Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2020-19186 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5
2023-08-22 CVE-2020-19187 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5
2023-08-14 CVE-2023-40305 Out-of-bounds Write vulnerability in GNU Indent 2.2.13
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.
local
low complexity
gnu CWE-787
5.5
2023-08-14 CVE-2023-40303 Unchecked Return Value vulnerability in GNU Inetutils
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd.
local
low complexity
gnu CWE-252
7.8
2023-07-25 CVE-2023-39128 Out-of-bounds Write vulnerability in GNU GDB 13.0.50.20220805Git
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
local
low complexity
gnu CWE-787
5.5
2023-07-25 CVE-2023-39129 Use After Free vulnerability in GNU GDB 13.0.50.20220805Git
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
local
low complexity
gnu CWE-416
5.5
2023-07-25 CVE-2023-39130 Out-of-bounds Write vulnerability in GNU GDB 13.0.50.20220805Git
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
local
low complexity
gnu CWE-787
5.5
2023-07-20 CVE-2022-28733 Integer Underflow (Wrap or Wraparound) vulnerability in GNU Grub2
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value.
network
high complexity
gnu CWE-191
8.1
2023-07-20 CVE-2022-28734 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position.
network
high complexity
gnu netapp CWE-787
7.0
2023-07-20 CVE-2022-28735 Unspecified vulnerability in GNU Grub2
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems.
local
low complexity
gnu
7.8