Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-0911 Out-of-bounds Write vulnerability in GNU Indent 2.2.13
A flaw was found in indent, a program for formatting C code.
local
low complexity
gnu CWE-787
5.5
2024-02-06 CVE-2024-0684 Out-of-bounds Write vulnerability in GNU Coreutils 9.2/9.3/9.4
A flaw was found in the GNU coreutils "split" program.
local
low complexity
gnu CWE-787
5.5
2024-01-31 CVE-2023-6780 An integer overflow was found in the __vsyslog_internal function of the glibc library.
network
low complexity
gnu fedoraproject
5.3
2024-01-15 CVE-2023-4001 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature.
low complexity
gnu redhat fedoraproject CWE-290
6.8
2023-11-28 CVE-2023-5981 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
network
high complexity
gnu redhat fedoraproject CWE-203
5.9
2023-11-10 CVE-2023-4949 Out-of-bounds Write vulnerability in multiple products
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
local
low complexity
gnu xen CWE-787
6.7
2023-10-25 CVE-2023-4693 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver.
low complexity
gnu redhat CWE-125
4.6
2023-09-18 CVE-2023-4527 Out-of-bounds Read vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-125
6.5
2023-09-18 CVE-2023-4806 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject CWE-416
5.9
2023-09-14 CVE-2023-25585 Use of Uninitialized Resource vulnerability in GNU Binutils 2.40
A flaw was found in Binutils.
local
low complexity
gnu CWE-908
5.5