Vulnerabilities > GNU > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-12 CVE-2021-20232 Use After Free vulnerability in multiple products
A flaw was found in gnutls.
network
low complexity
gnu redhat fedoraproject CWE-416
critical
 9.8
9.8
2021-02-09 CVE-2021-26937 Argument Injection or Modification vulnerability in multiple products
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
network
low complexity
gnu debian fedoraproject CWE-88
critical
 9.8
9.8
2020-06-18 CVE-2017-9103 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu opensuse fedoraproject CWE-119
critical
 9.8
9.8
2020-06-18 CVE-2017-9104 Resource Exhaustion vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu opensuse fedoraproject CWE-400
critical
 9.8
9.8
2020-06-18 CVE-2017-9109 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu opensuse fedoraproject CWE-119
critical
 9.8
9.8
2019-10-21 CVE-2019-18224 Out-of-bounds Write vulnerability in GNU Libidn2
idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
network
low complexity
gnu CWE-787
critical
 9.8
9.8
2019-08-16 CVE-2018-20969 OS Command Injection vulnerability in GNU Patch
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character.
network
gnu CWE-78
critical
 9.3
9.3
2019-07-15 CVE-2019-1010022 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc
GNU Libc current is affected by: Mitigation bypass.
network
low complexity
gnu CWE-119
critical
 9.8
9.8
2019-02-26 CVE-2019-9169 Out-of-bounds Read vulnerability in multiple products
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
network
low complexity
gnu netapp mcafee canonical CWE-125
critical
 9.8
9.8
2018-05-18 CVE-2017-18269 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation.
network
low complexity
gnu CWE-119
critical
 9.8
9.8