p.m.23 views

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

5.3AI score0.01265EPSS
Exploits0References3
CVE
CVE
added 2020/08/25 1:45 p.m.94 views

CVE-2020-24240

CVE-2020-24240 concerns GNU Bison before 3.7.1, which contains a use-after-free in _obstack_free (lib/obstack.c) when a NULL byte is encountered during gram_lex. The risk is limited to cases where Bison processes untrusted input, and the observed behavior was primarily a crash in Bison itself, no...

7.1CVSS5.3AI score0.01265EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2020/08/25 1:45 p.m.28 views

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

7.1CVSS5.7AI score0.01265EPSS
Exploits0
GitLab Advisory Database
GitLab Advisory Database
added 2020/08/25 12:0 a.m.24 views

Use After Free

GNU Bison has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was...

7.1CVSS0.6AI score0.01265EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2020/08/21 9:30 p.m.86 views

SecGen - Create Randomly Insecure VMs

SecGen creates vulnerable virtual machines, lab environments, and hacking challenges, so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines that can ...

7.6AI score
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.5 views

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that when processed by the glob function would potentially lead to arbitrary code execution. This was fixed in version 2.32.

...

7CVSS7AI score0.00535EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.8 views

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default if Bash is run with its effective UID not equal to its real UID it will drop privileges by setting its effective UID to its real UID. However it does so incorrectly. On Linux and other systems that support "saved UID" functionality the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin which can be a shared object that calls setuid() and therefore regains privileges. However binaries running with an effective UID of 0 are unaffected.

...

7.8CVSS6.9AI score0.02608EPSS
Exploits5
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c as demonstrated by nm.

...

6.5CVSS7.2AI score0.02396EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example within a single execution of a program the output of every __builtin_darn() call may be the same.

...

7.5CVSS7.8AI score0.03207EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.4 views

In GNU patch through 2.7.6 the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.

...

5.9CVSS6.3AI score0.03927EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow.

...

5.5CVSS6.7AI score0.02317EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.4 views

In the GNU C Library (aka glibc or libc6) through 2.28 attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

...

7.5CVSS7.8AI score0.05532EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault associated with a NULL pointer dereference leading to a denial of service in the intuit_diff_type function in pch.c aka a "mangled rename" issue.

...

7.5CVSS6.4AI score0.08585EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.7 views

In the GNU C Library (aka glibc or libc6) through 2.28 the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters which could lead applications to incorrectly assume that it had parsed a valid string without the possibility of embedded HTTP headers or other potentially dangerous substrings.

...

5.3CVSS5.9AI score0.00479EPSS
Exploits0
Rows per page
Query Builder