Vendor CVEs
GNU
All CVEs
1,137 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-46174 | 0.00 | — | 0.01 | Aug 22, 2023 | Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | |||
| CVE-2023-40303 | 0.00 | — | 0.00 | Aug 14, 2023 | GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before… | |||
| CVE-2023-39129 | 0.00 | — | 0.00 | Jul 25, 2023 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. | |||
| CVE-2023-39128 | 0.00 | — | 0.00 | Jul 25, 2023 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | |||
| CVE-2023-39130 | 0.00 | — | 0.00 | Jul 25, 2023 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. | |||
| CVE-2021-32256 | 0.00 | — | 0.01 | Jul 18, 2023 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||
| CVE-2015-20109 | 0.00 | — | 0.00 | Jun 25, 2023 | end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this… | |||
| CVE-2023-2789 | 0.00 | — | 0.01 | May 18, 2023 | A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The… | |||
| CVE-2023-1972 | 0.00 | — | 0.01 | May 17, 2023 | A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | |||
| CVE-2023-1579 | 0.00 | — | 0.00 | Apr 3, 2023 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | |||
| CVE-2023-27985 | 0.00 | — | 0.01 | Mar 9, 2023 | emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90 | |||
| CVE-2023-27986 | 0.00 | — | 0.00 | Mar 9, 2023 | emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90. | |||
| CVE-2023-27371 | 0.00 | — | 0.01 | Feb 28, 2023 | GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or… | |||
| CVE-2022-48338 | 0.00 | — | 0.02 | Feb 20, 2023 | An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command… | |||
| CVE-2022-48337 | 0.00 | — | 0.02 | Feb 20, 2023 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command… | |||
| CVE-2022-48339 | 0.00 | — | 0.01 | Feb 20, 2023 | An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name… | |||
| CVE-2022-46663 | 0.00 | — | 0.01 | Feb 7, 2023 | In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | |||
| CVE-2023-0687 | 0.00 | — | 0.01 | Feb 6, 2023 | A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix… | |||
| CVE-2023-25139 | 0.00 | — | 0.01 | Feb 3, 2023 | sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated… | |||
| CVE-2022-48303 | 0.00 | — | 0.05 | Jan 30, 2023 | GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has… | |||
| CVE-2022-4285 | 0.00 | — | 0.00 | Jan 27, 2023 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | |||
| CVE-2022-24119 | 0.00 | — | 0.01 | Dec 26, 2022 | Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0. | |||
| CVE-2022-45939 | 0.00 | — | 0.01 | Nov 28, 2022 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command… | |||
| CVE-2021-46848 | 0.00 | — | 0.02 | Oct 24, 2022 | GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der. | |||
| CVE-2022-41550 | 0.00 | — | 0.01 | Oct 11, 2022 | GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. | |||
| CVE-2022-39831 | 0.00 | — | 0.01 | Sep 5, 2022 | An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is… | |||
| CVE-2022-39832 | 0.00 | — | 0.00 | Sep 5, 2022 | An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||
| CVE-2021-3826 | 0.00 | — | 0.01 | Sep 1, 2022 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol. | |||
| CVE-2022-1271 | 0.00 | — | 0.04 | Aug 31, 2022 | An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to… | |||
| CVE-2022-39046 | 0.00 | — | 0.02 | Aug 31, 2022 | An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the… | |||
| CVE-2022-39028 | 0.00 | — | 0.02 | Aug 30, 2022 | telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However,… | |||
| CVE-2022-38533 | 0.00 | — | 0.00 | Aug 25, 2022 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | |||
| CVE-2021-33643 | 0.00 | — | 0.01 | Aug 9, 2022 | An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. | |||
| CVE-2022-2469 | 0.00 | — | 0.01 | Jul 19, 2022 | GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client | |||
| CVE-2022-27943 | 0.00 | — | 0.01 | Mar 26, 2022 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. | |||
| CVE-2021-3981 | 0.00 | — | 0.00 | Mar 8, 2022 | A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted… | |||
| CVE-2021-46021 | 0.00 | — | 0.01 | Jan 14, 2022 | An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | |||
| CVE-2021-46195 | 0.00 | — | 0.01 | Jan 14, 2022 | GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. | |||
| CVE-2022-23219 | 0.00 | — | 0.04 | Jan 14, 2022 | The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or… | |||
| CVE-2021-46019 | 0.00 | — | 0.01 | Jan 14, 2022 | An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | |||
| CVE-2022-23218 | 0.00 | — | 0.05 | Jan 14, 2022 | The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if… | |||
| CVE-2021-46022 | 0.00 | — | 0.01 | Jan 14, 2022 | An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | |||
| CVE-2021-45261 | 0.00 | — | 0.01 | Dec 22, 2021 | An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service. | |||
| CVE-2021-45078 | 0.00 | — | 0.01 | Dec 15, 2021 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix… | |||
| CVE-2021-43618 | 0.00 | — | 0.03 | Nov 15, 2021 | GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. | |||
| CVE-2021-43332 | 0.00 | — | 0.01 | Nov 12, 2021 | In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack. | |||
| CVE-2021-43331 | 0.00 | — | 0.01 | Nov 12, 2021 | In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. | |||
| CVE-2021-43412 | 0.00 | — | 0.00 | Nov 7, 2021 | An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access. | |||
| CVE-2021-43413 | 0.00 | — | 0.02 | Nov 7, 2021 | An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access. | |||
| CVE-2021-43414 | 0.00 | — | 0.00 | Nov 7, 2021 | An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access. |
- CVE-2021-46174Aug 22, 2023risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.
- CVE-2023-40303Aug 14, 2023risk 0.00cvss —epss 0.00
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before…
- CVE-2023-39129Jul 25, 2023risk 0.00cvss —epss 0.00
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
- CVE-2023-39128Jul 25, 2023risk 0.00cvss —epss 0.00
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
- CVE-2023-39130Jul 25, 2023risk 0.00cvss —epss 0.00
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
- CVE-2021-32256Jul 18, 2023risk 0.00cvss —epss 0.01
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
- CVE-2015-20109Jun 25, 2023risk 0.00cvss —epss 0.00
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this…
- CVE-2023-2789May 18, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The…
- CVE-2023-1972May 17, 2023risk 0.00cvss —epss 0.01
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
- CVE-2023-1579Apr 3, 2023risk 0.00cvss —epss 0.00
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.
- CVE-2023-27985Mar 9, 2023risk 0.00cvss —epss 0.01
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
- CVE-2023-27986Mar 9, 2023risk 0.00cvss —epss 0.00
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.
- CVE-2023-27371Feb 28, 2023risk 0.00cvss —epss 0.01
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or…
- CVE-2022-48338Feb 20, 2023risk 0.00cvss —epss 0.02
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command…
- CVE-2022-48337Feb 20, 2023risk 0.00cvss —epss 0.02
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command…
- CVE-2022-48339Feb 20, 2023risk 0.00cvss —epss 0.01
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name…
- CVE-2022-46663Feb 7, 2023risk 0.00cvss —epss 0.01
In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.
- CVE-2023-0687Feb 6, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix…
- CVE-2023-25139Feb 3, 2023risk 0.00cvss —epss 0.01
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated…
- CVE-2022-48303Jan 30, 2023risk 0.00cvss —epss 0.05
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has…
- CVE-2022-4285Jan 27, 2023risk 0.00cvss —epss 0.00
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
- CVE-2022-24119Dec 26, 2022risk 0.00cvss —epss 0.01
Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0.
- CVE-2022-45939Nov 28, 2022risk 0.00cvss —epss 0.01
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command…
- CVE-2021-46848Oct 24, 2022risk 0.00cvss —epss 0.02
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
- CVE-2022-41550Oct 11, 2022risk 0.00cvss —epss 0.01
GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header.
- CVE-2022-39831Sep 5, 2022risk 0.00cvss —epss 0.01
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is…
- CVE-2022-39832Sep 5, 2022risk 0.00cvss —epss 0.00
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
- CVE-2021-3826Sep 1, 2022risk 0.00cvss —epss 0.01
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
- CVE-2022-1271Aug 31, 2022risk 0.00cvss —epss 0.04
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to…
- CVE-2022-39046Aug 31, 2022risk 0.00cvss —epss 0.02
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the…
- CVE-2022-39028Aug 30, 2022risk 0.00cvss —epss 0.02
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However,…
- CVE-2022-38533Aug 25, 2022risk 0.00cvss —epss 0.00
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
- CVE-2021-33643Aug 9, 2022risk 0.00cvss —epss 0.01
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
- CVE-2022-2469Jul 19, 2022risk 0.00cvss —epss 0.01
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client
- CVE-2022-27943Mar 26, 2022risk 0.00cvss —epss 0.01
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
- CVE-2021-3981Mar 8, 2022risk 0.00cvss —epss 0.00
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted…
- CVE-2021-46021Jan 14, 2022risk 0.00cvss —epss 0.01
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
- CVE-2021-46195Jan 14, 2022risk 0.00cvss —epss 0.01
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
- CVE-2022-23219Jan 14, 2022risk 0.00cvss —epss 0.04
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or…
- CVE-2021-46019Jan 14, 2022risk 0.00cvss —epss 0.01
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
- CVE-2022-23218Jan 14, 2022risk 0.00cvss —epss 0.05
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if…
- CVE-2021-46022Jan 14, 2022risk 0.00cvss —epss 0.01
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
- CVE-2021-45261Dec 22, 2021risk 0.00cvss —epss 0.01
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
- CVE-2021-45078Dec 15, 2021risk 0.00cvss —epss 0.01
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix…
- CVE-2021-43618Nov 15, 2021risk 0.00cvss —epss 0.03
GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.
- CVE-2021-43332Nov 12, 2021risk 0.00cvss —epss 0.01
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
- CVE-2021-43331Nov 12, 2021risk 0.00cvss —epss 0.01
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
- CVE-2021-43412Nov 7, 2021risk 0.00cvss —epss 0.00
An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access.
- CVE-2021-43413Nov 7, 2021risk 0.00cvss —epss 0.02
An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access.
- CVE-2021-43414Nov 7, 2021risk 0.00cvss —epss 0.00
An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access.
Page 13 of 23