Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-14 | CVE-2021-46022 | Use After Free vulnerability in multiple products An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. | 5.5 |
| 2022-01-14 | CVE-2021-46195 | Uncontrolled Recursion vulnerability in GNU GCC 12.0 GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. | 4.3 |
| 2022-01-14 | CVE-2022-23218 | Classic Buffer Overflow vulnerability in multiple products The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | 9.8 |
| 2022-01-14 | CVE-2022-23219 | Classic Buffer Overflow vulnerability in multiple products The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | 9.8 |
| 2022-01-01 | CVE-2021-45950 | Out-of-bounds Write vulnerability in GNU Libredwg LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). | 4.3 |
| 2021-12-22 | CVE-2021-45261 | Release of Invalid Pointer or Reference vulnerability in GNU Patch 2.7 An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service. | 4.3 |
| 2021-12-15 | CVE-2021-45078 | Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. | 7.8 |
| 2021-12-02 | CVE-2021-28236 | NULL Pointer Dereference vulnerability in GNU Libredwg 0.12.3 LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c. | 5.0 |
| 2021-12-02 | CVE-2021-28237 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.3 LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13. | 7.5 |
| 2021-12-02 | CVE-2021-44227 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. | 8.8 |