Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-33028 Out-of-bounds Write vulnerability in GNU Libredwg
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
local
low complexity
gnu CWE-787
7.8
7.8
2022-06-23 CVE-2022-33032 Out-of-bounds Write vulnerability in GNU Libredwg
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
local
low complexity
gnu CWE-787
7.8
7.8
2022-06-23 CVE-2022-33033 Double Free vulnerability in GNU Libredwg 0.12.4.4608
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
local
low complexity
gnu CWE-415
7.8
7.8
2022-06-23 CVE-2022-33034 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4608
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
local
low complexity
gnu CWE-787
7.8
7.8
2022-05-23 CVE-2021-42585 Out-of-bounds Write vulnerability in GNU Libredwg
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
network
low complexity
gnu CWE-787
8.8
8.8
2022-05-23 CVE-2021-42586 Out-of-bounds Write vulnerability in GNU Libredwg
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
network
low complexity
gnu CWE-787
8.8
8.8
2022-04-18 CVE-2022-29458 Out-of-bounds Read vulnerability in multiple products
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
local
low complexity
gnu apple debian CWE-125
7.1
7.1
2022-03-26 CVE-2022-27943 Uncontrolled Recursion vulnerability in multiple products
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
local
low complexity
gnu fedoraproject CWE-674
5.5
5.5
2022-03-16 CVE-2021-46705 Insecure Temporary File vulnerability in GNU Grub2
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files.
local
low complexity
gnu CWE-377
4.4
4.4
2022-03-10 CVE-2021-3981 Incorrect Default Permissions vulnerability in multiple products
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content.
local
low complexity
gnu fedoraproject CWE-276
3.3
3.3