Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2021-05-17 CVE-2020-21817 NULL Pointer Dereference vulnerability in GNU Libredwg 0.10.2641
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29.
network
low complexity
gnu CWE-476
6.5
6.5
2021-05-17 CVE-2020-21818 Out-of-bounds Write vulnerability in GNU Libredwg 0.10.2641
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48.
network
low complexity
gnu CWE-787
8.8
8.8
2021-05-17 CVE-2020-21819 Out-of-bounds Write vulnerability in GNU Libredwg 0.10.2641
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51.
network
low complexity
gnu CWE-787
8.8
8.8
2021-05-17 CVE-2020-21813 Out-of-bounds Write vulnerability in GNU Libredwg 0.10.2641
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114.
local
low complexity
gnu CWE-787
7.8
7.8
2021-04-29 CVE-2021-20294 Out-of-bounds Write vulnerability in GNU Binutils 2.35/2.35.1
A flaw was found in binutils readelf 2.35 program.
local
low complexity
gnu CWE-787
7.8
7.8
2021-04-29 CVE-2021-31879 Open Redirect vulnerability in multiple products
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
network
low complexity
gnu broadcom netapp CWE-601
6.1
6.1
2021-04-26 CVE-2021-27851 Link Following vulnerability in GNU Guix
A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’.
local
low complexity
gnu CWE-59
5.5
5.5
2021-04-07 CVE-2021-30184 Classic Buffer Overflow vulnerability in multiple products
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data.
local
low complexity
gnu fedoraproject CWE-120
7.8
7.8
2021-03-26 CVE-2021-20284 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly.
local
low complexity
gnu netapp CWE-119
5.5
5.5
2021-03-26 CVE-2021-20197 Link Following vulnerability in multiple products
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib.
local
high complexity
gnu redhat netapp broadcom CWE-59
6.3
6.3