CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

GNU : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-44227 352 CSRF 2021-12-02 2021-12-03
6.8
None Remote Medium Not required Partial Partial Partial
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
2 CVE-2021-43414 863 2021-11-07 2021-11-09
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulnerable to man-in-the-middle attacks, which can be exploited for local privilege escalation to get full root access.
3 CVE-2021-39537 787 Overflow 2021-09-20 2021-11-30
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.
4 CVE-2021-39530 787 Overflow 2021-09-20 2021-09-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
5 CVE-2021-39528 415 2021-09-20 2021-09-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
6 CVE-2021-39527 787 Overflow 2021-09-20 2021-09-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
7 CVE-2021-39525 787 Overflow 2021-09-20 2021-09-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
8 CVE-2021-39522 787 Overflow 2021-09-20 2021-09-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
9 CVE-2021-38185 190 Exec Code Overflow 2021-08-08 2021-08-16
6.8
None Remote Medium Not required Partial Partial Partial
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
10 CVE-2021-36080 415 2021-07-01 2021-07-08
6.8
None Remote Medium Not required Partial Partial Partial
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
11 CVE-2021-35942 190 DoS 2021-07-22 2021-09-21
6.4
None Remote Low Not required Partial None Partial
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
12 CVE-2021-30184 120 Exec Code Overflow 2021-04-07 2021-07-12
6.8
None Remote Medium Not required Partial Partial Partial
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.
13 CVE-2021-20294 119 Overflow 2021-04-29 2021-09-13
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.
14 CVE-2020-27779 285 2021-03-03 2021-05-01
6.9
None Local Medium Not required Complete Complete Complete
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
15 CVE-2020-21844 Exec Code 2021-05-17 2021-05-24
6.8
None Remote Medium Not required Partial Partial Partial
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
16 CVE-2020-21843 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
17 CVE-2020-21842 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
18 CVE-2020-21841 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
19 CVE-2020-21840 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
20 CVE-2020-21838 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
21 CVE-2020-21836 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175.
22 CVE-2020-21833 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
23 CVE-2020-21832 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.
24 CVE-2020-21831 787 Overflow 2021-05-17 2021-05-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.
25 CVE-2020-21830 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
26 CVE-2020-21827 787 Overflow 2021-05-17 2021-05-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379.
27 CVE-2020-21819 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51.
28 CVE-2020-21818 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48.
29 CVE-2020-21816 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46.
30 CVE-2020-21814 787 Overflow 2021-05-17 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97.
31 CVE-2020-21813 787 Overflow 2021-05-17 2021-05-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114.
32 CVE-2020-14372 184 Exec Code 2021-03-03 2021-05-01
6.2
None Local High Not required Complete Complete Complete
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
33 CVE-2020-6609 125 2020-01-08 2020-01-23
6.8
None Remote Medium Not required Partial Partial Partial
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.
34 CVE-2020-6096 191 Exec Code 2020-04-01 2021-03-04
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
35 CVE-2019-1010180 119 Exec Code Overflow 2019-07-24 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
36 CVE-2019-1010023 Exec Code 2019-07-15 2020-11-16
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."
37 CVE-2019-20912 787 Overflow 2020-07-16 2020-07-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
38 CVE-2019-20433 125 2020-01-27 2020-01-31
6.4
None Remote Low Not required Partial None Partial
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
39 CVE-2019-20014 415 2019-12-27 2020-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
40 CVE-2019-20011 125 2019-12-27 2020-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
41 CVE-2019-20010 416 2019-12-27 2020-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
42 CVE-2019-18397 120 DoS Exec Code Overflow 2019-11-13 2019-12-18
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.
43 CVE-2019-17544 125 2019-10-14 2021-08-02
6.4
None Remote Low Not required Partial None Partial
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
44 CVE-2019-15767 787 Overflow 2019-08-29 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.
45 CVE-2019-14866 2020-01-07 2020-01-10
6.9
None Local Medium Not required Complete Complete Complete
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
46 CVE-2019-11640 787 Overflow 2019-05-01 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a.
47 CVE-2019-11639 787 Overflow 2019-05-01 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rec_type_check_enum at rec-types.c in librec.a.
48 CVE-2019-9775 125 2019-03-14 2019-03-21
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
49 CVE-2019-9774 125 2019-03-14 2019-03-21
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
50 CVE-2019-9077 787 Overflow 2019-02-24 2021-07-10
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.
Total number of vulnerabilities : 172   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.