Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-31 CVE-2022-39046 Information Exposure Through Log Files vulnerability in multiple products
An issue was discovered in the GNU C Library (glibc) 2.36.
network
low complexity
gnu netapp CWE-532
5.3
5.3
2022-08-26 CVE-2022-38533 Out-of-bounds Write vulnerability in multiple products
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
local
low complexity
gnu fedoraproject CWE-787
5.5
5.5
2022-08-24 CVE-2021-4209 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in GnuTLS.
network
low complexity
gnu redhat netapp CWE-476
6.5
6.5
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5
4.5
2022-07-06 CVE-2021-3696 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader.
local
high complexity
gnu redhat netapp CWE-787
4.5
4.5
2022-03-26 CVE-2022-27943 Uncontrolled Recursion vulnerability in multiple products
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
local
low complexity
gnu fedoraproject CWE-674
5.5
5.5
2022-03-16 CVE-2021-46705 Insecure Temporary File vulnerability in GNU Grub2
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files.
local
low complexity
gnu CWE-377
4.4
4.4
2022-01-14 CVE-2021-46019 NULL Pointer Dereference vulnerability in multiple products
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-476
5.5
5.5
2022-01-14 CVE-2021-46021 Use After Free vulnerability in multiple products
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-416
5.5
5.5
2022-01-14 CVE-2021-46022 Use After Free vulnerability in multiple products
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
local
low complexity
gnu fedoraproject CWE-416
5.5
5.5