Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Total 997 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-2789 1 Gnu 1 Cflow 2023-05-26 N/A 7.5 HIGH
A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-1972 1 Gnu 1 Binutils 2023-05-25 N/A 6.5 MEDIUM
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
CVE-2023-2491 2 Gnu, Redhat 5 Emacs, Enterprise Linux, Enterprise Linux Eus and 2 more 2023-05-25 N/A 7.8 HIGH
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
CVE-2023-0361 5 Debian, Fedoraproject, Gnu and 2 more 7 Debian Linux, Fedora, Gnutls and 4 more 2023-05-23 N/A 7.4 HIGH
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
CVE-2023-29491 1 Gnu 1 Ncurses 2023-05-17 N/A 7.8 HIGH
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
CVE-2022-4285 3 Fedoraproject, Gnu, Redhat 3 Fedora, Binutils, Enterprise Linux 2023-05-16 N/A 5.5 MEDIUM
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
CVE-2023-1579 1 Gnu 1 Binutils 2023-05-11 N/A 7.8 HIGH
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.
CVE-2023-28617 1 Gnu 1 Org Mode 2023-05-10 N/A 7.8 HIGH
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
CVE-2022-48337 2 Debian, Gnu 2 Debian Linux, Emacs 2023-05-10 N/A 9.8 CRITICAL
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
CVE-2022-48339 1 Gnu 1 Emacs 2023-05-10 N/A 7.8 HIGH
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.
CVE-2021-39537 2 Apple, Gnu 3 Mac Os X, Macos, Ncurses 2023-04-27 6.8 MEDIUM 8.8 HIGH
An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.
CVE-2020-29573 3 Gnu, Netapp, Redhat 4 Glibc, Cloud Backup, Solidfire Baseboard Management Controller and 1 more 2023-04-26 5.0 MEDIUM 7.5 HIGH
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
CVE-2021-34337 1 Gnu 1 Mailman 2023-04-25 N/A 6.3 MEDIUM
An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.
CVE-2023-24626 1 Gnu 1 Screen 2023-04-19 N/A 6.5 MEDIUM
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.
CVE-2023-27371 1 Gnu 1 Libmicrohttpd 2023-03-31 N/A 5.9 MEDIUM
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.
CVE-2022-48303 1 Gnu 1 Tar 2023-03-27 N/A 7.8 HIGH
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.
CVE-2004-1349 2 Gnu, Oracle 2 Gzip, Solaris 2023-03-24 2.1 LOW N/A
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
CVE-2021-46705 3 Gnu, Opensuse, Suse 3 Grub2, Factory, Linux Enterprise Server 2023-03-23 2.1 LOW 4.4 MEDIUM
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.
CVE-2023-27986 1 Gnu 1 Emacs 2023-03-21 N/A 7.8 HIGH
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters.
CVE-2023-27985 1 Gnu 1 Emacs 2023-03-21 N/A 7.8 HIGH
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.