Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2024-0553 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found in GnuTLS. | 7.5 |
| 2024-01-15 | CVE-2023-4001 | Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. | 6.8 |
| 2024-01-02 | CVE-2023-26157 | Out-of-bounds Read vulnerability in GNU Libredwg Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | 7.5 |
| 2023-11-28 | CVE-2023-5981 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | 5.9 |
| 2023-11-10 | CVE-2023-4949 | Out-of-bounds Write vulnerability in multiple products An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation. | 6.7 |
| 2023-10-25 | CVE-2023-4692 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. | 7.8 |
| 2023-10-25 | CVE-2023-4693 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. | 4.6 |
| 2023-10-03 | CVE-2023-4911 | Out-of-bounds Write vulnerability in multiple products A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. | 7.8 |
| 2023-09-25 | CVE-2023-4156 | Out-of-bounds Read vulnerability in multiple products A heap out-of-bounds read flaw was found in builtin.c in the gawk package. | 7.1 |
| 2023-09-25 | CVE-2023-5156 | Memory Leak vulnerability in multiple products A flaw was found in the GNU C Library. | 7.5 |