Vulnerabilities > GNU > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2020-23856 | Use After Free vulnerability in multiple products Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee. | 5.5 |
| 2021-05-17 | CVE-2020-21834 | NULL Pointer Dereference vulnerability in GNU Libredwg 0.10 A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164. | 6.5 |
| 2021-05-17 | CVE-2020-21835 | NULL Pointer Dereference vulnerability in GNU Libredwg 0.10 A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. | 6.5 |
| 2021-05-17 | CVE-2020-21839 | Memory Leak vulnerability in GNU Libredwg 0.10 An issue was discovered in GNU LibreDWG 0.10. | 6.5 |
| 2021-05-17 | CVE-2020-21815 | NULL Pointer Dereference vulnerability in GNU Libredwg 0.10.2641 A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash). | 6.5 |
| 2021-05-17 | CVE-2020-21817 | NULL Pointer Dereference vulnerability in GNU Libredwg 0.10.2641 A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. | 6.5 |
| 2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 6.1 |
| 2021-04-26 | CVE-2021-27851 | Link Following vulnerability in GNU Guix A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. | 5.5 |
| 2021-03-26 | CVE-2021-20284 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. | 5.5 |
| 2021-03-26 | CVE-2021-20197 | Link Following vulnerability in multiple products There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. | 6.3 |