Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-03-04 CVE-2020-10029 Out-of-bounds Write vulnerability in multiple products
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets.
5.5
2020-01-08 CVE-2020-6615 NULL Pointer Dereference vulnerability in multiple products
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
network
low complexity
gnu opensuse CWE-476
6.5
2020-01-08 CVE-2020-6611 NULL Pointer Dereference vulnerability in multiple products
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
network
low complexity
gnu opensuse CWE-476
6.5
2020-01-08 CVE-2020-6610 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
network
low complexity
gnu opensuse CWE-770
6.5
2019-12-27 CVE-2019-20015 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG 0.92.
network
low complexity
gnu opensuse CWE-770
6.5
2019-12-27 CVE-2019-20013 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG before 0.93.
network
low complexity
gnu opensuse CWE-770
6.5
2019-12-27 CVE-2019-20012 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG 0.92.
network
low complexity
gnu opensuse CWE-770
6.5
2019-12-27 CVE-2019-20009 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in GNU LibreDWG before 0.93.
network
low complexity
gnu opensuse CWE-770
6.5
2019-12-20 CVE-2015-8313 Information Exposure Through Discrepancy vulnerability in multiple products
GnuTLS incorrectly validates the first byte of padding in CBC modes
network
high complexity
gnu debian CWE-203
5.9
2019-11-29 CVE-2019-14865 Unspecified vulnerability in GNU Grub2
A flaw was found in the grub2-set-bootflag utility of grub2.
local
low complexity
gnu
5.5