Page 77 of 1071 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2018-20430

https://notcve.org/view.php?id=CVE-2018-20430

GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. GNU Libextractor, hasta la versión 1.8, tiene una vulnerabilidad de lectura fuera de límites en la función history_extract() en plugins/ole2_extractor.c, relacionada con EXTRACTOR_common_convert_to_utf8 en common/convert.c. • http://www.securityfocus.com/bid/106300 https://gnunet.org/bugs/view.php?id=5493 https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110 https://gnunet.org/git/libextractor.git/tree/ChangeLog https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html https://www.debian.org/security/2018/dsa-4361 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2018-20431

https://notcve.org/view.php?id=CVE-2018-20431

GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. GNU Libextractor, hasta la versión 1.8, tiene una desreferencia de puntero NULL en la función process_metadata() en plugins/ole2_extractor.c. • http://www.securityfocus.com/bid/106300 https://gnunet.org/bugs/view.php?id=5494 https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7 https://gnunet.org/git/libextractor.git/tree/ChangeLog https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html https://www.debian.org/security/2018/dsa-4361 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

CVE-2018-1000876 – binutils: integer overflow leads to heap-based buffer overflow in objdump

https://notcve.org/view.php?id=CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f. binutils, en versiones 2.32 y anteriores, contiene una vulnerabilidad de desbordamiento de enteros en objdump, bfd_get_dynamic_reloc_upper_bound y bfd_canonicalize_dynamic_reloc que puede resultar en un desbordamiento de enteros que desencadena un desbordamiento de memoria dinámica (heap). Si se explota con éxito, podría conducir a la ejecución de código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/106304 https://access.redhat.com/errata/RHSA-2019:2075 https://sourceware.org/bugzilla/show_bug.cgi?id=23994 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=3a551c7a1b80fca579461774860574eabfd7f18f https://usn.ubuntu.com/4336-1 https://access.redhat.com/security/cve/CVE-2018-1000876 https://bugzilla. • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2018-20230

https://notcve.org/view.php?id=CVE-2018-20230

An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Se ha descubierto un problema en PSPP 1.2.0. Hay un desbordamiento de búfer basado en pila en la función read_bytes_internal en utilities/pspp-dump-sav.c que permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) o, posiblemente, provocar cualquier otro tipo de problema. • https://bugzilla.redhat.com/show_bug.cgi?id=1660318 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

CVE-2018-20002

https://notcve.org/view.php?id=CVE-2018-20002

The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. La función _bfd_generic_read_minisymbols en syms.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31, tiene una fuga de memoria mediante un archivo ELF manipulado, que conduce a una denegación de servicio (consumo de memoria), tal y como queda demostrado con nm. • http://www.securityfocus.com/bid/106142 https://security.gentoo.org/glsa/201908-01 https://security.netapp.com/advisory/ntap-20190221-0004 https://sourceware.org/bugzilla/show_bug.cgi?id=23952 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9 https://support.f5.com/csp/article/K62602089 https://usn.ubuntu.com/4336-1 • CWE-772: Missing Release of Resource after Effective Lifetime •