Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2019-6456
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-16
CVE-2019-6457
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_aggregate_reg_new in rec-aggregate.c in librec.a.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-16
CVE-2019-6458
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_buf_new in rec-buf.c when called from rec_parse_rset in rec-parser.c in librec.a.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-16
CVE-2019-6459
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-16
CVE-2019-6460
An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_field_set_name() in the file rec-field.c in librec.a.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-01-16
CVE-2018-20712
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
CVSS Score
6.5
EPSS Score
0.01
Published
2019-01-15
CVE-2018-20673
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-01-04
CVE-2018-20671
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-01-04
CVE-2018-20657
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-01-02
CVE-2018-20651
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.
CVSS Score
5.5
EPSS Score
0.008
Published
2019-01-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved