17 matches found
Astra Linux – Vulnerability in binutils
There is a flaw in binutils /bfd/pef.c. An attacker who can submit a crafted input file for processing by the objdump program could cause a null pointer dereference. The greatest threat of this flaw is to the availability of the application. This flaw affects binutils versions prior to 2.34...
GHSA-5PG7-F6XV-J6M4 vulnerabilities
Vulnerabilities for packages: openssl, libcrypto3-2.34...
EUVD-2026-13798
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...
CVE-2026-4438
The CVE-2026-4438 issue affects the GNU C Library (glibc) gethostbyaddr/gethostbyaddr_r when NSSwitch DNS backend is configured; versions 2.34–2.43 may return invalid DNS hostnames. Impact per sources is a DNS-spec violation; no exploitation details are provided in the documents. A patched versio...
CVE-2026-4438
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...
CVE-2026-4437
CVE-2026-4437 concerns glibc’s DNS response parsing. According to the initial document, calling gethostbyaddr/gethostbyaddr_r with a configured nsswitch.conf DNS backend in GNU C Library versions 2.34–2.43 can yield a crafted DNS response that violates the DNS specification, causing the applicati...
EUVD-2025-24031
Malicious code in bioql PyPI...
JVN#89385114: Seagate Toolkit registers a Windows service with an unquoted file path
Seagate Toolkit provided by Seagate Technology contains the following vulnerability. Unquoted search path or element CWE-428 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.4 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 6.7 CVE-2025-9043 Impact A user with...
UBUNTU-CVE-2020-19724
A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command...
SUSE CVE-2019-3005
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
SUSE CVE-2019-3031
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
DHIS 2 安全漏洞
DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A security vulnerability exists in DHIS 2 core versions 2.34, 2.35, 2.36, 2.37, 2.38, and 2.39, which originates from the fact that a DHIS 2 user who has the right...
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
...
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.
...
UBUNTU-CVE-2020-35496
There's a flaw in bfdpefscanstartaddress of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions...
Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37932)
Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. An unspecified vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker could exploit this vulnerability to compromise confidentiality, integrity, and...
Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37933)
Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. An unspecified vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker could exploit this vulnerability to compromise confidentiality, integrity, and...