Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb exists to contain a NULL pointer dereference via the function x_error_handler() at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem (an X operation silently fails).
NA
CVE-2023-39804
In GNU tar prior to 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.
NA
CVE-2024-30202
In Emacs prior to 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode prior to 9.6.23.
NA
CVE-2024-30203
In Emacs prior to 29.3, Gnus treats inline MIME contents as trusted.
NA
CVE-2024-30204
In Emacs prior to 29.3, LaTeX preview is enabled by default for e-mail attachments.
NA
CVE-2024-30205
In Emacs prior to 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode prior to 9.6.23.
NA
CVE-2024-25118
TYPO3 is an open source PHP based web content management system released under the GNU GPL. Password hashes were being reflected in the editing forms of the TYPO3 backend user interface. This allowed malicious users to crack the plaintext password using brute force techniques. Ex...
NA
CVE-2024-25119
TYPO3 is an open source PHP based web content management system released under the GNU GPL. The plaintext value of `$GLOBALS['SYS']['encryptionKey']` was displayed in the editing forms of the TYPO3 Install Tool user interface. This allowed malicious users to u...
NA
CVE-2024-25120
TYPO3 is an open source PHP based web content management system released under the GNU GPL. The TYPO3-specific `t3://` URI scheme could be used to access resources outside of the users' permission scope. This encompassed files, folders, pages, and records (although only if a...
NA
CVE-2024-25121
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions of TYPO3 entities of the File Abstraction Layer (FAL) could be persisted directly via `DataHandler`. This allowed malicious users to reference files in the fallback st...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »