Vulnerabilities > GNU > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-21 | CVE-2021-42097 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products GNU Mailman before 2.1.35 may allow remote Privilege Escalation. | 8.0 |
| 2021-09-20 | CVE-2021-39522 | Out-of-bounds Write vulnerability in GNU Libredwg An issue was discovered in libredwg through v0.10.1.3751. | 8.8 |
| 2021-09-20 | CVE-2021-39525 | Out-of-bounds Write vulnerability in GNU Libredwg An issue was discovered in libredwg through v0.10.1.3751. | 8.8 |
| 2021-09-20 | CVE-2021-39527 | Out-of-bounds Write vulnerability in GNU Libredwg An issue was discovered in libredwg through v0.10.1.3751. | 8.8 |
| 2021-09-20 | CVE-2021-39528 | Double Free vulnerability in GNU Libredwg An issue was discovered in libredwg through v0.10.1.3751. | 8.8 |
| 2021-09-20 | CVE-2021-39530 | Out-of-bounds Write vulnerability in GNU Libredwg An issue was discovered in libredwg through v0.10.1.3751. | 8.8 |
| 2021-09-20 | CVE-2021-39537 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in ncurses through v6.2-1. | 8.8 |
| 2021-08-12 | CVE-2021-38604 | NULL Pointer Dereference vulnerability in multiple products In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. | 7.5 |
| 2021-08-08 | CVE-2021-38185 | Integer Overflow or Wraparound vulnerability in GNU Cpio GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. | 7.8 |
| 2021-07-20 | CVE-2019-25051 | Out-of-bounds Write vulnerability in multiple products objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). | 7.8 |