Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-08 | CVE-2020-6609 | Out-of-bounds Read vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | 8.8 |
| 2020-01-07 | CVE-2019-14866 | In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. | 7.3 |
| 2019-12-27 | CVE-2019-20014 | Double Free vulnerability in multiple products An issue was discovered in GNU LibreDWG before 0.93. | 8.8 |
| 2019-12-27 | CVE-2019-20011 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. | 8.8 |
| 2019-12-27 | CVE-2019-20010 | Use After Free vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. | 8.8 |
| 2019-11-28 | CVE-2019-18276 | Improper Check for Dropped Privileges vulnerability in multiple products An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. | 7.8 |
| 2019-11-25 | CVE-2015-1396 | Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. | 7.5 |
| 2019-11-20 | CVE-2019-16200 | Incorrect Conversion between Numeric Types vulnerability in GNU Serveez 0.2.2 GNU Serveez through 0.2.2 has an Information Leak. | 7.5 |
| 2019-11-13 | CVE-2019-18397 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. | 7.8 |
| 2019-11-11 | CVE-2019-18862 | Unspecified vulnerability in GNU Mailutils 0.5/0.6 maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. | 7.8 |