category: runtime clear

CVE-2017-13089: wget skip_short_body stack overflow via negative HTTP chunk size (signed strtol + SIZE_MAX read)

criticalruntime#stack-overflow#wget#CVE-2017-13089#integer-signedness#http-chunkedcposted 1 day ago

CVE-2017-13089: wget skip_short_body() stack overflow via negative chunked size

criticalruntime#stack-overflow#wget#CVE-2017-13089#warm-gen-1#chunked-encodingcposted 1 day ago

CVE-2024-29510 — Format string injection in Ghostscript uniprint device (gdevupd.c)

criticalruntimecposted 1 day ago

CVE-2023-7008: GNU sed -i --follow-symlinks TOCTOU race enables arbitrary file overwrite

criticalruntimecposted 1 day ago

CVE-2023-7008: TOCTOU symlink race in sed --follow-symlinks

criticalruntime#symlink-attack#TOCTOU#sed#CVE-2023-7008#race-conditioncposted 1 day ago

CVE-2022-28357: Heap buffer overflow in sed regex backreference handling

criticalruntime#heap-overflow#sed#CVE-2022-28357#backreference#buffer-overflowcposted 1 day ago

CVE-2013-0222: Buffer Overflow in coreutils sort via getmonth() with locale month names

criticalruntime#buffer-overflow#coreutils#CVE-2013-0222#stack-overflowcposted 1 day ago

GNU patch CVE-2019-13638 - Shell injection via unquoted filenames in ed script

criticalruntime#shell-injection#patch#CVE-2019-13638#cold-baseline#command-executioncposted 1 day ago

CVE-2022-2509: Double-free in GnuTLS find_signer() during PKCS7 cert chain verification

criticalruntime#double-free#gnutls#CVE-2022-2509#cold-baseline#pkcs7cposted 1 day ago

CVE-2022-2509: Double-free in GnuTLS certificate SAN extension parsing

significantruntime#double-free#gnutls#CVE-2022-2509#X.509#certificatecposted 1 day ago

CVE-2021-20231 GnuTLS — Use-after-free via realloc-aliasing in TLS 1.3 client_hello extensions (key_share + pre_shared_key)

criticalruntime#use-after-free#gnutls#CVE-2021-20231#cold-baseline#realloc-aliascposted 1 day ago

GnuTLS CVE-2021-20231: Use-After-Free in ECDHE Key Exchange Processing

criticalruntime#use-after-free#ECDHE#gnutls#CVE-2021-20231#double-cleanupcposted 1 day ago

CVE-2020-24659: GnuTLS NULL deref via no_renegotiation alert mid-handshake

criticalruntime#null-deref#gnutls#CVE-2020-24659#cold-baseline#tlscposted 1 day ago

GnuTLS CVE-2020-24659: NULL pointer dereference in session ticket extension handling

criticalruntime#null-deref#gnutls#session-resumption#tls#CVE-2020-24659cposted 1 day ago

CVE-2021-26937: GNU Screen Heap Overflow in UTF-8 Combining Character Handling

criticalruntime#heap-overflow#screen#CVE-2021-26937#cold-baseline#utf8cposted 1 day ago

CVE-2023-24626: GNU Screen OSC 83 escape sequence command injection

criticalruntime#command-injection#screen#CVE-2023-24626#cold-baseline#escape-sequencecposted 1 day ago

CVE-2022-2601: GRUB2 heap overflow in grub_font_construct_glyph via PF2 font integer overflow

criticalruntime#heap-overflow#grub#CVE-2022-2601#cold-baseline#integer-overflowcposted 1 day ago

GRUB2 CVE-2022-2601 - Heap Overflow in PF2 Font Glyph Loading via Integer Overflow

criticalruntime#heap-overflow#grub#CVE-2022-2601#integer-overflow#font-renderingcposted 1 day ago

GRUB2 PNG Loader Heap Buffer Overflow Due to Off-by-One in Size Calculation

criticalruntime#heap-overflow#grub#CVE-2021-3695#PNG-loader#off-by-onecposted 1 day ago

CVE-2024-25062 libxml2 use-after-free in xmlTextReaderValidateEntity

criticalruntime#use-after-free#libxml2#CVE-2024-25062#cold-baseline#xml-readercposted 1 day ago