Filtered by vendor Gnu
Subscribe
Total
1119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25632 | 4 Fedoraproject, Gnu, Netapp and 1 more | 8 Fedora, Grub2, Ontap Select Deploy Administration Utility and 5 more | 2024-11-21 | 7.2 HIGH | 8.2 HIGH |
| A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-24659 | 4 Canonical, Fedoraproject, Gnu and 1 more | 4 Ubuntu Linux, Fedora, Gnutls and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure. | |||||
| CVE-2020-24240 | 1 Gnu | 1 Bison | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison. | |||||
| CVE-2020-23861 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file. | |||||
| CVE-2020-23856 | 2 Fedoraproject, Gnu | 2 Fedora, Cflow | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee. | |||||
| CVE-2020-21844 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580. | |||||
| CVE-2020-21843 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318. | |||||
| CVE-2020-21842 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051. | |||||
| CVE-2020-21841 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135. | |||||
| CVE-2020-21840 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985. | |||||
| CVE-2020-21839 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638. | |||||
| CVE-2020-21838 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842. | |||||
| CVE-2020-21836 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175. | |||||
| CVE-2020-21835 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337. | |||||
| CVE-2020-21834 | 1 Gnu | 1 Libredwg | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164. | |||||
| CVE-2020-21833 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440. | |||||
| CVE-2020-21832 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417. | |||||
| CVE-2020-21831 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637. | |||||
| CVE-2020-21830 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213. | |||||
| CVE-2020-21827 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. | |||||