Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-05 | CVE-2022-3715 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. | 7.8 |
| 2022-12-19 | CVE-2022-3775 | Out-of-bounds Write vulnerability in multiple products When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. | 7.1 |
| 2022-12-14 | CVE-2022-2601 | Heap-based Buffer Overflow vulnerability in multiple products A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |
| 2022-11-30 | CVE-2022-45332 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4643 LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | 7.8 |
| 2022-11-28 | CVE-2022-45939 | OS Command Injection vulnerability in multiple products GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. | 7.8 |
| 2022-10-24 | CVE-2021-46848 | Off-by-one Error vulnerability in multiple products GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der. | 9.1 |
| 2022-10-11 | CVE-2022-41550 | Integer Overflow or Wraparound vulnerability in GNU Osip 5.3.0 GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. | 6.5 |
| 2022-09-06 | CVE-2022-25308 | Stack-based Buffer Overflow vulnerability in multiple products A stack-based buffer overflow flaw was found in the Fribidi package. | 7.8 |
| 2022-09-06 | CVE-2022-25309 | Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. | 5.5 |
| 2022-09-06 | CVE-2022-25310 | NULL Pointer Dereference vulnerability in multiple products A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. | 5.5 |