Gnu Security Vulnerabilities (CVEs)
Track 113 security vulnerabilities affecting Gnu products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in GNU Inetutils telnetd allows remote attackers to bypass authentication by setting the USER environment variable to '-f root'. Th...
Jan 21, 2026A memory corruption vulnerability in GNU C Library's wordexp function when using WRDE_REUSE with WRDE_APPEND flags can return uninitialized memory. Th...
Jan 20, 2026This vulnerability in GNU C Library (glibc) allows stack memory contents to be leaked to DNS resolvers when getnetbyaddr functions query for a zero-va...
Jan 15, 2026An integer overflow vulnerability in GNU C Library's memalign functions (memalign, posix_memalign, aligned_alloc) can lead to heap corruption when bot...
Jan 14, 2026A stack-based buffer overflow vulnerability in GNU Wget2's filename sanitization logic allows remote attackers to trigger memory corruption via specia...
Jan 9, 2026CVE-2025-69194 is a path traversal vulnerability in GNU Wget2's Metalink document handling that allows attackers to write files to arbitrary locations...
Jan 9, 2026A stack-based buffer overflow vulnerability in libtasn1 v4.20.0 allows attackers to execute arbitrary code or cause denial of service by exploiting im...
Jan 7, 2026A divide-by-zero vulnerability in GNU Recutils v1.9 encryption/decryption routines allows attackers to cause a Denial of Service (DoS) by providing an...
Dec 30, 2025A buffer overflow vulnerability in the gnu_special function of BinUtils' cplus-dem.c file allows attackers to crash applications by processing special...
Dec 29, 2025A vulnerability in BinUtils' cp-demangle.c function allows attackers to cause denial of service through crafted PE files. This affects systems using B...
Dec 29, 2025A vulnerability in BinUtils' cp-demangle.c allows attackers to cause denial of service through crafted PE files. This affects systems using BinUtils f...
Dec 29, 2025A stack-based buffer overflow vulnerability exists in the cp-demangle.c file of BinUtils 2.26, specifically in the d_print_comp_inner function. Attack...
Dec 29, 2025A vulnerability in BinUtils' cp-demangle.c allows attackers to cause denial of service through crafted PE files. This affects systems using BinUtils f...
Dec 29, 2025A vulnerability in BinUtils' cp-demangle.c function allows attackers to cause denial of service through specially crafted PE files. This affects syste...
Dec 29, 2025A use-after-free vulnerability in GRUB's gettext module allows attackers to invoke an orphaned command after module unloading, causing memory access t...
Nov 18, 2025A NULL pointer dereference vulnerability in GNU libmicrohttpd v1.0.2 and earlier allows attackers to cause denial-of-service (DoS) by sending speciall...
Nov 10, 2025A heap-based buffer overflow vulnerability in GNU Binutils' linker component allows local attackers to execute arbitrary code or cause denial of servi...
Sep 27, 2025A heap-based buffer overflow vulnerability in GNU Binutils' linker component allows local attackers to execute arbitrary code or cause denial of servi...
Sep 27, 2025This vulnerability in GNU Binutils 2.45 allows an attacker to trigger an out-of-bounds write in the bfd_elf_set_group_contents function. Attackers wit...
Jul 13, 2025GNU Tar through version 1.35 contains a directory traversal vulnerability that allows file overwrite via a two-step process using crafted TAR archives...
Jul 11, 2025This CVE describes a heap-buffer-overflow vulnerability in GnuTLS's certtool utility when parsing template files. An attacker can trigger memory corru...
Jul 10, 2025A heap-buffer-overread vulnerability in GnuTLS allows attackers to create malicious certificates with malformed Certificate Transparency extensions th...
Jul 10, 2025A Power10-specific optimization bug in GNU C Library's strncmp function corrupts non-volatile vector registers, potentially altering program control f...
Jun 5, 2025This vulnerability in GNU C Library's Power10-optimized strcmp function corrupts non-volatile vector registers, potentially altering program control f...
Jun 5, 2025This vulnerability in GNU C Library (glibc) versions 2.27 to 2.38 allows attackers to load malicious shared libraries via the LD_LIBRARY_PATH environm...
May 16, 2025CVE-2025-47814 is a heap-based buffer overflow vulnerability in GNU PSPP's libpspp-core.a library that occurs when processing specially crafted ZIP fi...
May 10, 2025This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands on servers running GNU Mailman 2.1.39 in certain ex...
Apr 20, 2025This CVE describes an integer overflow vulnerability in grub2's JFS filesystem module that allows buffer overflow when reading maliciously crafted fil...
Mar 3, 2025A heap-based buffer overflow vulnerability in grub2's squash4 filesystem module allows attackers to execute arbitrary code by crafting malicious files...
Mar 3, 2025A stack overflow vulnerability in GRUB2's BFS filesystem parser allows an attacker to crash the bootloader by providing a specially crafted BFS filesy...
Mar 3, 2025This vulnerability in the HFS filesystem driver allows attackers to trigger a heap-based buffer overflow by providing a specially crafted volume name....
Mar 3, 2025This vulnerability in GRUB's HFS filesystem module allows integer overflow when calculating buffer sizes from malicious filesystem metadata. Attackers...
Mar 3, 2025CVE-2024-45780 is a heap buffer overflow vulnerability in grub2's tar file parser that allows integer overflow during filename buffer allocation. Atta...
Mar 3, 2025This vulnerability in grub2 allows attackers to trigger an out-of-bounds write when processing language files, potentially overwriting sensitive heap ...
Feb 19, 2025A critical memory corruption vulnerability in GNU Binutils' linker (ld) allows remote attackers to potentially execute arbitrary code or cause denial ...
Feb 11, 2025A critical memory corruption vulnerability in GNU Binutils' linker component (ld) allows remote attackers to potentially execute arbitrary code or cau...
Feb 11, 2025A memory corruption vulnerability exists in GNU Binutils' bfd_putl64 function within the ld component. This allows remote attackers to potentially exe...
Feb 11, 2025A critical heap-based buffer overflow vulnerability in GNU Binutils' linker component (ld) allows remote attackers to potentially execute arbitrary co...
Feb 11, 2025A stack-based buffer overflow vulnerability exists in GNU Binutils' objdump tool when processing specially crafted input. This could allow remote atta...
Jan 29, 2025CVE-2024-56737 is a heap-based buffer overflow vulnerability in GNU GRUB2's HFS filesystem parser. Attackers can exploit this by providing specially c...
Dec 29, 2024This vulnerability in Emacs Org Mode allows arbitrary code execution when processing malicious Org documents containing specially crafted link abbrevi...
Jun 23, 2024GNU Wget through version 1.24.5 incorrectly parses semicolons in the userinfo portion of URIs, potentially causing userinfo data to be misinterpreted ...
Jun 16, 2024A buffer overflow vulnerability in libcdio 2.2.0 allows attackers to execute arbitrary code by providing a maliciously crafted ISO 9660 image file. Th...
Jun 14, 2024This vulnerability in GNU Nano allows local privilege escalation through insecure temporary file handling. When Nano is killed during editing, it crea...
Jun 12, 2024A stack-based buffer overflow vulnerability in nscd (Name Service Cache Daemon) allows attackers to execute arbitrary code or crash the service when n...
May 6, 2024A memory allocation failure in nscd's netgroup cache can cause the daemon to terminate, resulting in denial of service for clients relying on name ser...
May 6, 2024This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of GNU Savane by uploading a specially cra...
Apr 11, 2024This vulnerability in GNU Savane allows remote attackers to escalate privileges by manipulating the form_id parameter in the form_header() function. A...
Apr 8, 2024This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in GNU Savane that allows remote attackers to delete arbitrary files on th...
Apr 8, 2024This vulnerability in Emacs Org mode allows remote file contents to be executed as trusted code when opened in Org mode. It affects Emacs versions bef...
Mar 25, 2024Why Monitor Gnu Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 113+ known vulnerabilities affecting Gnu products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Gnu packages in under 60 seconds. No agents required - completely agentless scanning that works across Gnu deployments.
Free vulnerability database: Access detailed information about every Gnu CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Gnu CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
