Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2024-06-16 CVE-2024-38428 Interpretation Conflict vulnerability in GNU Wget
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
network
low complexity
gnu CWE-436
critical
 9.1
9.1
2024-06-12 CVE-2024-5742 Link Following vulnerability in multiple products
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file.
local
high complexity
gnu redhat CWE-59
6.7
6.7
2024-02-06 CVE-2024-1048 Incomplete Cleanup vulnerability in multiple products
A flaw was found in the grub2-set-bootflag utility of grub2.
local
low complexity
gnu redhat fedoraproject CWE-459
3.3
3.3
2024-02-06 CVE-2024-0911 Out-of-bounds Write vulnerability in GNU Indent 2.2.13
A flaw was found in indent, a program for formatting C code.
local
low complexity
gnu CWE-787
5.5
5.5
2024-02-06 CVE-2024-0684 Out-of-bounds Write vulnerability in GNU Coreutils 9.2/9.3/9.4
A flaw was found in the GNU coreutils "split" program.
local
low complexity
gnu CWE-787
5.5
5.5
2024-02-05 CVE-2023-7216 Path Traversal vulnerability in multiple products
A path traversal vulnerability was found in the CPIO utility.
local
low complexity
gnu redhat CWE-22
5.3
5.3
2024-01-31 CVE-2023-6246 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
local
low complexity
gnu fedoraproject CWE-787
7.8
7.8
2024-01-31 CVE-2023-6779 Out-of-bounds Write vulnerability in multiple products
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-787
7.5
7.5
2024-01-31 CVE-2023-6780 Incorrect Calculation of Buffer Size vulnerability in multiple products
An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-131
5.3
5.3
2024-01-16 CVE-2024-0567 Improper Verification of Cryptographic Signature vulnerability in multiple products
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
network
low complexity
gnu fedoraproject netapp debian CWE-347
7.5
7.5