Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-08 CVE-2023-24626 Unspecified vulnerability in GNU Screen
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.
local
low complexity
gnu
6.5
6.5
2023-02-28 CVE-2023-27371 Out-of-bounds Read vulnerability in GNU Libmicrohttpd
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method.
network
high complexity
gnu CWE-125
5.9
5.9
2023-01-30 CVE-2022-48303 Out-of-bounds Read vulnerability in multiple products
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump.
local
low complexity
gnu fedoraproject CWE-125
5.5
5.5
2023-01-27 CVE-2022-4285 An illegal memory access flaw was found in the binutils package.
local
low complexity
gnu fedoraproject redhat
5.5
5.5
2022-10-11 CVE-2022-41550 Integer Overflow or Wraparound vulnerability in GNU Osip 5.3.0
GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header.
network
low complexity
gnu CWE-190
6.5
6.5
2022-09-06 CVE-2022-25309 A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file.
local
low complexity
gnu redhat
5.5
5.5
2022-09-06 CVE-2022-25310 NULL Pointer Dereference vulnerability in multiple products
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file.
local
low complexity
gnu redhat CWE-476
5.5
5.5
2022-09-01 CVE-2021-3826 Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
network
low complexity
gnu fedoraproject
6.5
6.5
2022-08-31 CVE-2022-39046 Information Exposure Through Log Files vulnerability in multiple products
An issue was discovered in the GNU C Library (glibc) 2.36.
network
low complexity
gnu netapp CWE-532
5.3
5.3
2022-08-26 CVE-2022-38533 Out-of-bounds Write vulnerability in multiple products
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
local
low complexity
gnu fedoraproject CWE-787
5.5
5.5