Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2021-07-20 CVE-2019-25051 Out-Of-Bounds Write vulnerability in multiple products
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
local
low complexity
gnu debian CWE-787
4.6
2021-07-01 CVE-2021-36080 Double Free vulnerability in GNU Libredwg
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
network
gnu CWE-415
6.8
2021-06-02 CVE-2021-3530 Uncontrolled Recursion vulnerability in GNU Binutils 2.36
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36.
network
low complexity
gnu CWE-674
5.0
2021-05-28 CVE-2020-18395 Null Pointer Dereference vulnerability in GNU Gama 2.04
A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs.
network
low complexity
gnu CWE-476
5.0
2021-05-26 CVE-2021-3549 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Binutils 2.36
An out of bounds flaw was found in GNU binutils objdump utility version 2.36.
network
gnu CWE-119
5.8
2021-05-25 CVE-2021-33574 USE After Free vulnerability in GNU Glibc
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free.
network
low complexity
gnu CWE-416
7.5
2021-05-18 CVE-2020-23861 Out-Of-Bounds Write vulnerability in GNU Libredwg 0.10.1
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
network
gnu CWE-787
4.3
2021-05-18 CVE-2020-23856 USE After Free vulnerability in GNU Cflow 1.6
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
local
low complexity
gnu CWE-416
2.1
2021-05-17 CVE-2020-21831 Out-Of-Bounds Write vulnerability in GNU Libredwg 0.10
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.
network
gnu CWE-787
6.8
2021-05-17 CVE-2020-21842 Out-Of-Bounds Write vulnerability in GNU Libredwg 0.10
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
network
gnu CWE-787
6.8