Known Vulnerabilities for products from GNU
Listed below are 20 of the newest known vulnerabilities associated with the vendor "GNU".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4438 json | Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU ... | Not Provided | 2026-03-20 | 2026-04-07 |
| CVE-2026-4437 json | Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU ... | Not Provided | 2026-03-20 | 2026-04-07 |
| CVE-2026-4046 json | The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inp... | Not Provided | 2026-03-30 | 2026-04-07 |
| CVE-2026-3904 json | Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library versi... | Not Provided | 2026-03-11 | 2026-04-09 |
| CVE-2025-61662 json | A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where t... | Not Provided | 2025-11-18 | 2026-04-16 |
| CVE-2025-32990 json | A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool u... | Not Provided | 2025-07-10 | 2026-04-14 |
| CVE-2025-32989 json | A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certifica... | Not Provided | 2025-07-10 | 2026-04-14 |
| CVE-2024-2961 json | The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 byte... | Not Provided | 2024-04-17 | 2026-04-03 |
| CVE-2024-1048 json | 3.3 - LOW | 2024-02-06 | 2024-03-11 | |
| CVE-2024-0567 json | 7.5 - HIGH | 2024-01-16 | 2024-02-02 | |
| CVE-2024-0553 json | 7.5 - HIGH | 2024-01-16 | 2024-03-25 | |
| CVE-2023-40305 json | GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | 5.5 - MEDIUM | 2023-08-14 | 2023-11-07 |
| CVE-2023-40303 json | GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in f... | 7.8 - HIGH | 2023-08-14 | 2024-01-02 |
| CVE-2023-39130 json | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-p... | 5.5 - MEDIUM | 2023-07-25 | 2023-08-03 |
| CVE-2023-39129 json | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at ... | 5.5 - MEDIUM | 2023-07-25 | 2023-08-03 |
| CVE-2023-39128 json | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | 5.5 - MEDIUM | 2023-07-25 | 2023-08-03 |
| CVE-2023-36274 json | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | 8.8 - HIGH | 2023-06-23 | 2023-06-27 |
| CVE-2023-36273 json | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c. | 8.8 - HIGH | 2023-06-23 | 2023-06-27 |
| CVE-2023-36272 json | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. | 8.8 - HIGH | 2023-06-23 | 2023-06-27 |
| CVE-2023-36271 json | LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. | 8.8 - HIGH | 2023-06-23 | 2023-06-27 |
Known software with vulnerabilities from GNU
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Gnu | A2ps | - |
| Application | Gnu | Adns | 1.5.2 |
| Application | Gnu | Anubis | - |
| Application | Gnu | Aspell | - |
| Application | Gnu | Aspell Dictionary | 0.50-2 |
| Application | Gnu | Automake | 1.0 |
| Application | Gnu | Bash | - |
| Application | Gnu | Bc | 1.03 |
| Application | Gnu | Binutils | - |
| Application | Gnu | Bison | 3.5.4 |
| Application | Gnu | Cfengine | - |
| Application | Gnu | Cflow | - |
| Application | Gnu | Chess | - |
| Application | Gnu | Coreutils | - |
| Application | Gnu | Cpio | - |
| Application | Gnu | Cvs | 1.12.1 |
| Application | Gnu | Data Display Debugger | - |
| Application | Gnu | Ed | - |
| Application | Gnu | Emacs | - |
| Application | Gnu | Enscript | - |