Vulnerabilities > GNU > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-14 | CVE-2019-9774 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. | 9.1 |
| 2019-02-26 | CVE-2019-9169 | Out-of-bounds Read vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | 9.8 |
| 2018-10-29 | CVE-2018-18751 | Double Free vulnerability in multiple products An issue was discovered in GNU gettext 0.19.8. | 9.8 |
| 2018-06-23 | CVE-2018-12699 | Out-of-bounds Write vulnerability in multiple products finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. | 9.8 |
| 2018-05-18 | CVE-2018-11236 | Integer Overflow or Wraparound vulnerability in multiple products stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. | 9.8 |
| 2018-05-18 | CVE-2017-18269 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. | 9.8 |
| 2018-03-07 | CVE-2014-5044 | Integer Overflow or Wraparound vulnerability in GNU Libgfortran Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service (Fortran application crash) via vectors related to array allocation. | 9.8 |
| 2018-02-26 | CVE-2017-18201 | Double Free vulnerability in GNU Libcdio An issue was discovered in GNU libcdio before 2.0.0. | 9.8 |
| 2018-02-02 | CVE-2018-6551 | Integer Overflow or Wraparound vulnerability in GNU Glibc 2.24/2.25/2.26 The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption. | 9.8 |
| 2018-02-01 | CVE-2018-6485 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. | 9.8 |