Filtered by vendor Gnu
Subscribe
Total
1140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5702 | 1 Gnu | 1 Glibc | 2025-10-01 | N/A | 5.6 MEDIUM |
| The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its contents and potentially altering control flow of the caller, or leaking the input strings to the function to other parts of the program. | |||||
| CVE-2023-4813 | 4 Fedoraproject, Gnu, Netapp and 1 more | 21 Fedora, Glibc, Active Iq Unified Manager and 18 more | 2025-09-26 | N/A | 5.9 MEDIUM |
| A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. | |||||
| CVE-2023-4806 | 3 Fedoraproject, Gnu, Redhat | 22 Fedora, Glibc, Codeready Linux Builder Eus and 19 more | 2025-09-26 | N/A | 5.9 MEDIUM |
| A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. | |||||
| CVE-2025-8746 | 1 Gnu | 1 Libopts | 2025-09-16 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library." This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-50610 | 1 Gnu | 1 Gnu Scientific Library | 2025-09-04 | N/A | 3.6 LOW |
| GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, incorrect memory allocation occurs. | |||||
| CVE-2024-27630 | 1 Gnu | 1 Savane | 2025-09-02 | N/A | 7.5 HIGH |
| Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted input to the trackers_data_delete_file function. | |||||
| CVE-2024-27631 | 1 Gnu | 1 Savane | 2025-09-02 | N/A | 6.0 MEDIUM |
| Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php | |||||
| CVE-2024-27632 | 1 Gnu | 1 Savane | 2025-09-02 | N/A | 8.8 HIGH |
| An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function. | |||||
| CVE-2023-7207 | 1 Gnu | 1 Cpio | 2025-08-26 | N/A | 4.9 MEDIUM |
| Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames. | |||||
| CVE-2024-2312 | 2 Gnu, Netapp | 3 Grub2, Bootstrap Os, Hci Compute Node | 2025-08-26 | N/A | 6.7 MEDIUM |
| GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass. | |||||
| CVE-2025-45582 | 1 Gnu | 1 Tar | 2025-08-18 | N/A | 4.1 MEDIUM |
| GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory. | |||||
| CVE-2025-1125 | 1 Gnu | 1 Grub2 | 2025-08-12 | N/A | 6.7 MEDIUM |
| When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections. | |||||
| CVE-2025-0689 | 1 Gnu | 1 Grub2 | 2025-08-12 | N/A | 6.7 MEDIUM |
| When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections. | |||||
| CVE-2019-9923 | 2 Gnu, Opensuse | 2 Tar, Leap | 2025-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. | |||||
| CVE-2016-9401 | 3 Debian, Gnu, Redhat | 8 Debian Linux, Bash, Enterprise Linux Desktop and 5 more | 2025-08-06 | 2.1 LOW | 5.5 MEDIUM |
| popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | |||||
| CVE-2016-6321 | 1 Gnu | 1 Tar | 2025-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. | |||||
| CVE-2015-1865 | 1 Gnu | 1 Coreutils | 2025-08-06 | 3.3 LOW | 5.1 MEDIUM |
| fts.c in coreutils 8.4 allows local users to delete arbitrary files. | |||||
| CVE-2025-8224 | 1 Gnu | 1 Binutils | 2025-08-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-8225 | 1 Gnu | 1 Binutils | 2025-08-01 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2024-33601 | 3 Debian, Gnu, Netapp | 20 Debian Linux, Glibc, H300s and 17 more | 2025-08-01 | N/A | 7.3 HIGH |
| nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. | |||||