Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-20 | CVE-2025-43919 | Path Traversal vulnerability in GNU Mailman GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. | 7.5 |
| 2025-04-20 | CVE-2025-43920 | OS Command Injection vulnerability in GNU Mailman GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. | 8.1 |
| 2025-03-03 | CVE-2024-45782 | A flaw was found in the HFS filesystem. | 7.8 |
| 2025-03-03 | CVE-2025-0678 | A flaw was found in grub2. | 7.8 |
| 2025-02-11 | CVE-2025-1179 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.43 A vulnerability was found in GNU Binutils 2.43. | 7.5 |
| 2025-01-29 | CVE-2025-0840 | Stack-based Buffer Overflow vulnerability in GNU Binutils A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. | 7.5 |
| 2024-01-31 | CVE-2023-6246 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. | 7.8 |
| 2024-01-31 | CVE-2023-6779 | Out-of-bounds Write vulnerability in multiple products An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. | 7.5 |
| 2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in multiple products A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |
| 2024-01-16 | CVE-2024-0553 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found in GnuTLS. | 7.5 |