Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2023-01-05 CVE-2022-3715 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform.
local
low complexity
gnu redhat CWE-787
7.8
2022-12-19 CVE-2022-3775 Out-of-bounds Write vulnerability in multiple products
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size.
local
low complexity
gnu redhat CWE-787
7.1
2022-12-14 CVE-2022-2601 Heap-based Buffer Overflow vulnerability in multiple products
A buffer overflow was found in grub_font_construct_glyph().
local
low complexity
gnu redhat fedoraproject CWE-122
8.6
2022-11-30 CVE-2022-45332 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4643
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
local
low complexity
gnu CWE-787
7.8
2022-11-28 CVE-2022-45939 OS Command Injection vulnerability in GNU Emacs
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program.
local
low complexity
gnu CWE-78
7.8
2022-10-24 CVE-2021-46848 Out-of-bounds Read vulnerability in multiple products
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
network
low complexity
gnu fedoraproject debian CWE-125
critical
9.1
2022-10-11 CVE-2022-41550 Integer Overflow or Wraparound vulnerability in GNU Osip 5.3.0
GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header.
network
low complexity
gnu CWE-190
6.5
2022-09-06 CVE-2022-25308 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow flaw was found in the Fribidi package.
local
low complexity
gnu redhat CWE-787
7.8
2022-09-06 CVE-2022-25309 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file.
local
low complexity
gnu redhat CWE-787
5.5
2022-09-06 CVE-2022-25310 A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file.
local
low complexity
gnu redhat
5.5