Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-2601 A buffer overflow was found in grub_font_construct_glyph().
local
low complexity
gnu redhat fedoraproject
8.6
2022-11-30 CVE-2022-45332 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4643
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
local
low complexity
gnu CWE-787
7.8
2022-11-28 CVE-2022-45939 OS Command Injection vulnerability in multiple products
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program.
local
low complexity
gnu debian fedoraproject CWE-78
7.8
2022-10-24 CVE-2021-46848 Off-by-one Error vulnerability in multiple products
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
network
low complexity
gnu fedoraproject debian CWE-193
critical
9.1
2022-10-11 CVE-2022-41550 Integer Overflow or Wraparound vulnerability in GNU Osip 5.3.0
GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header.
network
low complexity
gnu CWE-190
6.5
2022-09-06 CVE-2022-25308 A stack-based buffer overflow flaw was found in the Fribidi package.
local
low complexity
gnu redhat
7.8
2022-09-06 CVE-2022-25309 A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file.
local
low complexity
gnu redhat
5.5
2022-09-06 CVE-2022-25310 NULL Pointer Dereference vulnerability in multiple products
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file.
local
low complexity
gnu redhat CWE-476
5.5
2022-09-05 CVE-2022-39831 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in PSPP 1.6.2.
local
low complexity
gnu fedoraproject CWE-787
7.8
2022-09-05 CVE-2022-39832 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in PSPP 1.6.2.
local
low complexity
gnu fedoraproject CWE-787
7.8