Lucene search
K

21 matches found

Cvelist
Cvelist
added 2026/06/12 5:4 a.m.32 views

CVE-2026-44892 Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, the default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify...

7.5CVSS0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47603

Name of the Vulnerable Software and Affected Versions Netty affected versions not specified Description The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec does not enforce a maximum header size limit. When a peer does not specify HTTP3 SETTINGS MAX FIELD SECTION SIZ...

7.5CVSS5.5AI score0.00279EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in binutils

The loadspecificdebugsection function in objdump.c within GNU Binutils, as of version 2.31.1, contains an integer overflow vulnerability that can trigger a heap-based buffer overflow if a crafted section size is used...

5.5CVSS6.8AI score0.01982EPSS
Exploits1References2
CloudLinux
CloudLinux
added 2026/04/29 7:7 a.m.10 views

gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

7.8CVSS6.7AI score0.02628EPSS
Exploits1
OSV
OSV
added 2026/04/29 7:7 a.m.5 views

CLSA-2026-1777446434 gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

7.8CVSS5.8AI score0.02628EPSS
Exploits1References1
OSV
OSV
added 2026/04/27 4:55 p.m.6 views

CLSA-2026-1777308938 gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

7.8CVSS5.8AI score0.02628EPSS
Exploits1References1
OSV
OSV
added 2026/04/21 5:11 p.m.4 views

CLSA-2026-1776693427 Fix CVE(s): CVE-2019-1010180

SECURITY UPDATE: buffer overflow when ELF section size is invalid - debian/patches/CVE-2019-1010180.patch: reject ELF sections whose recorded size exceeds the file size - CVE-2019-1010180...

7.8CVSS7.5AI score0.02628EPSS
Exploits1References1
OSV
OSV
added 2025/12/03 2:11 p.m.3 views

CLSA-2025-1764771100 Fix CVE(s): CVE-2019-1010180

SECURITY UPDATE: Buffer overflow when ELF section size is invalid - debian/patches/CVE-2019-1010180.patch: Skip processing invalid ELF sections - CVE-2019-1010180...

7.8CVSS5.9AI score0.02628EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/01/21 5:28 p.m.12 views

CVE-2024-57945

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Fix the out of bound issue of vmemmap address In sparse vmemmap model, the virtual address of vmemmap is calculated as: struct page VMEMMAPSTART - physrambase PAGESHIFT. And the struct page's va can be calculated with ...

5.5CVSS6.5AI score0.00208EPSS
Exploits0References4
OSV
OSV
added 2025/01/21 12:18 p.m.6 views

CVE-2024-57945 riscv: mm: Fix the out of bound issue of vmemmap address

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Fix the out of bound issue of vmemmap address In sparse vmemmap model, the virtual address of vmemmap is calculated as: struct page VMEMMAPSTART - physrambase PAGESHIFT. And the struct page's va can be calculated with ...

7.1CVSS5.9AI score0.00208EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2024/05/07 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2024:1462-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.3AI score0.04852EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.1 views

SUSE CVE-2018-20671

loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...

3.3CVSS7.3AI score0.01982EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.42 views

CentOS 8 : binutils (CESA-2021:4364)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4364 advisory. - binutils: Race window allows users to own arbitrary files CVE-2021-20197 - binutils: Heap-based buffer overflow in bfdgetlsigned32 in libbfd.c becaus...

6.3CVSS7AI score0.01287EPSS
Exploits2References4
AlmaLinux
AlmaLinux
added 2021/11/09 9:11 a.m.34 views

Moderate: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: Excessive debug...

6.3CVSS7.1AI score0.01287EPSS
Exploits2References4
OSV
OSV
added 2021/10/28 10:12 p.m.6 views

CLSA-2021-1635459149 Fix CVE(s): CVE-2021-3487

SECURITY UPDATE: - CVE-2021-3487.patch: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection. - CVE-2021-3487...

6.8AI score
Exploits0References1
OSV
OSV
added 2019/01/04 4:29 p.m.2 views

DEBIAN-CVE-2018-20671

loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...

5.5CVSS6.7AI score0.01982EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/01/04 4:0 p.m.36 views

CVE-2018-20671

loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...

6.4AI score0.01982EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2017/09/01 9:18 p.m.22 views

CVE-2017-13757

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to elfi386getsyntheticsymtab...

5.5CVSS5.2AI score0.01473EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/01/10 12:0 a.m.33 views

openSUSE Security Update : gstreamer-plugins-bad (openSUSE-2017-63)

This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes : - Check an integer overflow CVE-2016-9445 and initialize a buffer CVE-2016-9446 in vmncdec. bsc1010829 - CVE-2016-980...

7.8CVSS7.1AI score0.07903EPSS
Exploits1References9
OSV
OSV
added 2016/12/29 7:43 p.m.7 views

SUSE-SU-2016:3296-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes: - Check an integer overflow CVE-2016-9445 and initialize a buffer CVE-2016-9446 in vmncdec. bsc1010829 - CVE-2016-9809...

7.8CVSS6.7AI score0.07903EPSS
Exploits1References10
Rows per page
Query Builder