CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1149 – GNU Binutils ld xmalloc.c xstrdup memory leak
https://notcve.org/view.php?id=CVE-2025-1149
10 Feb 2025 — A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. • https://sourceware.org/bugzilla/attachment.cgi?id=15887 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1148 – GNU Binutils ld ldelfgen.c link_order_scan memory leak
https://notcve.org/view.php?id=CVE-2025-1148
10 Feb 2025 — A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15887 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1147 – GNU Binutils nm nm.c internal_strlen buffer overflow
https://notcve.org/view.php?id=CVE-2025-1147
10 Feb 2025 — A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15881 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.3EPSS: 0%CPEs: 44EXPL: 1CVE-2025-0840 – GNU Binutils objdump.c disassemble_bytes stack-based overflow
https://notcve.org/view.php?id=CVE-2025-0840
29 Jan 2025 — A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15882 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0395 – Ubuntu Security Notice USN-7259-1
https://notcve.org/view.php?id=CVE-2025-0395
22 Jan 2025 — When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this iss... • https://sourceware.org/bugzilla/show_bug.cgi?id=32582 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56737
https://notcve.org/view.php?id=CVE-2024-56737
29 Dec 2024 — GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. • https://savannah.gnu.org/bugs/?66599 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56738
https://notcve.org/view.php?id=CVE-2024-56738
29 Dec 2024 — GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks. • https://savannah.gnu.org/bugs/?66603 • CWE-208: Observable Timing Discrepancy •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-53920 – Debian Security Advisory 5871-1
https://notcve.org/view.php?id=CVE-2024-53920
27 Nov 2024 — In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.) In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on un... • https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10524 – GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs
https://notcve.org/view.php?id=CVE-2024-10524
19 Nov 2024 — Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host. • https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c419542d956a2607bbce5df64b9d378a8588d778 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-39331 – emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
https://notcve.org/view.php?id=CVE-2024-39331
23 Jun 2024 — In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5. En Emacs anterior a 29.4, org-link-expand-abbrev en lisp/ol.el expande una abreviatura de enlace %(...) incluso cuando especifica una función no segura, como shell-command-to-string. Esto afecta al modo de organización anterior a 9.7.5. A flaw was found in Emacs. • https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •