Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-01 | CVE-2023-25222 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.5 A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. | 8.8 |
| 2023-02-20 | CVE-2022-48338 | Command Injection vulnerability in GNU Emacs An issue was discovered in GNU Emacs through 28.2. | 7.3 |
| 2023-02-20 | CVE-2022-48339 | Improper Encoding or Escaping of Output vulnerability in GNU Emacs An issue was discovered in GNU Emacs through 28.2. | 7.8 |
| 2023-02-15 | CVE-2023-0361 | Information Exposure Through Discrepancy vulnerability in multiple products A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. | 7.4 |
| 2023-02-07 | CVE-2022-46663 | In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | 7.5 |
| 2023-01-05 | CVE-2022-3715 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. | 7.8 |
| 2022-12-19 | CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. | 7.1 |
| 2022-12-14 | CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |
| 2022-11-30 | CVE-2022-45332 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4643 LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | 7.8 |
| 2022-11-28 | CVE-2022-45939 | OS Command Injection vulnerability in multiple products GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. | 7.8 |