Known Vulnerabilities for products from Gnu
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Gnu".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23219 | The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies i... | 9.8 - CRITICAL | 2022-01-14 | 2022-11-08 |
| CVE-2022-23218 | The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copie... | 9.8 - CRITICAL | 2022-01-14 | 2022-11-08 |
| CVE-2021-43414 | An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of an authentication protocol in the proc server is vulner... | 7 - HIGH | 2021-11-07 | 2023-11-07 |
| CVE-2021-43413 | An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, all... | 8.8 - HIGH | 2021-11-07 | 2023-11-07 |
| CVE-2021-43412 | An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any... | 7.8 - HIGH | 2021-11-07 | 2023-11-07 |
| CVE-2021-43411 | An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time ... | 7.5 - HIGH | 2021-11-07 | 2023-11-07 |
| CVE-2021-43396 | ** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit... | 7.5 - HIGH | 2021-11-04 | 2023-11-07 |
| CVE-2021-43332 | In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list ad... | 6.5 - MEDIUM | 2021-11-12 | 2023-11-07 |
| CVE-2021-43331 | In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. | 6.1 - MEDIUM | 2021-11-12 | 2023-11-07 |
| CVE-2021-42586 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-05-23 | 2022-05-30 |
| CVE-2021-42585 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-05-23 | 2022-05-30 |
| CVE-2021-42097 | GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account.... | 8 - HIGH | 2021-10-21 | 2023-11-07 |
| CVE-2021-42096 | GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin passwor... | 4.3 - MEDIUM | 2021-10-21 | 2023-11-07 |
| CVE-2021-40491 | The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they matc... | 6.5 - MEDIUM | 2021-09-03 | 2023-02-03 |
| CVE-2021-39537 | An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2023-12-03 |
| CVE-2021-39530 | An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39528 | An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39527 | An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39525 | An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow. | 8.8 - HIGH | 2021-09-20 | 2021-09-24 |
| CVE-2021-39523 | An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_ha... | 6.5 - MEDIUM | 2021-09-20 | 2021-09-24 |
Known software with vulnerabilities from Gnu
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Gnu | A2ps | - |
| Application | Gnu | Adns | 1.5.2 |
| Application | Gnu | Anubis | - |
| Application | Gnu | Aspell | - |
| Application | Gnu | Aspell Dictionary | 0.50-2 |
| Application | Gnu | Automake | 1.0 |
| Application | Gnu | Bash | - |
| Application | Gnu | Bc | 1.03 |
| Application | Gnu | Binutils | - |
| Application | Gnu | Bison | 3.5.4 |
| Application | Gnu | Cfengine | - |
| Application | Gnu | Cflow | - |
| Application | Gnu | Chess | - |
| Application | Gnu | Coreutils | - |
| Application | Gnu | Cpio | - |
| Application | Gnu | Cvs | 1.12.1 |
| Application | Gnu | Data Display Debugger | - |
| Application | Gnu | Ed | - |
| Application | Gnu | Emacs | - |
| Application | Gnu | Enscript | - |