Vulnerabilities > GNU > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-06 | CVE-2024-1048 | Incomplete Cleanup vulnerability in multiple products A flaw was found in the grub2-set-bootflag utility of grub2. | 3.3 |
2022-03-10 | CVE-2021-3981 | Incorrect Default Permissions vulnerability in multiple products A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. | 3.3 |
2021-04-26 | CVE-2021-27851 | Link Following vulnerability in GNU Guix A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. | 2.1 |
2021-03-22 | CVE-2021-28968 | Cross-site Scripting vulnerability in GNU Punbb An issue was discovered in PunBB before 1.4.6. | 3.5 |
2021-02-24 | CVE-2021-27645 | Double Free vulnerability in multiple products The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. | 2.5 |
2020-12-27 | CVE-2020-35448 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. | 3.3 |
2020-06-24 | CVE-2020-15011 | Injection vulnerability in multiple products GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. | 2.6 |
2019-11-19 | CVE-2019-19126 | Improper Initialization vulnerability in multiple products On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. | 3.3 |
2019-04-10 | CVE-2006-7254 | Data Processing Errors vulnerability in GNU Glibc The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. | 2.1 |
2019-02-03 | CVE-2019-7309 | Unspecified vulnerability in GNU Glibc In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled. | 2.1 |