Gnu: Security Vulnerabilities
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.
CVSS Score
7.8
EPSS Score
0.008
Published
2019-11-13
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
CVSS Score
7.8
EPSS Score
0.007
Published
2019-11-11
slim has NULL pointer dereference when using crypt() method from glibc 2.17
CVSS Score
7.5
EPSS Score
0.009
Published
2019-11-04
Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-23
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.
CVSS Score
7.5
EPSS Score
0.025
Published
2019-10-22
idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
CVSS Score
9.8
EPSS Score
0.024
Published
2019-10-21
GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-17
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-10-14
There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
CVSS Score
5.4
EPSS Score
0.001
Published
2019-10-14
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
CVSS Score
9.1
EPSS Score
0.004
Published
2019-10-14