A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of...
4.5CVSS
7.3AI Score
0.0005EPSS
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...
4.5CVSS
7.3AI Score
0.0005EPSS
Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file...
5.5CVSS
5.4AI Score
0.0004EPSS
An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory...
5.5CVSS
5.3AI Score
0.0004EPSS
An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory...
5.5CVSS
5.3AI Score
0.0004EPSS
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory...
5.5CVSS
5.3AI Score
0.0004EPSS
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function...
7.8CVSS
7.4AI Score
0.001EPSS
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified...
7.8CVSS
7.4AI Score
0.001EPSS
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in...
7.8CVSS
7.3AI Score
0.001EPSS
An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory...
5.5CVSS
5.3AI Score
0.0004EPSS
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file...
7.8CVSS
7.8AI Score
0.001EPSS
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of...
8.8CVSS
8.4AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in...
6.5CVSS
6.3AI Score
0.0005EPSS
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot...
7.8CVSS
8.5AI Score
0.0004EPSS
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used ...
8.1CVSS
8.6AI Score
0.001EPSS
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered....
7.8CVSS
8.8AI Score
0.0004EPSS
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at...
5.5CVSS
5.6AI Score
0.0004EPSS
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at...
5.5CVSS
5.7AI Score
0.0004EPSS
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at...
5.5CVSS
5.6AI Score
0.0004EPSS
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as...
5.5CVSS
5.3AI Score
0.0004EPSS
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at...
8.8CVSS
8.9AI Score
0.001EPSS
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at...
8.8CVSS
8.9AI Score
0.001EPSS
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at...
8.8CVSS
8.9AI Score
0.001EPSS
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at...
8.8CVSS
8.9AI Score
0.001EPSS
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of...
5.5CVSS
5.9AI Score
0.001EPSS
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in...
7.8CVSS
7.3AI Score
0.001EPSS
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in...
7.8CVSS
7.3AI Score
0.001EPSS
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace....
5.5CVSS
5.4AI Score
0.0005EPSS
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise.....
7.8CVSS
8.7AI Score
0.0004EPSS
An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for...
6.3CVSS
6.4AI Score
0.0004EPSS
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target...
6.5CVSS
5.9AI Score
0.001EPSS
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a....
5.9CVSS
5.7AI Score
0.001EPSS
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at...
8.8CVSS
8.8AI Score
0.002EPSS
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation...
9.8CVSS
9.5AI Score
0.001EPSS
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory...
7.8CVSS
7.4AI Score
0.0004EPSS
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash.....
5.5CVSS
6.2AI Score
0.001EPSS
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of...
7.8CVSS
7.5AI Score
0.001EPSS
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive...
7.5CVSS
8.2AI Score
0.002EPSS
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute...
7.8CVSS
9.1AI Score
0.0004EPSS
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at...
7.8CVSS
7.9AI Score
0.001EPSS
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...
8.1CVSS
7.7AI Score
0.002EPSS
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare...
6.5CVSS
6.2AI Score
0.002EPSS
6.5CVSS
6.4AI Score
0.001EPSS
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via...
9.8CVSS
9.5AI Score
0.002EPSS
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP...
6.3AI Score
0.017EPSS
6.6AI Score
0.001EPSS
7.4AI Score
0.002EPSS
7.8AI Score
0.003EPSS
7.5AI Score
0.001EPSS