Vulnerabilities > GNU > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2021-39525 Out-of-bounds Write vulnerability in GNU Libredwg
An issue was discovered in libredwg through v0.10.1.3751.
network
low complexity
gnu CWE-787
8.8
8.8
2021-09-20 CVE-2021-39527 Out-of-bounds Write vulnerability in GNU Libredwg
An issue was discovered in libredwg through v0.10.1.3751.
network
low complexity
gnu CWE-787
8.8
8.8
2021-09-20 CVE-2021-39528 Double Free vulnerability in GNU Libredwg
An issue was discovered in libredwg through v0.10.1.3751.
network
low complexity
gnu CWE-415
8.8
8.8
2021-09-20 CVE-2021-39530 Out-of-bounds Write vulnerability in GNU Libredwg
An issue was discovered in libredwg through v0.10.1.3751.
network
low complexity
gnu CWE-787
8.8
8.8
2021-09-20 CVE-2021-39537 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in ncurses through v6.2-1.
network
low complexity
gnu apple CWE-787
8.8
8.8
2021-08-12 CVE-2021-38604 NULL Pointer Dereference vulnerability in multiple products
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference.
network
low complexity
gnu fedoraproject oracle CWE-476
7.5
7.5
2021-08-08 CVE-2021-38185 Integer Overflow or Wraparound vulnerability in GNU Cpio
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write.
local
low complexity
gnu CWE-190
7.8
7.8
2021-07-20 CVE-2019-25051 Out-of-bounds Write vulnerability in multiple products
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
local
low complexity
gnu debian fedoraproject CWE-787
7.8
7.8
2021-07-01 CVE-2021-36080 Double Free vulnerability in GNU Libredwg
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
network
low complexity
gnu CWE-415
8.8
8.8
2021-06-02 CVE-2021-3530 Uncontrolled Recursion vulnerability in multiple products
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36.
network
low complexity
gnu netapp CWE-674
7.5
7.5