Filtered by vendor Gnu
Subscriptions
Total
1074 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-40305 | 1 Gnu | 1 Indent | 2024-11-21 | 5.5 Medium |
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | ||||
CVE-2023-40303 | 1 Gnu | 1 Inetutils | 2024-11-21 | 7.8 High |
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process. | ||||
CVE-2023-39130 | 1 Gnu | 1 Gdb | 2024-11-21 | 5.5 Medium |
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. | ||||
CVE-2023-39129 | 1 Gnu | 1 Gdb | 2024-11-21 | 5.5 Medium |
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. | ||||
CVE-2023-39128 | 1 Gnu | 1 Gdb | 2024-11-21 | 5.5 Medium |
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | ||||
CVE-2023-2789 | 1 Gnu | 1 Cflow | 2024-11-21 | 3.5 Low |
A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
CVE-2023-2491 | 2 Gnu, Redhat | 5 Emacs, Enterprise Linux, Enterprise Linux Eus and 2 more | 2024-11-21 | 7.8 High |
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. | ||||
CVE-2023-28617 | 2 Gnu, Redhat | 6 Org Mode, Enterprise Linux, Rhel Aus and 3 more | 2024-11-21 | 7.8 High |
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. | ||||
CVE-2023-27986 | 1 Gnu | 1 Emacs | 2024-11-21 | 7.8 High |
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90. | ||||
CVE-2023-27985 | 1 Gnu | 1 Emacs | 2024-11-21 | 7.8 High |
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90 | ||||
CVE-2023-27371 | 2 Gnu, Redhat | 3 Libmicrohttpd, Enterprise Linux, Rhel Eus | 2024-11-21 | 5.9 Medium |
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. | ||||
CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-11-21 | 5.5 Medium |
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | ||||
CVE-2023-25588 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-11-21 | 4.7 Medium |
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service. | ||||
CVE-2023-25586 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-11-21 | 4.7 Medium |
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service. | ||||
CVE-2023-25585 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-11-21 | 4.7 Medium |
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service. | ||||
CVE-2023-25222 | 1 Gnu | 1 Libredwg | 2024-11-21 | 8.8 High |
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. | ||||
CVE-2023-25139 | 1 Gnu | 1 Glibc | 2024-11-21 | 9.8 Critical |
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes. | ||||
CVE-2023-24626 | 1 Gnu | 1 Screen | 2024-11-21 | 6.5 Medium |
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. | ||||
CVE-2023-1972 | 1 Gnu | 1 Binutils | 2024-11-21 | 6.5 Medium |
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | ||||
CVE-2023-1579 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-11-21 | 7.8 High |
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. |