CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14333 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14333
12 Sep 2017 — The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. La función process_version_sections en readelf.c en GNU Binutils 2.29 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de enteros y bloqueo debido a un bucle largo... • https://security.gentoo.org/glsa/201801-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12133 – Ubuntu Security Notice USN-4416-1
https://notcve.org/view.php?id=CVE-2017-12133
07 Sep 2017 — Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path. Vulnerabilidad de uso de memoria previamente liberada en la función clntudp_call en sunrpc/clnt_udp.c en GNU C Library (también conocida como glibc o libc6), en versiones anteriores a la 2.26, permite que atacantes remotos provoquen un impacto sin especificar mediante vectores relacionados co... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14129 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14129
04 Sep 2017 — The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. La función read_section en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, permite que atacantes remotos provoquen una denegación de servicio (s... • http://www.securityfocus.com/bid/100624 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14128 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14128
04 Sep 2017 — The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. La función decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, permite que atacantes remotos provoquen una denegación de servici... • http://www.securityfocus.com/bid/100623 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14130 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14130
04 Sep 2017 — The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. La función _bfd_elf_parse_attributes en elf-attrs.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, permite que atacantes remotos pr... • http://www.securityfocus.com/bid/100625 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14061
https://notcve.org/view.php?id=CVE-2017-14061
31 Aug 2017 — Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. Una vulnerabilidad de desbordamiento de enteros en la función _isBidi de bidi.c en Libidn2 en versiones anteriores a la 2.0.4 permite a los atacantes remotos provocar una denegación de servicio y posiblemente otro impacto no especificado. • https://gitlab.com/libidn/libidn2/blob/master/NEWS • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13757
https://notcve.org/view.php?id=CVE-2017-13757
29 Aug 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. La biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal y como se distribuye en GNU Binutils 2.29, no valida el tama... • http://www.securityfocus.com/bid/100532 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-13731 – Ubuntu Security Notice USN-5448-1
https://notcve.org/view.php?id=CVE-2017-13731
29 Aug 2017 — There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack. Existe un acceso ilegal a direcciones en la función postprocess_termcap() en parse_entry.c en ncurses 6.0 que podría acabar en un ataque de denegación de servicio remoto. It was discovered that ncurses was not properly checking array bounds when executing the fmt_entry function, which could result in an out-of-bounds write. An attacker could possibly u... • https://bugzilla.redhat.com/show_bug.cgi?id=1484285 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-13728 – Ubuntu Security Notice USN-5448-1
https://notcve.org/view.php?id=CVE-2017-13728
29 Aug 2017 — There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack. Existe un bucle infinito en la función next_char en comp_scan.c de ncurses 6.0 en relación con libtic. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. It was discovered that ncurses was not properly checking array bounds when executing the fmt_entry function, which could result in an out-o... • https://bugzilla.redhat.com/show_bug.cgi?id=1484274 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-13729 – Gentoo Linux Security Advisory 201804-13
https://notcve.org/view.php?id=CVE-2017-13729
29 Aug 2017 — There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack. Existe un acceso ilegal a direcciones en la función _nc_save_str en alloc_entry.c en ncurses 6.0. Esto podría permitir que se realice un ataque de denegación de servicio remoto. Multiple vulnerabilities have been found in ncurses, the worst of which allows remote attackers to execute arbitrary code. • https://bugzilla.redhat.com/show_bug.cgi?id=1484276 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •