Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu patch vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch up to and including 2.7.6.
Gnu Patch
1 Github repository
7.5
CVSSv3
CVE-2018-6951
An issue exists in GNU patch up to and including 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
Gnu Patch
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv3
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching prior to 2.7.3 allows remote malicious users to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Gnu Patch
7.1
CVSSv3
CVE-2022-29458
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
Gnu Ncurses 6.3
Gnu Ncurses
Apple Macos
Debian Debian Linux 10.0
6.8
CVSSv3
CVE-2023-4001
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick...
Gnu Grub2 -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
6.1
CVSSv3
CVE-2023-24814
TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versions the TYPO3 core component `GeneralUtility::getIndpEnv()` uses the unfiltered server environment variable `PATH_INFO`, which allows malicious users to in...
Typo3 Typo3
5.9
CVSSv3
CVE-2019-13636
In GNU patch up to and including 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
Gnu Patch
1 Github repository
5.9
CVSSv3
CVE-2008-4989
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS prior to 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle malicious users to insert a spoofed cer...
Gnu Gnutls
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Opensuse Opensuse
5.5
CVSSv3
CVE-2023-36476
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted `/boot`, on either non-UEFI s...
Nixos Calamares-nixos-extensions
5.5
CVSSv3
CVE-2021-45261
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
Gnu Patch 2.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »