cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2015-4042,https://securityvulnerability.io/vulnerability/CVE-2015-4042,Integer Overflow Vulnerability in GNU Coreutils Affects Sort Functionality,"An integer overflow vulnerability has been identified in the keycompare_mb function within the sort component of GNU Coreutils. This flaw, present in versions up to 8.23, enables potential attackers to exploit long string inputs, potentially leading to application crashes or other unspecified impacts. Proper input validation and rigorous testing are essential to mitigate the risks associated with this vulnerability.",Gnu,Coreutils,9.8,CRITICAL,0.004149999935179949,false,,false,false,false,,,false,false,,2020-01-24T16:59:45.000Z,0
CVE-2015-4041,https://securityvulnerability.io/vulnerability/CVE-2015-4041,Heap-Based Buffer Overflow in GNU Coreutils Affects 64-Bit Platforms,"The keycompare_mb function within the sort component of GNU Coreutils versions up to 8.23 on 64-bit platforms is vulnerable due to inadequate size calculation for multibyte characters. This flaw can lead to a denial of service, resulting in a heap-based buffer overflow and potential application crashes. Attackers may exploit this vulnerability by delivering specially crafted long UTF-8 strings, which may disrupt service and could have additional unforeseen impacts.",Gnu,Coreutils,7.8,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2020-01-24T16:59:41.000Z,0
CVE-2017-18018,https://securityvulnerability.io/vulnerability/CVE-2017-18018,,"In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX ""-R -L"" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.",Gnu,Coreutils,4.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2018-01-04T04:00:00.000Z,0
CVE-2015-1865,https://securityvulnerability.io/vulnerability/CVE-2015-1865,,fts.c in coreutils 8.4 allows local users to delete arbitrary files.,Gnu,Coreutils,4.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-09-20T18:00:00.000Z,0
CVE-2016-2781,https://securityvulnerability.io/vulnerability/CVE-2016-2781,,"chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",Gnu,Coreutils,6.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-02-07T15:00:00.000Z,0
CVE-2014-9471,https://securityvulnerability.io/vulnerability/CVE-2014-9471,,"The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the ""--date=TZ=""123""345"" @1"" string to the touch or date command.",Gnu,Coreutils,,,0.010230000130832195,false,,false,false,false,,,false,false,,2015-01-16T16:00:00.000Z,0
CVE-2008-1946,https://securityvulnerability.io/vulnerability/CVE-2008-1946,,"The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.",Gnu,Coreutils,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2008-07-28T17:00:00.000Z,0
CVE-2005-1039,https://securityvulnerability.io/vulnerability/CVE-2005-1039,,"Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.",Gnu,Coreutils,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2005-05-02T04:00:00.000Z,0