Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-17 CVE-2019-13636 Link Following vulnerability in GNU Patch
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files.
network
high complexity
gnu CWE-59
5.9
5.9
2019-07-15 CVE-2019-1010025 Use of Insufficiently Random Values vulnerability in GNU Glibc
GNU Libc current is affected by: Mitigation bypass.
network
low complexity
gnu CWE-330
5.3
5.3
2019-07-15 CVE-2019-1010024 Information Exposure vulnerability in GNU Glibc
GNU Libc current is affected by: Mitigation bypass.
network
low complexity
gnu CWE-200
5.3
5.3
2019-06-26 CVE-2019-12972 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
local
low complexity
gnu opensuse canonical CWE-125
5.5
5.5
2019-05-01 CVE-2019-11638 NULL Pointer Dereference vulnerability in GNU Recutils 1.8
An issue was discovered in GNU recutils 1.8.
network
low complexity
gnu CWE-476
6.5
6.5
2019-05-01 CVE-2019-11637 NULL Pointer Dereference vulnerability in GNU Recutils 1.8
An issue was discovered in GNU recutils 1.8.
network
low complexity
gnu CWE-476
6.5
6.5
2019-04-10 CVE-2006-7254 Data Processing Errors vulnerability in GNU Glibc
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
local
low complexity
gnu CWE-19
5.5
5.5
2019-02-27 CVE-2019-9211 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
network
low complexity
gnu fedoraproject suse CWE-617
6.5
6.5
2019-02-24 CVE-2019-9076 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
local
low complexity
gnu netapp CWE-770
5.5
5.5
2019-02-24 CVE-2019-9074 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
local
low complexity
gnu netapp canonical CWE-125
5.5
5.5