Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Total 1065 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4692 2 Gnu, Redhat 2 Grub2, Enterprise Linux 2024-03-08 N/A 7.8 HIGH
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.
CVE-2024-0567 1 Gnu 1 Gnutls 2024-03-05 N/A 7.5 HIGH
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
CVE-2023-6779 2 Fedoraproject, Gnu 2 Fedora, Glibc 2024-02-27 N/A 7.5 HIGH
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.
CVE-2023-25584 1 Gnu 1 Binutils 2024-02-23 N/A 7.1 HIGH
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
CVE-2023-5156 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2024-02-23 N/A 7.5 HIGH
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
CVE-2023-4911 3 Fedoraproject, Gnu, Redhat 15 Fedora, Glibc, Codeready Linux Builder Eus and 12 more 2024-02-22 N/A 7.8 HIGH
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVE-2023-4039 1 Gnu 1 Gcc 2024-02-19 N/A 4.8 MEDIUM
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself.
CVE-2023-6246 2 Fedoraproject, Gnu 2 Fedora, Glibc 2024-02-16 N/A 7.8 HIGH
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
CVE-2023-4001 3 Fedoraproject, Gnu, Redhat 3 Fedora, Grub2, Enterprise Linux 2024-02-16 N/A 6.8 MEDIUM
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID (the same as in the "/boot/" file system) can bypass the GRUB password protection feature on UEFI systems, which enumerate removable drives before non-removable ones. This issue was introduced in a downstream patch in Red Hat's version of grub2 and does not affect the upstream package.
CVE-2024-0911 1 Gnu 1 Indent 2024-02-14 N/A 5.5 MEDIUM
A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash.
CVE-2001-0191 2 Andynorman, Gnu 2 Gnuserv, Xemacs 2024-02-14 10.0 HIGH N/A
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
CVE-2004-0778 1 Gnu 1 Cvs 2024-02-14 5.0 MEDIUM N/A
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
CVE-2015-0235 7 Apple, Debian, Gnu and 4 more 18 Mac Os X, Debian Linux, Glibc and 15 more 2024-02-14 10.0 HIGH N/A
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVE-2014-3466 1 Gnu 1 Gnutls 2024-02-14 6.8 MEDIUM N/A
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
CVE-2011-5024 1 Gnu 1 Mailman 2024-02-14 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter.
CVE-2024-0684 1 Gnu 1 Coreutils 2024-02-14 N/A 5.5 MEDIUM
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.
CVE-2009-1415 1 Gnu 1 Gnutls 2024-02-09 4.3 MEDIUM N/A
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free.
CVE-2008-4989 6 Canonical, Debian, Fedoraproject and 3 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2024-02-09 4.3 MEDIUM 5.9 MEDIUM
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).
CVE-2023-5981 3 Fedoraproject, Gnu, Redhat 3 Fedora, Gnutls, Linux 2024-02-09 N/A 5.9 MEDIUM
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
CVE-2019-14865 2 Gnu, Redhat 3 Grub2, Enterprise Linux, Enterprise Linux Eus 2024-02-06 4.9 MEDIUM 5.5 MEDIUM
A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.