Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-15767 | Out-of-bounds Write vulnerability in GNU Chess 6.2.5 In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file. | 7.8 |
| 2019-08-23 | CVE-2019-15531 | Out-of-bounds Read vulnerability in multiple products GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. | 6.5 |
| 2019-08-16 | CVE-2018-20969 | OS Command Injection vulnerability in GNU Patch do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. | 7.8 |
| 2019-08-14 | CVE-2014-10375 | Numeric Errors vulnerability in GNU Exosip 3.5.0/4.0.0/4.1.0 handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. | 7.5 |
| 2019-07-30 | CVE-2019-14444 | Integer Overflow or Wraparound vulnerability in multiple products apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | 5.5 |
| 2019-07-26 | CVE-2019-13638 | OS Command Injection vulnerability in multiple products GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. | 7.8 |
| 2019-07-24 | CVE-2019-1010180 | Out-of-bounds Read vulnerability in multiple products GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. | 7.8 |
| 2019-07-24 | CVE-2019-14250 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. | 5.5 |
| 2019-07-23 | CVE-2019-1010204 | Incorrect Conversion between Numeric Types vulnerability in multiple products GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. | 5.5 |
| 2019-07-17 | CVE-2019-13636 | Link Following vulnerability in GNU Patch In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. | 5.9 |