Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-23 | CVE-2023-36273 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5 LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | 8.8 |
| 2023-06-23 | CVE-2023-36274 | Out-of-bounds Write vulnerability in GNU Libredwg LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | 8.8 |
| 2023-05-18 | CVE-2023-2789 | Unspecified vulnerability in GNU Cflow 1.7 A vulnerability was found in GNU cflow 1.7. | 7.5 |
| 2023-05-17 | CVE-2023-1972 | Out-of-bounds Write vulnerability in GNU Binutils A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. | 6.5 |
| 2023-05-17 | CVE-2023-2491 | Command Injection vulnerability in multiple products A flaw was found in the Emacs text editor. | 7.8 |
| 2023-04-15 | CVE-2021-34337 | Unspecified vulnerability in GNU Mailman An issue was discovered in Mailman Core before 3.3.5. | 6.3 |
| 2023-04-14 | CVE-2023-29491 | Out-of-bounds Write vulnerability in GNU Ncurses ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | 7.8 |
| 2023-04-08 | CVE-2023-24626 | Unspecified vulnerability in GNU Screen socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. | 6.5 |
| 2023-04-03 | CVE-2023-1579 | Out-of-bounds Write vulnerability in GNU Binutils 2.39 Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | 7.8 |
| 2023-03-19 | CVE-2023-28617 | OS Command Injection vulnerability in GNU ORG Mode org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. | 7.8 |