| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-29458 |
125 |
|
|
2022-04-18 |
2022-04-27 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. |
|
2 |
CVE-2022-27943 |
400 |
|
|
2022-03-26 |
2022-03-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. |
|
3 |
CVE-2021-46195 |
674 |
|
DoS |
2022-01-14 |
2022-01-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. |
|
4 |
CVE-2021-46022 |
416 |
|
|
2022-01-14 |
2022-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. |
|
5 |
CVE-2021-46021 |
416 |
|
|
2022-01-14 |
2022-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. |
|
6 |
CVE-2021-46019 |
476 |
|
|
2022-01-14 |
2022-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. |
|
7 |
CVE-2021-45950 |
787 |
|
|
2022-01-01 |
2022-01-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object). |
|
8 |
CVE-2021-45261 |
763 |
|
DoS |
2021-12-22 |
2021-12-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service. |
|
9 |
CVE-2021-43396 |
|
|
|
2021-11-04 |
2021-11-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug." |
|
10 |
CVE-2021-43332 |
307 |
|
CSRF |
2021-11-12 |
2021-11-16 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack. |
|
11 |
CVE-2021-43331 |
79 |
|
XSS |
2021-11-12 |
2021-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. |
|
12 |
CVE-2021-42096 |
307 |
|
+Priv CSRF |
2021-10-21 |
2021-11-05 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. |
|
13 |
CVE-2021-40491 |
345 |
|
|
2021-09-03 |
2021-09-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. |
|
14 |
CVE-2021-39523 |
476 |
|
DoS |
2021-09-20 |
2021-09-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service. |
|
15 |
CVE-2021-39521 |
476 |
|
DoS |
2021-09-20 |
2021-09-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service. |
|
16 |
CVE-2021-38604 |
476 |
|
|
2021-08-12 |
2021-10-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix. |
|
17 |
CVE-2021-31879 |
601 |
|
|
2021-04-29 |
2022-05-13 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. |
|
18 |
CVE-2021-28968 |
79 |
|
XSS |
2021-03-22 |
2021-03-24 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message. |
|
19 |
CVE-2021-28236 |
476 |
|
|
2021-12-02 |
2021-12-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c. |
|
20 |
CVE-2021-27645 |
415 |
|
DoS |
2021-02-24 |
2021-07-06 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c. |
|
21 |
CVE-2021-20284 |
119 |
|
Overflow |
2021-03-26 |
2021-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. |
|
22 |
CVE-2021-20197 |
59 |
|
|
2021-03-26 |
2021-05-28 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. |
|
23 |
CVE-2021-20193 |
125 |
|
|
2021-03-26 |
2021-06-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability. |
|
24 |
CVE-2021-3981 |
276 |
|
|
2022-03-10 |
2022-03-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released. |
|
25 |
CVE-2021-3549 |
119 |
|
Overflow Mem. Corr. |
2021-05-26 |
2021-06-04 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. |
|
26 |
CVE-2021-3530 |
674 |
|
|
2021-06-02 |
2021-09-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. |
|
27 |
CVE-2021-3418 |
281 |
|
|
2021-03-15 |
2021-03-22 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction of CVE-2020-15705 and only affects grub2 versions prior to 2.06 and upstream and distributions using the shim_lock mechanism. |
|
28 |
CVE-2021-3326 |
617 |
|
DoS |
2021-01-27 |
2022-04-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. |
|
29 |
CVE-2020-35507 |
476 |
|
|
2021-01-04 |
2021-07-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. |
|
30 |
CVE-2020-35496 |
476 |
|
|
2021-01-04 |
2021-07-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. |
|
31 |
CVE-2020-35495 |
476 |
|
|
2021-01-04 |
2021-07-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34. |
|
32 |
CVE-2020-35494 |
908 |
|
|
2021-01-04 |
2021-07-10 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34. |
|
33 |
CVE-2020-35493 |
20 |
|
Overflow |
2021-01-04 |
2021-07-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34. |
|
34 |
CVE-2020-35448 |
125 |
|
|
2020-12-27 |
2022-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c. |
|
35 |
CVE-2020-29573 |
787 |
|
Overflow |
2020-12-06 |
2021-01-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference. |
|
36 |
CVE-2020-29562 |
617 |
|
DoS |
2020-12-04 |
2021-03-19 |
2.1 |
None |
Remote |
High |
??? |
None |
None |
Partial |
|
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. |
|
37 |
CVE-2020-27618 |
835 |
|
DoS |
2021-02-26 |
2022-05-12 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. |
|
38 |
CVE-2020-24659 |
787 |
|
|
2020-09-04 |
2020-10-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure. |
|
39 |
CVE-2020-23861 |
787 |
|
DoS Overflow |
2021-05-18 |
2021-05-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. |
|
40 |
CVE-2020-23856 |
416 |
|
DoS |
2021-05-18 |
2022-01-01 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee. |
|
41 |
CVE-2020-21839 |
404 |
|
|
2021-05-17 |
2021-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. |
|
42 |
CVE-2020-21835 |
476 |
|
|
2021-05-17 |
2021-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. |
|
43 |
CVE-2020-21834 |
787 |
|
|
2021-05-17 |
2021-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164. |
|
44 |
CVE-2020-21817 |
476 |
|
DoS |
2021-05-17 |
2021-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash). |
|
45 |
CVE-2020-21815 |
476 |
|
DoS |
2021-05-17 |
2021-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash). |
|
46 |
CVE-2020-18395 |
476 |
|
DoS |
2021-05-28 |
2021-06-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs. |
|
47 |
CVE-2020-16599 |
476 |
|
DoS |
2020-12-09 |
2022-03-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. |
|
48 |
CVE-2020-16593 |
476 |
|
DoS |
2020-12-09 |
2021-04-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. |
|
49 |
CVE-2020-16592 |
416 |
|
DoS |
2020-12-09 |
2021-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. |
|
50 |
CVE-2020-16591 |
125 |
|
DoS |
2020-12-09 |
2022-03-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. |
