Vulnerabilities > GNU > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-19 | CVE-2022-3775 | When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. | 7.1 |
2022-12-14 | CVE-2022-2601 | A buffer overflow was found in grub_font_construct_glyph(). | 8.6 |
2022-11-30 | CVE-2022-45332 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4643 LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | 7.8 |
2022-11-28 | CVE-2022-45939 | OS Command Injection vulnerability in multiple products GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. | 7.8 |
2022-09-06 | CVE-2022-25308 | A stack-based buffer overflow flaw was found in the Fribidi package. | 7.8 |
2022-09-05 | CVE-2022-39831 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in PSPP 1.6.2. | 7.8 |
2022-09-05 | CVE-2022-39832 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in PSPP 1.6.2. | 7.8 |
2022-08-31 | CVE-2022-1271 | Improper Input Validation vulnerability in multiple products An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. | 8.8 |
2022-08-30 | CVE-2022-39028 | NULL Pointer Dereference vulnerability in multiple products telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. | 7.5 |
2022-08-24 | CVE-2021-3998 | A flaw was found in glibc. | 7.5 |