Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2017-13733
There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-08-29
CVE-2017-13734
There is an illegal address access in the _nc_safe_strcat function in strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-08-29
CVE-2017-13716
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).
CVSS Score
5.5
EPSS Score
0.002
Published
2017-08-28
CVE-2016-0634
The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.
CVSS Score
7.5
EPSS Score
0.014
Published
2017-08-28
CVE-2014-9483
Emacs 24.4 allows remote attackers to bypass security restrictions.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-08-28
CVE-2017-13710
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-08-27
CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-08-25
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
CVSS Score
7.5
EPSS Score
0.013
Published
2017-08-25
CVE-2017-12836
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
CVSS Score
7.5
EPSS Score
0.04
Published
2017-08-24
CVE-2017-12967
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-08-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved