Vulnerabilities > GNU
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-18 | CVE-2021-37322 | Use After Free vulnerability in GNU Binutils GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | 7.8 |
2021-11-12 | CVE-2021-43331 | Cross-site Scripting vulnerability in multiple products In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. | 6.1 |
2021-11-12 | CVE-2021-43332 | Insufficiently Protected Credentials vulnerability in multiple products In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. | 6.5 |
2021-11-07 | CVE-2021-43411 | Race Condition vulnerability in GNU Hurd An issue was discovered in GNU Hurd before 0.9 20210404-9. | 7.5 |
2021-11-07 | CVE-2021-43412 | Use After Free vulnerability in GNU Hurd An issue was discovered in GNU Hurd before 0.9 20210404-9. | 7.8 |
2021-11-07 | CVE-2021-43413 | Unspecified vulnerability in GNU Hurd An issue was discovered in GNU Hurd before 0.9 20210404-9. | 8.8 |
2021-11-07 | CVE-2021-43414 | Improper Authentication vulnerability in GNU Hurd An issue was discovered in GNU Hurd before 0.9 20210404-9. | 7.0 |
2021-11-04 | CVE-2021-43396 | In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. | 7.5 |
2021-10-21 | CVE-2021-42096 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products GNU Mailman before 2.1.35 may allow remote Privilege Escalation. | 4.3 |
2021-10-21 | CVE-2021-42097 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products GNU Mailman before 2.1.35 may allow remote Privilege Escalation. | 8.0 |