CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

GNU : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-43332 307 CSRF 2021-11-12 2021-11-16
4.0
None Remote Low ??? Partial None None
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
2 CVE-2021-43331 79 XSS 2021-11-12 2021-11-16
4.3
None Remote Medium Not required None Partial None
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
3 CVE-2021-42096 307 +Priv CSRF 2021-10-21 2021-11-05
4.0
None Remote Low ??? Partial None None
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
4 CVE-2021-40491 345 2021-09-03 2021-09-10
4.3
None Remote Medium Not required Partial None None
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.
5 CVE-2021-39523 476 DoS 2021-09-20 2021-09-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
6 CVE-2021-39521 476 DoS 2021-09-20 2021-09-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
7 CVE-2021-20284 119 Overflow 2021-03-26 2021-05-21
4.3
None Remote Medium Not required None None Partial
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.
8 CVE-2021-20193 125 2021-03-26 2021-06-03
4.3
None Remote Medium Not required None None Partial
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
9 CVE-2021-3418 281 2021-03-15 2021-03-22
4.4
None Local Medium Not required Partial Partial Partial
If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction of CVE-2020-15705 and only affects grub2 versions prior to 2.06 and upstream and distributions using the shim_lock mechanism.
10 CVE-2020-35507 476 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.
11 CVE-2020-35496 476 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
12 CVE-2020-35495 476 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
13 CVE-2020-35493 20 Overflow 2021-01-04 2021-07-10
4.3
None Remote Medium Not required None None Partial
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.
14 CVE-2020-35448 787 2020-12-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.
15 CVE-2020-23861 787 DoS Overflow 2021-05-18 2021-05-24
4.3
None Remote Medium Not required None None Partial
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
16 CVE-2020-21839 404 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
17 CVE-2020-21835 476 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
18 CVE-2020-21834 787 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164.
19 CVE-2020-21817 476 DoS 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash).
20 CVE-2020-21815 476 DoS 2021-05-17 2021-05-21
4.3
None Remote Medium Not required None None Partial
A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash).
21 CVE-2020-16599 476 DoS 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
22 CVE-2020-16593 476 DoS 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.
23 CVE-2020-16592 416 DoS 2020-12-09 2021-01-15
4.3
None Remote Medium Not required None None Partial
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
24 CVE-2020-16591 125 DoS 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.
25 CVE-2020-16590 415 2020-12-09 2021-04-16
4.3
None Remote Medium Not required None None Partial
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
26 CVE-2020-15807 476 2020-07-17 2020-07-22
4.3
None Remote Medium Not required None None Partial
GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted input files.
27 CVE-2020-15707 362 Exec Code Overflow Bypass 2020-07-29 2021-09-13
4.4
None Local Medium Not required Partial Partial Partial
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
28 CVE-2020-15706 362 Exec Code Bypass 2020-07-29 2021-05-01
4.4
None Local Medium Not required Partial Partial Partial
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.
29 CVE-2020-15705 347 Bypass 2020-07-29 2021-09-21
4.4
None Local Medium Not required Partial Partial Partial
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
30 CVE-2020-14309 190 Overflow 2020-07-30 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.
31 CVE-2020-14308 190 Overflow 2020-07-29 2021-09-21
4.4
None Local Medium Not required Partial Partial Partial
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.
32 CVE-2020-12137 79 Exec Code XSS 2020-04-24 2020-10-27
4.3
None Remote Medium Not required None Partial None
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code.
33 CVE-2020-12108 74 2020-05-06 2021-10-23
4.3
None Remote Medium Not required None Partial None
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
34 CVE-2020-10713 120 Exec Code Overflow Bypass 2020-07-30 2021-05-01
4.6
None Local Low Not required Partial Partial Partial
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
35 CVE-2020-6615 476 2020-01-08 2020-01-23
4.3
None Remote Medium Not required None None Partial
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl).
36 CVE-2020-6611 476 2020-01-08 2020-01-23
4.3
None Remote Medium Not required None None Partial
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.
37 CVE-2020-6610 400 2020-01-08 2021-07-21
4.3
None Remote Medium Not required None None Partial
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.
38 CVE-2019-1010204 20 DoS 2019-07-23 2021-07-21
4.3
None Remote Medium Not required None None Partial
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.
39 CVE-2019-25051 787 Overflow 2021-07-20 2021-09-20
4.6
None Local Low Not required Partial Partial Partial
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
40 CVE-2019-20911 835 DoS 2020-07-16 2020-07-22
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop.
41 CVE-2019-20633 415 DoS 2020-03-25 2020-11-05
4.3
None Remote Medium Not required None None Partial
GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.
42 CVE-2019-20015 770 2019-12-27 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
43 CVE-2019-20013 770 2019-12-27 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
44 CVE-2019-20012 770 2019-12-27 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
45 CVE-2019-20009 770 2019-12-27 2020-08-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
46 CVE-2019-18862 2019-11-11 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
47 CVE-2019-18192 732 2019-10-17 2019-10-22
4.6
None Local Low Not required Partial Partial Partial
GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365.
48 CVE-2019-17594 125 2019-10-14 2021-02-10
4.6
None Local Low Not required Partial Partial Partial
There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.
49 CVE-2019-17451 190 Overflow 2019-10-10 2020-11-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.
50 CVE-2019-17450 674 DoS 2019-10-10 2020-11-02
4.3
None Remote Medium Not required None None Partial
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
Total number of vulnerabilities : 248   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.