Page 45 of 1071 results (0.016 seconds)

CVSS: 7.5EPSS: 1%CPEs: 33EXPL: 0

CVE-2021-3326 – glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

https://notcve.org/view.php?id=CVE-2021-3326

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. La función iconv en la biblioteca GNU C (también se conoce como glibc o libc6) versiones 2.32 y anteriores, cuando procesa secuencias de entrada no válidas en la codificación ISO-2022-JP-3, se produce un fallo una aserción en la ruta del código y aborta el programa, potencialmente resultando en una denegación de servicio A flaw was found in glibc's iconv() functionality. This flaw allows an attacker capable of supplying a crafted sequence of characters to an application using iconv() to convert from ISO-2022-JP-3 to cause an assertion failure. The highest threat from this vulnerability is to system availability. • http://www.openwall.com/lists/oss-security/2021/01/28/2 https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210304-0007 https://sourceware.org/bugzilla/show_bug.cgi?id=27256 https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https:/ • CWE-617: Reachable Assertion •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-35507

https://notcve.org/view.php?id=CVE-2020-35507

There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. Se presenta un fallo en bfd_pef_parse_function_stubs de bfd/pef.c en binutils en versiones anteriores a la 2.34 que podría permitir a un atacante que sea capaz de enviar un archivo crafteado para ser procesado por objdump causar una desviación de puntero NULL. La mayor amenaza de este defecto es la disponibilidad de la aplicación • https://bugzilla.redhat.com/show_bug.cgi?id=1911691 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-35496

https://notcve.org/view.php?id=CVE-2020-35496

There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. Se presenta un fallo en la función bfd_pef_scan_start_address() del archivo bfd/pef.c en binutils que podría permitir que un atacante que puede enviar un archivo diseñado para ser procesado por objdump cause una desreferencia del puntero NULL. La mayor amenaza de este fallo es la disponibilidad de la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1911444 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-35495

https://notcve.org/view.php?id=CVE-2020-35495

There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34. Se presenta un fallo en el archivo /bfd/pef.c de binutils. • https://bugzilla.redhat.com/show_bug.cgi?id=1911441 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-476: NULL Pointer Dereference •

CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-35494

https://notcve.org/view.php?id=CVE-2020-35494

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34. Se presenta un fallo en el archivo /opcodes/tic4x-dis.c de binutils. • https://bugzilla.redhat.com/show_bug.cgi?id=1911439 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-908: Use of Uninitialized Resource •