Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2023-07-20 CVE-2022-28736 Use After Free vulnerability in GNU Grub2
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2.
local
low complexity
gnu CWE-416
7.8
2023-07-18 CVE-2021-32256 Out-of-bounds Write vulnerability in GNU Binutils 2.36
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36.
network
low complexity
gnu CWE-787
6.5
2023-06-25 CVE-2015-20109 Classic Buffer Overflow vulnerability in GNU Glibc
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern.
local
low complexity
gnu CWE-120
5.5
2023-06-23 CVE-2023-36271 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
network
low complexity
gnu CWE-787
8.8
2023-06-23 CVE-2023-36272 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
network
low complexity
gnu CWE-787
8.8
2023-06-23 CVE-2023-36273 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
network
low complexity
gnu CWE-787
8.8
2023-06-23 CVE-2023-36274 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
network
low complexity
gnu CWE-787
8.8
2023-05-18 CVE-2023-2789 Unspecified vulnerability in GNU Cflow 1.7
A vulnerability was found in GNU cflow 1.7.
network
low complexity
gnu
7.5
2023-05-17 CVE-2023-1972 Out-of-bounds Write vulnerability in GNU Binutils
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c.
network
low complexity
gnu CWE-787
6.5
2023-05-17 CVE-2023-2491 Command Injection vulnerability in multiple products
A flaw was found in the Emacs text editor.
local
low complexity
gnu redhat CWE-77
7.8