Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2015-1396 | Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. | 6.4 |
| 2019-11-20 | CVE-2019-16200 | Incorrect Conversion between Numeric Types vulnerability in GNU Serveez 0.2.2 GNU Serveez through 0.2.2 has an Information Leak. | 5.0 |
| 2019-11-19 | CVE-2019-19126 | Improper Initialization vulnerability in multiple products On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. | 3.3 |
| 2019-11-19 | CVE-2012-0824 | Use of Externally-Controlled Format String vulnerability in GNU Gnusound 0.7.5 gnusound 0.7.5 has format string issue | 7.5 |
| 2019-11-13 | CVE-2019-18397 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. | 7.8 |
| 2019-11-11 | CVE-2019-18862 | Unspecified vulnerability in GNU Mailutils 0.5/0.6 maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. | 4.6 |
| 2019-10-23 | CVE-2002-2439 | Integer Overflow or Wraparound vulnerability in GNU GCC Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. | 4.6 |
| 2019-10-22 | CVE-2019-12290 | Improper Input Validation vulnerability in GNU Libidn2 GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. | 7.5 |
| 2019-10-21 | CVE-2019-18224 | Out-of-bounds Write vulnerability in GNU Libidn2 idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. | 9.8 |
| 2019-10-17 | CVE-2019-18192 | Incorrect Permission Assignment for Critical Resource vulnerability in GNU Guix 1.0.1 GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365. | 4.6 |