Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2024-06-16 CVE-2024-38428 Interpretation Conflict vulnerability in GNU Wget
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
network
low complexity
gnu CWE-436
critical
9.1
2024-02-06 CVE-2024-1048 Incomplete Cleanup vulnerability in multiple products
A flaw was found in the grub2-set-bootflag utility of grub2.
local
low complexity
gnu redhat fedoraproject CWE-459
3.3
2024-02-06 CVE-2024-0911 Out-of-bounds Write vulnerability in GNU Indent 2.2.13
A flaw was found in indent, a program for formatting C code.
local
low complexity
gnu CWE-787
5.5
2024-02-06 CVE-2024-0684 Out-of-bounds Write vulnerability in GNU Coreutils 9.2/9.3/9.4
A flaw was found in the GNU coreutils "split" program.
local
low complexity
gnu CWE-787
5.5
2024-01-31 CVE-2023-6246 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
local
low complexity
gnu fedoraproject CWE-787
7.8
2024-01-31 CVE-2023-6779 Out-of-bounds Write vulnerability in multiple products
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-787
7.5
2024-01-31 CVE-2023-6780 An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject
5.3
2024-01-16 CVE-2024-0567 Improper Verification of Cryptographic Signature vulnerability in multiple products
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
network
low complexity
gnu fedoraproject netapp debian CWE-347
7.5
2024-01-16 CVE-2024-0553 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in GnuTLS.
network
low complexity
gnu fedoraproject redhat CWE-203
7.5
2024-01-15 CVE-2023-4001 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature.
low complexity
gnu redhat fedoraproject CWE-290
6.8