Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-4490

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-24 Feb, 2017 | 20:00
Updated At-06 Aug, 2024 | 00:32
Rejected At-
Credits

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:24 Feb, 2017 | 20:00
Updated At:06 Aug, 2024 | 00:32
Rejected At:
▼CVE Numbering Authority (CNA)

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/05/5
mailing-list
x_refsource_MLIST
http://www.securityfocus.com/bid/90019
vdb-entry
x_refsource_BID
Hyperlink: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2016/05/05/5
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.securityfocus.com/bid/90019
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2016/05/05/5
mailing-list
x_refsource_MLIST
x_transferred
http://www.securityfocus.com/bid/90019
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2016/05/05/5
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.securityfocus.com/bid/90019
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:24 Feb, 2017 | 20:59
Updated At:20 Apr, 2025 | 01:37

Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.5MEDIUM
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches

GNU
gnu
>>libiberty>>*
cpe:2.3:a:gnu:libiberty:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2016/05/05/5cve@mitre.org
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/90019cve@mitre.org
N/A
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498cve@mitre.org
Issue Tracking
http://www.openwall.com/lists/oss-security/2016/05/05/5af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/90019af854a3a-2127-422b-91ae-364da2661108
N/A
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Hyperlink: http://www.openwall.com/lists/oss-security/2016/05/05/5
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/90019
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
Source: cve@mitre.org
Resource:
Issue Tracking
Hyperlink: http://www.openwall.com/lists/oss-security/2016/05/05/5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/90019
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70498
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking

Change History

0
Information is not available yet

Similar CVEs

348Records found

CVE-2017-9778
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.30% / 52.64%
||
7 Day CHG~0.00%
Published-21 Jun, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.

Action-Not Available
Vendor-n/aGNU
Product-gdbn/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-9039
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 57.26%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-9041
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.48% / 64.24%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9040
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.47% / 63.82%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-9038
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 57.26%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-8421
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.80%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-7299
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 49.21%
||
7 Day CHG~0.00%
Published-29 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-6965
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.25% / 48.48%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 08:55
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7209
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-21 Mar, 2017 | 06:21
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-7210
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-21 Mar, 2017 | 06:21
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7224
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.30% / 52.42%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-39521
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.86%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-6966
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 50.83%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 08:55
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-416
Use After Free
CVE-2017-18199
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 59.51%
||
7 Day CHG~0.00%
Published-24 Feb, 2018 | 06:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

Action-Not Available
Vendor-n/aGNU
Product-libcdion/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-17123
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 62.35%
||
7 Day CHG~0.00%
Published-04 Dec, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-17440
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.00% / 76.09%
||
7 Day CHG~0.00%
Published-06 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c.

Action-Not Available
Vendor-n/aGNU
Product-libextractorn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-17080
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.35%
||
7 Day CHG~0.00%
Published-30 Nov, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15939
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 55.63%
||
7 Day CHG~0.00%
Published-27 Oct, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-15922
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 39.49%
||
7 Day CHG~0.00%
Published-26 Oct, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.

Action-Not Available
Vendor-n/aGNU
Product-libextractorn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-39523
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.86%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 15:26
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-21834
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.24%
||
7 Day CHG~0.00%
Published-17 May, 2021 | 20:25
Updated-04 Aug, 2024 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-15225
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.23% / 45.31%
||
7 Day CHG~0.00%
Published-10 Oct, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-13730
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 53.34%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.

Action-Not Available
Vendor-n/aGNU
Product-ncursesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-6610
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.53% / 66.21%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 20:43
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-libredwgbackportsleapn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-6455
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 37.87%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 18:00
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function rec_mset_elem_destroy() in the file rec-mset.c.

Action-Not Available
Vendor-n/aGNU
Product-recutilsn/a
CWE ID-CWE-415
Double Free
CVE-2017-9955
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 53.34%
||
7 Day CHG-0.08%
Published-26 Jun, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-15707
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-5.7||MEDIUM
EPSS-0.03% / 7.87%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 17:45
Updated-17 Sep, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.

Action-Not Available
Vendor-NetApp, Inc.UbuntuGNUSUSEDebian GNU/LinuxMicrosoft CorporationRed Hat, Inc.openSUSECanonical Ltd.
Product-grub2windows_server_2016ubuntu_linuxwindows_server_2012enterprise_linux_atomic_hostwindows_8.1debian_linuxopenshift_container_platformenterprise_linuxactive_iq_unified_managersuse_linux_enterprise_serverwindows_rt_8.1windows_10windows_server_2019leapgrub2 in Ubuntu
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-14062
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.31% / 79.00%
||
7 Day CHG~0.00%
Published-31 Aug, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGNU
Product-libidn2debian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-14061
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.47%
||
7 Day CHG~0.00%
Published-31 Aug, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

Action-Not Available
Vendor-n/aGNU
Product-libidn2n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-14311
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.03% / 8.26%
||
7 Day CHG~0.00%
Published-31 Jul, 2020 | 20:56
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.

Action-Not Available
Vendor-The Grub2 ProjectRed Hat, Inc.Canonical Ltd.GNUopenSUSE
Product-ubuntu_linuxenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusgrub2leapgrub2
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-41550
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 36.98%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-20 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header.

Action-Not Available
Vendor-n/aGNU
Product-osipn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-14308
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 6.97%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 19:03
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-grub2leapGrub
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-14309
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.91%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 12:49
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.

Action-Not Available
Vendor-n/aGNUopenSUSE
Product-grub2leapGrub
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-8982
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-1.31% / 78.97%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

Action-Not Available
Vendor-n/aGNU
Product-glibcn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-8983
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.52% / 65.93%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aGNU
Product-glibcn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-1000876
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.82%
||
7 Day CHG-0.01%
Published-20 Dec, 2018 | 17:00
Updated-05 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.

Action-Not Available
Vendor-n/aRed Hat, Inc.Canonical Ltd.GNU
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_workstationenterprise_linux_desktopbinutilsn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-14310
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.06% / 18.52%
||
7 Day CHG~0.00%
Published-31 Jul, 2020 | 20:55
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.

Action-Not Available
Vendor-The Grub2 ProjectRed Hat, Inc.Canonical Ltd.GNUopenSUSE
Product-ubuntu_linuxenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusgrub2leapgrub2
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-6780
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.38%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 14:08
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glibc: integer overflow in __vsyslog_internal()

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

Action-Not Available
Vendor-n/aRed Hat, Inc.GNUFedora Project
Product-fedoraglibcRed Hat Enterprise Linux 8Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7glibcRed Hat Enterprise Linux 9Fedora
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-4042
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.36%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 16:59
Updated-06 Aug, 2024 | 06:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.

Action-Not Available
Vendor-n/aGNU
Product-coreutilsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-38185
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-33.84% / 96.81%
||
7 Day CHG~0.00%
Published-07 Aug, 2021 | 00:00
Updated-09 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

Action-Not Available
Vendor-n/aGNU
Product-cpion/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-4949
Matching Score-6
Assigner-Google LLC
ShareView Details
Matching Score-6
Assigner-Google LLC
CVSS Score-8.1||HIGH
EPSS-0.03% / 7.98%
||
7 Day CHG~0.00%
Published-10 Nov, 2023 | 16:57
Updated-03 Sep, 2024 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.

Action-Not Available
Vendor-Free Software FoundationGNUXen Project
Product-grubxenGrub-Legacy
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-2226
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-10.40% / 92.91%
||
7 Day CHG~0.00%
Published-24 Feb, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aGNU
Product-libibertyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-5044
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.18% / 88.24%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 15:00
Updated-06 Aug, 2024 | 11:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation.

Action-Not Available
Vendor-n/aGNU
Product-libgfortrann/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-6543
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.09%
||
7 Day CHG~0.00%
Published-02 Feb, 2018 | 09:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Action-Not Available
Vendor-n/aGNU
Product-binutilsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-6551
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.02%
||
7 Day CHG~0.00%
Published-02 Feb, 2018 | 14:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

Action-Not Available
Vendor-n/aGNU
Product-glibcn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-17426
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.36% / 57.25%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.

Action-Not Available
Vendor-n/aGNU
Product-glibcn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2002-2439
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.26%
||
7 Day CHG~0.00%
Published-23 Oct, 2019 | 17:47
Updated-08 Aug, 2024 | 04:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

Action-Not Available
Vendor-GNU
Product-gccgcc
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-5001
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 6.38%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 21:31
Updated-17 Jun, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU PSPP pspp-convert.c calloc integer overflow

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-GNU
Product-psppPSPP
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-35942
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-1.14% / 77.53%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 00:00
Updated-01 May, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGNUNetApp, Inc.
Product-active_iq_unified_managerdebian_linuxhci_management_nodeglibce-series_santricity_os_controllersolidfireontap_select_deploy_administration_utilityn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-7643
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.60%
||
7 Day CHG~0.00%
Published-02 Mar, 2018 | 15:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.

Action-Not Available
Vendor-n/aRed Hat, Inc.GNU
Product-enterprise_linux_serverenterprise_linux_desktopenterprise_linux_workstationbinutilsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found