Vulnerabilities > GNU

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-24	CVE-2020-12137	Cross-site Scripting vulnerability in multiple products GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. network low complexity gnu debian fedoraproject canonical opensuse CWE-79	6.1
2020-04-17	CVE-2020-1751	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. local high complexity gnu redhat canonical CWE-787	7.0
2020-04-03	CVE-2020-11501	Use of Insufficiently Random Values vulnerability in multiple products GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. network high complexity gnu debian opensuse canonical fedoraproject CWE-330	7.4
2020-04-01	CVE-2020-6096	Signed to Unsigned Conversion Error vulnerability in multiple products An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. network high complexity gnu fedoraproject debian CWE-195	8.1
2020-03-25	CVE-2019-20633	Double Free vulnerability in GNU Patch GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. network gnu CWE-415	4.3
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5
2020-02-24	CVE-2020-9366	Out-of-bounds Write vulnerability in GNU Screen A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. network low complexity gnu CWE-787	7.5
2020-01-27	CVE-2015-0294	Improper Certificate Validation vulnerability in multiple products GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. network low complexity gnu debian redhat CWE-295	5.0
2020-01-27	CVE-2019-20433	Out-of-bounds Read vulnerability in GNU Aspell libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. network low complexity gnu CWE-125	6.4
2020-01-24	CVE-2015-4042	Integer Overflow or Wraparound vulnerability in GNU Coreutils Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. network low complexity gnu CWE-190	7.5

Vulnerabilities > GNU {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"GNU"}]}

Vulnerabilities > GNU