Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-16 | CVE-2018-20969 | OS Command Injection vulnerability in GNU Patch do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. | 9.3 |
| 2019-08-14 | CVE-2014-10375 | Numeric Errors vulnerability in GNU Exosip 3.5.0/4.0.0/4.1.0 handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. | 5.0 |
| 2019-07-30 | CVE-2019-14444 | Integer Overflow or Wraparound vulnerability in multiple products apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | 5.5 |
| 2019-07-26 | CVE-2019-13638 | OS Command Injection vulnerability in multiple products GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. | 7.8 |
| 2019-07-24 | CVE-2019-1010180 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. | 6.8 |
| 2019-07-24 | CVE-2019-14250 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. | 5.5 |
| 2019-07-23 | CVE-2019-1010204 | Incorrect Conversion between Numeric Types vulnerability in multiple products GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. | 5.5 |
| 2019-07-17 | CVE-2019-13636 | Link Following vulnerability in GNU Patch In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. | 5.9 |
| 2019-07-15 | CVE-2019-1010025 | Use of Insufficiently Random Values vulnerability in GNU Glibc GNU Libc current is affected by: Mitigation bypass. | 5.3 |
| 2019-07-15 | CVE-2019-1010024 | Information Exposure vulnerability in GNU Glibc GNU Libc current is affected by: Mitigation bypass. | 5.3 |