CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2019-9071 – Gentoo Linux Security Advisory 202107-24
https://notcve.org/view.php?id=CVE-2019-9071
24 Feb 2019 — An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils 2.32. Es un problema de consumo de pila en d_count_templates_scopes en cp-demangle.c tras numerosas llamadas recursivas. USN-4336-1 fixed several vulnerabilities in GNU binutils. • http://www.securityfocus.com/bid/107147 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9074 – Gentoo Linux Security Advisory 202107-24
https://notcve.org/view.php?id=CVE-2019-9074
24 Feb 2019 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es una lectura fuera de límites que conduce a un SEGV en bfd_getl32 en libbfd.c, cuando se llama desde pe... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-9076 – Gentoo Linux Security Advisory 202107-24
https://notcve.org/view.php?id=CVE-2019-9076
24 Feb 2019 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un intento de asignación de memoria excesiva en elf_read_notes en elf.c. Multiple vulnerabilities have been found in Binutils, the worst of which could result in... • https://security.gentoo.org/glsa/202107-24 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-7309 – Gentoo Linux Security Advisory 202006-04
https://notcve.org/view.php?id=CVE-2019-7309
03 Feb 2019 — In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled. En GNU C Library (también conocido como glibc o libc6), hasta la versión 2.29, la función memcmp para la arquitectura x32 puede devolver cero (indicando que las entradas son iguales) de manera incorrecta debido a que el bit de RDX más significativo se gestiona incorrectamente. Multiple vulne... • http://www.securityfocus.com/bid/106835 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10739 – glibc: getaddrinfo should reject IP addresses with trailing characters
https://notcve.org/view.php?id=CVE-2016-10739
21 Jan 2019 — In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. En la biblioteca GNU C Library (también conocida como glibc o libc6) hasta la versión 2.28, la función getaddrinfo analiza exitosamente un... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6488 – Gentoo Linux Security Advisory 202006-04
https://notcve.org/view.php?id=CVE-2019-6488
18 Jan 2019 — The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy. El componente string en GNU C Library (también conocido como glibc o libc6) hasta la versión 2.28, cuando se ej... • http://www.securityfocus.com/bid/106671 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6457
https://notcve.org/view.php?id=CVE-2019-6457
16 Jan 2019 — An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a. Se ha descubierto un problema en GNU Recutils 1.8. Hay una fuga de memoria en rec_aggregate_reg_new en rec-aggregate.c en librec.a. • https://github.com/TeamSeri0us/pocs/tree/master/recutils • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6458 – Ubuntu Security Notice USN-7137-1
https://notcve.org/view.php?id=CVE-2019-6458
16 Jan 2019 — An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a. Se ha descubierto un problema en GNU Recutils 1.8. Hay una fuga de memoria en rec_buf_new en rec-buf.c cuando se llama desde rec_parse_rset en rec-parser.c en librec.a. It was discovered that recutils incorrectly handled memory when parsing comments with the recparser utility. • https://github.com/TeamSeri0us/pocs/tree/master/recutils • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6460
https://notcve.org/view.php?id=CVE-2019-6460
16 Jan 2019 — An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a. Se ha descubierto un problema en GNU Recutils 1.8. Hay una desreferencia de puntero NULL en la función rec_field_set_name() en el archivo rec-field.c de librec.a. • https://github.com/TeamSeri0us/pocs/tree/master/recutils • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6456
https://notcve.org/view.php?id=CVE-2019-6456
16 Jan 2019 — An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. Se ha descubierto un problema en GNU Recutils 1.8. Hay una desreferencia de puntero NULL en la función rec_fex_size() en el archivo rec-fex.c de librec.a. • https://github.com/TeamSeri0us/pocs/tree/master/recutils • CWE-476: NULL Pointer Dereference •