Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and previous versions allows a remote malicious user to gain additional privileges via a malformed ident reply that is passed to the syslog function.
Infodrom Cfingerd
2 EDB exploits
9.1
CVSSv3
CVE-2021-46848
GNU Libtasn1 prior to 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
Gnu Libtasn1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
9.1
CVSSv3
CVE-2021-35942
The wordexp function in the GNU C Library (aka glibc) up to and including 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This oc...
Gnu Glibc
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Debian Debian Linux 10.0
2 Github repositories
9.1
CVSSv3
CVE-2019-20433
libaspell.a in GNU Aspell prior to 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
Gnu Aspell
9.1
CVSSv3
CVE-2019-17544
libaspell.a in GNU Aspell prior to 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
Gnu Aspell
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
9.1
CVSSv3
CVE-2019-9775
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
9.1
CVSSv3
CVE-2019-9774
An issue exists in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
Gnu Libredwg 0.7.1645
Gnu Libredwg 0.7
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
9.1
CVSSv3
CVE-2018-16842
Curl versions 7.14.1 up to and including 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.
Haxx Curl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
9.1
CVSSv3
CVE-2017-7226
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several ut...
Gnu Binutils 2.28
9.1
CVSSv3
CVE-2017-6969
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »