Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2024-01-31 CVE-2023-6779 Out-of-bounds Write vulnerability in multiple products
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject CWE-787
7.5
7.5
2024-01-31 CVE-2023-6780 An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject
5.3
5.3
2024-01-16 CVE-2024-0567 Improper Verification of Cryptographic Signature vulnerability in multiple products
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
network
low complexity
gnu fedoraproject netapp debian CWE-347
7.5
7.5
2024-01-16 CVE-2024-0553 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in GnuTLS.
network
low complexity
gnu fedoraproject redhat CWE-203
7.5
7.5
2024-01-15 CVE-2023-4001 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature.
low complexity
gnu redhat fedoraproject CWE-290
6.8
6.8
2024-01-02 CVE-2023-26157 Out-of-bounds Read vulnerability in GNU Libredwg
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
network
low complexity
gnu CWE-125
7.5
7.5
2023-11-28 CVE-2023-5981 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
network
high complexity
gnu redhat fedoraproject CWE-203
5.9
5.9
2023-11-10 CVE-2023-4949 Out-of-bounds Write vulnerability in multiple products
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
local
low complexity
gnu xen CWE-787
6.7
6.7
2023-10-25 CVE-2023-4692 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver.
local
low complexity
gnu redhat CWE-787
7.8
7.8
2023-10-25 CVE-2023-4693 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver.
low complexity
gnu redhat CWE-125
4.6
4.6