Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2019-14866
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
CVSS Score
6.7
EPSS Score
0.0
Published
2020-01-07
CVE-2019-20009
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
CVE-2019-20010
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-27
CVE-2019-20011
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-27
CVE-2019-20012
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
CVE-2019-20013
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
CVE-2019-20014
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-12-27
CVE-2019-20015
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-12-27
CVE-2015-8313
GnuTLS incorrectly validates the first byte of padding in CBC modes
CVSS Score
5.9
EPSS Score
0.011
Published
2019-12-20
CVE-2019-14865
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.
CVSS Score
5.9
EPSS Score
0.0
Published
2019-11-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved