Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-28733
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number ...
Gnu Grub2
7
CVSSv3
CVE-2022-28734
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buf...
Gnu Grub2
Netapp Active Iq Unified Manager -
7.8
CVSSv3
CVE-2022-28735
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
Gnu Grub2
7.8
CVSSv3
CVE-2022-28736
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free v...
Gnu Grub2
6.5
CVSSv3
CVE-2021-32256
An issue exists in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
Gnu Binutils 2.36
5.5
CVSSv3
CVE-2023-36476
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted `/boot`, on either non-UEFI s...
Nixos Calamares-nixos-extensions
5.5
CVSSv3
CVE-2015-20109
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE:...
Gnu Glibc
8.8
CVSSv3
CVE-2023-36271
LibreDWG v0.12.5 exists to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
Gnu Libredwg 0.12.5
8.8
CVSSv3
CVE-2023-36272
LibreDWG v0.12.5 exists to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
Gnu Libredwg 0.12.5
8.8
CVSSv3
CVE-2023-36273
LibreDWG v0.12.5 exists to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
Gnu Libredwg 0.12.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »