Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in binutils

There is a flaw in binutils /bfd/pef.c. An attacker who can submit a crafted input file for processing by the objdump program could cause a null pointer dereference. The greatest threat of this flaw is to the availability of the application. This flaw affects binutils versions prior to 2.34...

5.5CVSS6.4AI score0.01156EPSS
Exploits1References2
Chainguard
Chainguard
added 2026/06/11 1:18 p.m.6 views

GHSA-5PG7-F6XV-J6M4 vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...

5.9AI score
Exploits0
EUVD
EUVD
added 2026/03/20 9:31 p.m.6 views

EUVD-2026-13798

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References2
CVE
CVE
added 2026/03/20 7:59 p.m.29 views

CVE-2026-4438

The CVE-2026-4438 issue affects the GNU C Library (glibc) gethostbyaddr/gethostbyaddr_r when NSSwitch DNS backend is configured; versions 2.34–2.43 may return invalid DNS hostnames. Impact per sources is a DNS-spec violation; no exploitation details are provided in the documents. A patched versio...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/20 7:59 p.m.13 views

CVE-2026-4438

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/20 7:59 p.m.36 views

CVE-2026-4437

CVE-2026-4437 concerns glibc’s DNS response parsing. According to the initial document, calling gethostbyaddr/gethostbyaddr_r with a configured nsswitch.conf DNS backend in GNU C Library versions 2.34–2.43 can yield a crafted DNS response that violates the DNS specification, causing the applicati...

7.5CVSS5.8AI score0.00292EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24031

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00245EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/14 12:0 a.m.7 views

JVN#89385114: Seagate Toolkit registers a Windows service with an unquoted file path

Seagate Toolkit provided by Seagate Technology contains the following vulnerability. Unquoted search path or element CWE-428 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.4 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 6.7 CVE-2025-9043 Impact A user with...

6.7CVSS7.8AI score0.00135EPSS
Exploits0
OSV
OSV
added 2023/08/22 7:16 p.m.2 views

UBUNTU-CVE-2020-19724

A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command...

5.5CVSS6.3AI score0.00275EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:18 a.m.2 views

SUSE CVE-2019-3005

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6CVSS6.3AI score0.0056EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.2 views

SUSE CVE-2019-3031

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

6CVSS6.2AI score0.00898EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.5 views

DHIS 2 安全漏洞

DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A security vulnerability exists in DHIS 2 core versions 2.34, 2.35, 2.36, 2.37, 2.38, and 2.39, which originates from the fact that a DHIS 2 user who has the right...

7.2CVSS7AI score0.006EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2021/01/07 8:0 a.m.3 views

There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

...

5.5CVSS7AI score0.01156EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2021/01/07 8:0 a.m.3 views

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

...

5.5CVSS7AI score0.01129EPSS
Exploits1
OSV
OSV
added 2021/01/04 3:15 p.m.2 views

UBUNTU-CVE-2020-35496

There's a flaw in bfdpefscanstartaddress of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions...

5.5CVSS5.8AI score0.01141EPSS
Exploits1References2
CNVD
CNVD
added 2019/10/17 12:0 a.m.2 views

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37932)

Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. An unspecified vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker could exploit this vulnerability to compromise confidentiality, integrity, and...

8.8CVSS6.7AI score0.00614EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/17 12:0 a.m.3 views

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37933)

Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. An unspecified vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker could exploit this vulnerability to compromise confidentiality, integrity, and...

8.2CVSS6.7AI score0.00884EPSS
Exploits0References1
Rows per page
Query Builder