Filtered by vendor Gnu
Subscriptions
Total
1151 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-39028 | 4 Debian, Gnu, Mit and 1 more | 4 Debian Linux, Inetutils, Kerberos 5 and 1 more | 2024-11-21 | 7.5 High |
| telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. | ||||
| CVE-2022-38533 | 2 Fedoraproject, Gnu | 2 Fedora, Binutils | 2024-11-21 | 5.5 Medium |
| In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | ||||
| CVE-2022-35206 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c. | ||||
| CVE-2022-35205 | 1 Gnu | 1 Binutils | 2024-11-21 | 5.5 Medium |
| An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | ||||
| CVE-2022-35164 | 1 Gnu | 1 Libredwg | 2024-11-21 | 9.8 Critical |
| LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. | ||||
| CVE-2022-33034 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. | ||||
| CVE-2022-33033 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c. | ||||
| CVE-2022-33032 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c. | ||||
| CVE-2022-33028 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c. | ||||
| CVE-2022-33027 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c. | ||||
| CVE-2022-33026 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | ||||
| CVE-2022-33025 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c. | ||||
| CVE-2022-33024 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.5 High |
| There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608. | ||||
| CVE-2022-2601 | 3 Fedoraproject, Gnu, Redhat | 13 Fedora, Grub2, Enterprise Linux and 10 more | 2024-11-21 | 8.6 High |
| A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. | ||||
| CVE-2022-2509 | 4 Debian, Fedoraproject, Gnu and 1 more | 4 Debian Linux, Fedora, Gnutls and 1 more | 2024-11-21 | 7.5 High |
| A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function. | ||||
| CVE-2022-2469 | 2 Debian, Gnu | 2 Debian Linux, Gnu Sasl | 2024-11-21 | 3.8 Low |
| GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client | ||||
| CVE-2022-27943 | 2 Fedoraproject, Gnu | 2 Fedora, Gcc | 2024-11-21 | 5.5 Medium |
| libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. | ||||
| CVE-2022-25310 | 2 Gnu, Redhat | 2 Fribidi, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. | ||||
| CVE-2022-25309 | 2 Gnu, Redhat | 2 Fribidi, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service. | ||||
| CVE-2022-25308 | 2 Gnu, Redhat | 2 Fribidi, Enterprise Linux | 2024-11-21 | 7.8 High |
| A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. | ||||