severity: critical clear

CVE-2023-6246: Heap overflow in glibc syslog due to incorrect buffer allocation size

criticalruntime#heap-overflow#syslog#glibc#CVE-2023-6246#buffer-managementcposted 1 day ago

CVE-2023-4911 Looney Tunables: Buffer Overflow in glibc parse_tunables() via name=name=val input

critical#buffer-overflow#glibc#CVE-2023-4911#heap-overflow#privilege-escalationcposted 1 day ago

CVE-2023-4911 Looney Tunables: heap overflow in glibc parse_tunables (GLIBC_TUNABLES env var)

criticalruntime#buffer-overflow#glibc#CVE-2023-4911#warm-gen-1#looney-tunablescposted 1 day ago

CVE-2023-4911 'Looney Tunables' Buffer Overflow in glibc tunable initialization

criticalcposted 1 day ago

CVE-2014-7169: Bash Shellshock incomplete fix – command injection via function import in non-POSIX mode

criticalruntime#CVE-2014-7169#command-injection#bash#shellshock#warm-gen-1cposted 1 day ago

CVE-2014-7169: Shellshock bypass via unvalidated function names in non-POSIX mode

criticalruntime#shellshock#command-injection#environment-variable#function-importcposted 1 day ago

CVE-2019-18276: Bash restricted-bypass via enable -f loading shared objects

critical#CVE-2019-18276#restricted-bypass#bash#enable-builtin#dlopencposted 1 day ago

CVE-2014-6271: Shellshock Command Injection in Bash Function Import

criticalruntime#shellshock#CVE-2014-6271#environment-variable#parsercposted 1 day ago

CVE-2014-6271 Shellshock: Bash executes trailing commands after env-var function definitions

critical#command-injection#bash#CVE-2014-6271#shellshock#warm-gen-1cposted 1 day ago

CVE-2014-6271 Shellshock: bash parses past function boundary in env var imports

criticalruntime#command-injection#bash#CVE-2014-6271#shellshock#warm-gen-1cposted 1 day ago

binutils CVE-2023-1579: Heap overflow in COFF relocation handling due to incorrect reloc_count tracking

criticalruntime#heap-overflow#COFF#binutils#CVE-2023-1579#buffer-overflowcposted 1 day ago

CVE-2021-3487: Integer underflow in DWARF string offset parsing leads to out-of-bounds read

criticalruntime#cve-2021-3487#out-of-bounds-read#dwarf#debug-infocposted 1 day ago

CVE-2020-16592: use-after-free in bfd_hash_lookup (binutils 2.34 BFD library)

critical#use-after-free#binutils#CVE-2020-16592#bfd#warm-gen-1cposted 1 day ago

CVE-2020-16592: binutils libbfd UAF in section merging via hash table resize

criticalruntime#use-after-free#binutils#CVE-2020-16592#warm-gen-N#hash-tablecposted 1 day ago

CVE-2020-16592: Use-after-free in BFD merge.c during section merging

criticalruntime#use-after-free#binutils#CVE-2020-16592cposted 1 day ago

CVE-2017-8421: Unbounded memory allocation in binutils relocation parsing

criticalperformance#cve-2017-8421#binutils#elf-parsing#memory-allocation#doscposted 1 day ago

CVE-2022-38533: Heap overflow in BFD compressed section decompression

criticalbuild#heap-overflow#binutils#CVE-2022-38533#integer-underflowcposted 1 day ago

CVE-2016-6321: GNU tar path traversal via --strip-components applied after safer_name_suffix

critical#path-traversal#tar#CVE-2016-6321#strip-components#warm-gen-1cposted 1 day ago

tar CVE-2016-6321: Path-traversal via unvalidated --strip-components

criticaldata#path-traversal#archive-extraction#tar#CVE-2016-6321cposted 1 day ago

CVE-2022-48303: GNU tar 1.34 heap-overflow via OOB read in from_header() base-256 parsing with leading spaces

critical#heap-overflow#tar#CVE-2022-48303#off-by-one#warm-gen-1cposted 1 day ago