Vulnerabilities > GNU > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-16 CVE-2019-20909 NULL Pointer Dereference vulnerability in GNU Libredwg
An issue was discovered in GNU LibreDWG through 0.9.3.
network
low complexity
gnu CWE-476
7.5
2020-06-18 CVE-2017-9108 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu opensuse fedoraproject CWE-119
7.5
2020-06-18 CVE-2017-9107 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu fedoraproject CWE-119
7.5
2020-06-18 CVE-2017-9106 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu fedoraproject CWE-119
7.5
2020-06-18 CVE-2017-9105 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu fedoraproject CWE-476
8.8
2020-06-04 CVE-2020-13777 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3).
network
high complexity
gnu fedoraproject canonical debian CWE-327
7.4
2020-04-30 CVE-2020-1752 A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out.
local
high complexity
gnu canonical netapp debian
7.0
2020-04-17 CVE-2020-1751 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC.
local
high complexity
gnu redhat canonical CWE-787
7.0
2020-04-03 CVE-2020-11501 Use of Insufficiently Random Values vulnerability in multiple products
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS.
network
high complexity
gnu debian opensuse canonical fedoraproject CWE-330
7.4
2020-04-01 CVE-2020-6096 An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000.
network
high complexity
gnu fedoraproject debian
8.1