Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-40303
GNU inetutils prior to 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before ...
Gnu Inetutils
6.5
CVSSv3
CVE-2023-3385
An issue has been discovered in GitLab affecting all versions starting from 8.10 prior to 16.0.8, all versions starting from 16.1 prior to 16.1.3, all versions starting from 16.2 prior to 16.2.2. Under specific circumstances, a user importing a project 'from export' cou...
Gitlab Gitlab
7.8
CVSSv3
CVE-2022-43701
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.
Arm Mbed Studio
Arm Keil Mdk
Arm Gnu Toolchain
Arm Fast Models
Arm Arm Mobile Studio
Arm Linaro Forge
Arm Arm Development Studio
Arm Arm Compiler For Functional Safety 6.6
Arm Arm Compiler For Embedded Fusa 6.16
Arm Arm Compiler
Arm Ds Development Studio
5.5
CVSSv3
CVE-2023-39129
GNU gdb (GDB) 13.0.50.20220805-git exists to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
Gnu Gdb 13.0.50.20220805-git
5.5
CVSSv3
CVE-2023-39128
GNU gdb (GDB) 13.0.50.20220805-git exists to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
Gnu Gdb 13.0.50.20220805-git
5.5
CVSSv3
CVE-2023-39130
GNU gdb (GDB) 13.0.50.20220805-git exists to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
Gnu Gdb 13.0.50.20220805-git
8.1
CVSSv3
CVE-2022-28733
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number ...
Gnu Grub2
7
CVSSv3
CVE-2022-28734
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buf...
Gnu Grub2
Netapp Active Iq Unified Manager -
7.8
CVSSv3
CVE-2022-28735
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
Gnu Grub2
7.8
CVSSv3
CVE-2022-28736
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free v...
Gnu Grub2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »