Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-30 | CVE-2020-1752 | A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. | 7.0 |
| 2020-04-17 | CVE-2020-1751 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. | 7.0 |
| 2020-04-03 | CVE-2020-11501 | Use of Insufficiently Random Values vulnerability in multiple products GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. | 7.4 |
| 2020-04-01 | CVE-2020-6096 | An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. | 8.1 |
| 2020-01-27 | CVE-2015-0294 | Improper Certificate Validation vulnerability in multiple products GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. | 7.5 |
| 2020-01-24 | CVE-2015-4041 | Out-of-bounds Write vulnerability in GNU Coreutils 8.23 The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings. | 7.8 |
| 2020-01-24 | CVE-2019-3697 | UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. | 7.8 |
| 2020-01-08 | CVE-2020-6614 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. | 8.1 |
| 2020-01-08 | CVE-2020-6613 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | 8.1 |
| 2020-01-08 | CVE-2020-6612 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | 8.1 |