Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-23 | CVE-2022-33033 | Double Free vulnerability in GNU Libredwg 0.12.4.4608 LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. | 7.8 |
| 2022-06-23 | CVE-2022-33034 | Out-of-bounds Write vulnerability in GNU Libredwg 0.12.4.4608 LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. | 7.8 |
| 2022-05-23 | CVE-2021-42585 | Out-of-bounds Write vulnerability in GNU Libredwg A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | 8.8 |
| 2022-05-23 | CVE-2021-42586 | Out-of-bounds Write vulnerability in GNU Libredwg A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file. | 8.8 |
| 2022-04-18 | CVE-2022-29458 | Out-of-bounds Read vulnerability in multiple products ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. | 7.1 |
| 2021-12-15 | CVE-2021-45078 | Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. | 7.8 |
| 2021-12-02 | CVE-2021-28236 | NULL Pointer Dereference vulnerability in GNU Libredwg 0.12.3 LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c. | 7.5 |
| 2021-12-02 | CVE-2021-44227 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. | 8.8 |
| 2021-11-18 | CVE-2021-37322 | Use After Free vulnerability in GNU Binutils GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | 7.8 |
| 2021-11-07 | CVE-2021-43411 | Race Condition vulnerability in GNU Hurd An issue was discovered in GNU Hurd before 0.9 20210404-9. | 7.5 |