CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

GNU : Security Vulnerabilities (CVSS score between 2 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-46022 416 2022-01-14 2022-01-20
4.3
None Remote Medium Not required None None Partial
An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
2 CVE-2021-46021 416 2022-01-14 2022-01-20
4.3
None Remote Medium Not required None None Partial
An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.
3 CVE-2021-45950 787 2022-01-01 2022-01-11
4.3
None Remote Medium Not required None None Partial
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
4 CVE-2021-45261 763 DoS 2021-12-22 2021-12-28
4.3
None Remote Medium Not required None None Partial
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
5 CVE-2021-43396 2021-11-04 2021-11-17
5.0
None Remote Low Not required None Partial None
** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug."
6 CVE-2021-43332 307 CSRF 2021-11-12 2021-11-16
4.0
None Remote Low ??? Partial None None
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
7 CVE-2021-43331 79 XSS 2021-11-12 2021-11-16
4.3
None Remote Medium Not required None Partial None
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
8 CVE-2021-42096 307 +Priv CSRF 2021-10-21 2021-11-05
4.0
None Remote Low ??? Partial None None
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
9 CVE-2021-40491 345 2021-09-03 2021-09-10
4.3
None Remote Medium Not required Partial None None
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
10 CVE-2021-39523 476 DoS 2021-09-20 2021-09-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
11 CVE-2021-39521 476 DoS 2021-09-20 2021-09-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
12 CVE-2021-38604 476 2021-08-12 2021-10-07
5.0
None Remote Low Not required None None Partial
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
13 CVE-2021-31879 601 2021-04-29 2021-06-18
5.8
None Remote Medium Not required Partial Partial None
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
14 CVE-2021-28968 79 XSS 2021-03-22 2021-03-24
3.5
None Remote Medium ??? None Partial None
An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.
15 CVE-2021-28236 476 2021-12-02 2021-12-06
5.0
None Remote Low Not required None None Partial
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.
16 CVE-2021-20284 119 Overflow 2021-03-26 2021-05-21
4.3
None Remote Medium Not required None None Partial
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.
17 CVE-2021-20197 59 2021-03-26 2021-05-28
3.3
None Local Medium Not required Partial Partial None
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.
18 CVE-2021-20193 125 2021-03-26 2021-06-03
4.3
None Remote Medium Not required None None Partial
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
19 CVE-2021-3549 119 Overflow Mem. Corr. 2021-05-26 2021-06-04
5.8
None Remote Medium Not required None Partial Partial
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
20 CVE-2021-3530 674 2021-06-02 2021-09-14
5.0
None Remote Low Not required None None Partial
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
21 CVE-2021-3418 281 2021-03-15 2021-03-22
4.4
None Local Medium Not required Partial Partial Partial
If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction of CVE-2020-15705 and only affects grub2 versions prior to 2.06 and upstream and distributions using the shim_lock mechanism.
22 CVE-2021-3326 617 DoS 2021-01-27 2021-07-06
5.0
None Remote Low Not required None None Partial
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
23 CVE-2020-35507 476 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.
24 CVE-2020-35496 476 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
25 CVE-2020-35495 476 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
26 CVE-2020-35494 908 2021-01-04 2021-07-10
5.8
None Remote Medium Not required Partial None Partial
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.
27 CVE-2020-35493 20 Overflow 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.
28 CVE-2020-35448 787 2020-12-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.
29 CVE-2020-29573 787 Overflow 2020-12-06 2021-01-26
5.0
None Remote Low Not required None None Partial
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
30 CVE-2020-29562 617 DoS 2020-12-04 2021-03-19
2.1
None Remote High ??? None None Partial
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
31 CVE-2020-27618 835 DoS 2021-02-26 2021-07-06
2.1
None Local Low Not required None None Partial
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
32 CVE-2020-24659 787 2020-09-04 2020-10-26
5.0
None Remote Low Not required None None Partial
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.
33 CVE-2020-23861 787 DoS Overflow 2021-05-18 2021-05-24
4.3
None Remote Medium Not required None None Partial
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
34 CVE-2020-23856 416 DoS 2021-05-18 2022-01-01
2.1
None Local Low Not required None None Partial
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
35 CVE-2020-21839 404 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
36 CVE-2020-21835 476 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
37 CVE-2020-21834 787 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
38 CVE-2020-21817 476 DoS 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash).
39 CVE-2020-21815 476 DoS 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash).
40 CVE-2020-18395 476 DoS 2021-05-28 2021-06-01
5.0
None Remote Low Not required None None Partial
A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial of service (DOS) via segment faults caused by crafted inputs.
41 CVE-2020-16599 476 DoS 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
42 CVE-2020-16593 476 DoS 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.
43 CVE-2020-16592 416 DoS 2020-12-09 2021-01-15
4.3
None Remote Medium Not required None None Partial
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
44 CVE-2020-16591 125 DoS 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.
45 CVE-2020-16590 415 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
46 CVE-2020-15807 476 2020-07-17 2020-07-22
4.3
None Remote Medium Not required None None Partial
GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
47 CVE-2020-15707 362 Exec Code Overflow Bypass 2020-07-29 2021-09-13
4.4
None Local Medium Not required Partial Partial Partial
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
48 CVE-2020-15706 362 Exec Code Bypass 2020-07-29 2021-05-01
4.4
None Local Medium Not required Partial Partial Partial
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.
49 CVE-2020-15705 347 Bypass 2020-07-29 2021-09-21
4.4
None Local Medium Not required Partial Partial Partial
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
50 CVE-2020-15011 74 2020-06-24 2021-11-30
2.6
None Remote High Not required None Partial None
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
Total number of vulnerabilities : 543   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.