Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2021-11-18 CVE-2021-37322 Use After Free vulnerability in GNU Binutils
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
local
low complexity
gnu CWE-416
7.8
2021-11-12 CVE-2021-43331 Cross-site Scripting vulnerability in multiple products
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
network
low complexity
gnu debian CWE-79
6.1
2021-11-12 CVE-2021-43332 Insufficiently Protected Credentials vulnerability in multiple products
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password.
network
low complexity
gnu debian CWE-522
6.5
2021-11-07 CVE-2021-43411 Race Condition vulnerability in GNU Hurd
An issue was discovered in GNU Hurd before 0.9 20210404-9.
network
high complexity
gnu CWE-362
7.5
2021-11-07 CVE-2021-43412 Use After Free vulnerability in GNU Hurd
An issue was discovered in GNU Hurd before 0.9 20210404-9.
local
low complexity
gnu CWE-416
7.8
2021-11-07 CVE-2021-43413 Unspecified vulnerability in GNU Hurd
An issue was discovered in GNU Hurd before 0.9 20210404-9.
network
low complexity
gnu
8.8
2021-11-07 CVE-2021-43414 Improper Authentication vulnerability in GNU Hurd
An issue was discovered in GNU Hurd before 0.9 20210404-9.
local
high complexity
gnu CWE-287
7.0
2021-11-04 CVE-2021-43396 In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset.
network
low complexity
gnu oracle
7.5
2021-10-21 CVE-2021-42096 Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products
GNU Mailman before 2.1.35 may allow remote Privilege Escalation.
network
low complexity
gnu debian CWE-307
4.3
2021-10-21 CVE-2021-42097 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
GNU Mailman before 2.1.35 may allow remote Privilege Escalation.
network
low complexity
gnu debian CWE-352
8.0