Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-17 | CVE-2023-1972 | Out-of-bounds Write vulnerability in GNU Binutils A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. | 6.5 |
| 2023-05-17 | CVE-2023-2491 | Command Injection vulnerability in multiple products A flaw was found in the Emacs text editor. | 7.8 |
| 2023-04-15 | CVE-2021-34337 | Unspecified vulnerability in GNU Mailman An issue was discovered in Mailman Core before 3.3.5. | 6.3 |
| 2023-04-14 | CVE-2023-29491 | Out-of-bounds Write vulnerability in GNU Ncurses ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | 7.8 |
| 2023-04-08 | CVE-2023-24626 | Unspecified vulnerability in GNU Screen socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. | 6.5 |
| 2023-04-03 | CVE-2023-1579 | Out-of-bounds Write vulnerability in GNU Binutils 2.39 Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | 7.8 |
| 2023-03-19 | CVE-2023-28617 | OS Command Injection vulnerability in GNU ORG Mode org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. | 7.8 |
| 2023-03-09 | CVE-2023-27985 | OS Command Injection vulnerability in GNU Emacs 28.1/28.2 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. | 7.8 |
| 2023-03-09 | CVE-2023-27986 | Code Injection vulnerability in GNU Emacs 28.1/28.2 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. | 7.8 |
| 2023-03-01 | CVE-2023-25222 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5 A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. | 8.8 |