CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6759 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-6759
06 Feb 2018 — The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file. La función bfd_get_debug_link_info_1 en opncls.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.2,30, tiene una operación strnlen... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6543 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-6543
02 Feb 2018 — In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. En GNU Binutils 2.30, hay un desbordamiento de enteros en la función load_specific_debug_section() en objdump.c, que resulta en "malloc()" con tamaño 0. Un archivo ELF manipulado permite que atacantes remotos provoquen una den... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-6323 – GNU binutils 2.26.1 - Integer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2018-6323
26 Jan 2018 — The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. La función elf_object_p en elfcode.h en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.2... • https://packetstorm.news/files/id/146365 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 2CVE-2018-5950 – mailman: Cross-site scripting (XSS) vulnerability in web UI
https://notcve.org/view.php?id=CVE-2018-5950
23 Jan 2018 — Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. Vulnerabilidad de Cross-Site Scripting (XSS) en la interfaz de usuario web en Mailman en versiones anteriores a la 2.1.26 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante una URL user-options. A cross-site scripting (XSS) flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, ... • https://packetstorm.news/files/id/159761 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2018-6003 – Debian Security Advisory 4106-1
https://notcve.org/view.php?id=CVE-2018-6003
22 Jan 2018 — An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. Se ha descubierto un problema en la función _asn1_decode_simple_ber en decoding.c en GNU Libtasn1, en versiones anteriores a la 4.13. La recursión no limitada en el descodificador BER conduce al agotamiento de la pila y a DoS. It was discovered that Libtasn1 incorrectly handled certain files. • http://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=c593ae84cfcde8fea45787e53950e0ac71e9ca97 • CWE-674: Uncontrolled Recursion •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 1CVE-2017-18018
https://notcve.org/view.php?id=CVE-2017-18018
04 Jan 2018 — In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. En GNU Coreutils hasta la versión 8.29, chown-core.c en chown y chgrp no evita que se sustituya un archivo plano con un symlink mientras se utilizan las opciones POSIX "-R -L", lo que permite a los usuarios locales modificar la propiedad de archivo... • http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000455
https://notcve.org/view.php?id=CVE-2017-1000455
02 Jan 2018 — GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix. GuixSD, antes del commit de Git con ID 5e66574a128937e7f2fcf146d146225703ccfd5d, empleaba vínculos físicos POSIX incorrectamente. Esto conducía a la creación de ejecutables setuid en "la tienda", infringiendo un supuesto de seguridad fundamental de GNU Guix. • https://lists.gnu.org/archive/html/guix-devel/2017-10/msg00090.html • CWE-346: Origin Validation Error •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17531 – Gentoo Linux Security Advisory 202008-02
https://notcve.org/view.php?id=CVE-2017-17531
14 Dec 2017 — gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. gozilla.c en GNU GLOBAL 4.8.6 no valida cadenas antes de iniciar el programa especificado por la variable de entorno BROWSER. Esto podría permitir que atacantes remotos lleven a cabo ataques de inyección de argumentos mediante una URL manipulada. A vulnerability in GNU GLOBAL was discove... • https://security-tracker.debian.org/tracker/CVE-2017-17531 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2017-1000408 – GNU C Library Dynamic Loader glibc ld.so - Memory Leak / Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-1000408
13 Dec 2017 — A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. Una fuga de memoria en glibc 2.1.1 (publicado el 24 de mayo de 1999) puede ser alcanzada y amplificada mediante la variable de entorno LD_HWCAP_MASK. Hay que tener en cuenta que muchas versiones de glibc no son vulnerables a este problema si se corrigen con el parche para ... • https://packetstorm.news/files/id/145391 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 3CVE-2017-1000409 – GNU C Library Dynamic Loader glibc ld.so - Memory Leak / Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-1000409
13 Dec 2017 — A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. Un desbordamiento de búfer en glibc 2.5 (publicado el 29 de septiembre de 2006) puede ser desencadenado mediante la variable de entorno LD_LIBRARY_PATH. Hay que tener en cuenta que muchas versiones de glibc no son vulnerables a este problema si se corrigen con el parche ... • https://packetstorm.news/files/id/145391 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •