Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-15767 | Out-of-bounds Write vulnerability in GNU Chess 6.2.5 In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file. | 7.8 |
| 2019-08-16 | CVE-2018-20969 | OS Command Injection vulnerability in GNU Patch do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. | 7.8 |
| 2019-08-14 | CVE-2014-10375 | Numeric Errors vulnerability in GNU Exosip 3.5.0/4.0.0/4.1.0 handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header. | 7.5 |
| 2019-07-26 | CVE-2019-13638 | OS Command Injection vulnerability in multiple products GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. | 7.8 |
| 2019-07-24 | CVE-2019-1010180 | Out-of-bounds Read vulnerability in multiple products GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. | 7.8 |
| 2019-07-15 | CVE-2019-1010023 | Unspecified vulnerability in GNU Glibc GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. | 8.8 |
| 2019-06-18 | CVE-2012-6711 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. | 7.8 |
| 2019-05-22 | CVE-2018-12886 | Information Exposure Through an Error Message vulnerability in GNU GCC stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against. | 8.1 |
| 2019-05-01 | CVE-2019-11640 | Out-of-bounds Write vulnerability in GNU Recutils 1.8 An issue was discovered in GNU recutils 1.8. | 8.8 |
| 2019-05-01 | CVE-2019-11639 | Out-of-bounds Write vulnerability in GNU Recutils 1.8 An issue was discovered in GNU recutils 1.8. | 8.8 |