Vulnerabilities > GNU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-5981 | Information Exposure Through Discrepancy vulnerability in multiple products A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | 5.9 |
| 2023-11-10 | CVE-2023-4949 | Out-of-bounds Write vulnerability in multiple products An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation. | 6.7 |
| 2023-10-25 | CVE-2023-4693 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. | 4.6 |
| 2023-09-18 | CVE-2023-4527 | Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. | 6.5 |
| 2023-09-18 | CVE-2023-4806 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
| 2023-09-14 | CVE-2023-25585 | Use of Uninitialized Resource vulnerability in GNU Binutils 2.40 A flaw was found in Binutils. | 5.5 |
| 2023-09-14 | CVE-2023-25586 | Use of Uninitialized Resource vulnerability in GNU Binutils 2.40 A flaw was found in Binutils. | 5.5 |
| 2023-09-14 | CVE-2023-25588 | Use of Uninitialized Resource vulnerability in GNU Binutils 2.40 A flaw was found in Binutils. | 5.5 |
| 2023-09-13 | CVE-2023-4039 | Unspecified vulnerability in GNU GCC **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. | 4.8 |
| 2023-09-12 | CVE-2023-4813 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |