Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2015-4041
The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-01-24
CVE-2015-4042
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-01-24
CVE-2019-3697
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions.
CVSS Score
7.7
EPSS Score
0.001
Published
2020-01-24
CVE-2020-6609
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-01-08
CVE-2020-6610
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2020-01-08
CVE-2020-6611
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
CVSS Score
6.5
EPSS Score
0.006
Published
2020-01-08
CVE-2020-6612
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
CVSS Score
8.1
EPSS Score
0.006
Published
2020-01-08
CVE-2020-6613
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.
CVSS Score
8.1
EPSS Score
0.006
Published
2020-01-08
CVE-2020-6614
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.
CVSS Score
8.1
EPSS Score
0.006
Published
2020-01-08
CVE-2020-6615
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
CVSS Score
6.5
EPSS Score
0.007
Published
2020-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved