Vulnerabilities > GNU > High

DATE CVE VULNERABILITY TITLE RISK
2022-12-19 CVE-2022-3775 When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size.
local
low complexity
gnu redhat
7.1
2022-12-14 CVE-2022-2601 A buffer overflow was found in grub_font_construct_glyph().
local
low complexity
gnu redhat fedoraproject
8.6
2022-11-30 CVE-2022-45332 Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4643
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
local
low complexity
gnu CWE-787
7.8
2022-11-28 CVE-2022-45939 OS Command Injection vulnerability in multiple products
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program.
local
low complexity
gnu debian fedoraproject CWE-78
7.8
2022-09-06 CVE-2022-25308 A stack-based buffer overflow flaw was found in the Fribidi package.
local
low complexity
gnu redhat
7.8
2022-09-05 CVE-2022-39831 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in PSPP 1.6.2.
local
low complexity
gnu fedoraproject CWE-787
7.8
2022-09-05 CVE-2022-39832 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in PSPP 1.6.2.
local
low complexity
gnu fedoraproject CWE-787
7.8
2022-08-31 CVE-2022-1271 Improper Input Validation vulnerability in multiple products
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility.
network
low complexity
gnu redhat debian tukaani CWE-20
8.8
2022-08-30 CVE-2022-39028 NULL Pointer Dereference vulnerability in multiple products
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8.
network
low complexity
gnu mit debian netkit-telnet-project CWE-476
7.5
2022-08-24 CVE-2021-3998 A flaw was found in glibc.
network
low complexity
gnu netapp
7.5