Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-33033 Double Free vulnerability in GNU Libredwg 0.12.4.4608
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
local
low complexity
gnu CWE-415
7.8
2022-06-23 CVE-2022-33034 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4608
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
local
low complexity
gnu CWE-787
7.8
2022-05-23 CVE-2021-42585 Out-of-bounds Write vulnerability in GNU Libredwg
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
network
low complexity
gnu CWE-787
8.8
2022-05-23 CVE-2021-42586 Out-of-bounds Write vulnerability in GNU Libredwg
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
network
low complexity
gnu CWE-787
8.8
2022-04-18 CVE-2022-29458 Out-of-bounds Read vulnerability in multiple products
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
local
low complexity
gnu apple debian CWE-125
7.1
2022-03-26 CVE-2022-27943 Uncontrolled Recursion vulnerability in multiple products
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
local
low complexity
gnu fedoraproject CWE-674
5.5
2022-03-16 CVE-2021-46705 Unspecified vulnerability in GNU Grub2
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files.
local
low complexity
gnu
4.4
2022-03-10 CVE-2021-3981 A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content.
local
low complexity
gnu fedoraproject
3.3
2022-01-14 CVE-2021-46019 NULL Pointer Dereference vulnerability in multiple products
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-476
5.5
2022-01-14 CVE-2021-46021 Use After Free vulnerability in multiple products
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-416
5.5