Gnu Security Vulnerabilities (CVEs)
Track 113 security vulnerabilities affecting Gnu products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A heap-based buffer overflow in glibc's syslog functions allows attackers to crash applications or potentially escalate privileges locally. This affec...
Jan 31, 2024A vulnerability in GnuTLS causes Cockpit to reject certificate chains with distributed trust when using cockpit-certificate-ensure, allowing unauthent...
Jan 16, 2024An out-of-bounds write vulnerability in grub2's NTFS filesystem driver allows attackers to corrupt heap metadata by presenting a specially crafted NTF...
Oct 25, 2023CVE-2023-4911 is a buffer overflow vulnerability in the GNU C Library's dynamic loader (ld.so) that allows local attackers to exploit SUID binaries. B...
Oct 3, 2023CVE-2023-5156 is a memory leak vulnerability in the GNU C Library (glibc) introduced by a previous fix for CVE-2023-4806. This flaw can cause applicat...
Sep 25, 2023A heap buffer overflow vulnerability in binutils readelf allows attackers to execute arbitrary code or cause denial of service by providing specially ...
Aug 22, 2023A vulnerability in Binutils objdump allows attackers to cause denial of service or potentially other impacts via a specific function in match-o.c. Thi...
Aug 22, 2023CVE-2021-46174 is a heap-based buffer overflow vulnerability in the bfd_getl32 function of Binutils objdump version 2.37. This vulnerability allows at...
Aug 22, 2023CVE-2020-35342 is an uninitialized heap vulnerability in GNU Binutils' tic4x disassembler that allows attackers to leak sensitive information from mem...
Aug 22, 2023CVE-2022-28733 is an integer underflow vulnerability in GRUB2's network stack that allows remote attackers to cause buffer overflow via specially craf...
Jul 20, 2023LibreDWG versions 0.10 through 0.12.5 contain a heap buffer overflow vulnerability in the bit_utf8_to_TU function. This allows attackers to execute ar...
Jun 23, 2023CVE-2023-36274 is a heap buffer overflow vulnerability in LibreDWG's bit_write_TF function that allows attackers to execute arbitrary code or cause de...
Jun 23, 2023This vulnerability in ncurses allows local users to trigger memory corruption by providing malformed terminfo database files. It affects setuid applic...
Apr 14, 2023CVE-2023-1579 is a heap-based buffer overflow vulnerability in the bfd_getl64 function of binutils-gdb's Binary File Descriptor (BFD) library. This vu...
Apr 3, 2023This vulnerability allows attackers to execute arbitrary commands on systems running vulnerable versions of Org Mode for GNU Emacs. Attackers can expl...
Mar 19, 2023This vulnerability in Emacs allows attackers to execute arbitrary shell commands through a malicious mailto: URI when using emacsclient-mail.desktop. ...
Mar 9, 2023CVE-2022-48337 is a command injection vulnerability in GNU Emacs' etags utility that allows attackers to execute arbitrary commands via shell metachar...
Feb 20, 2023CVE-2022-48339 is a command injection vulnerability in GNU Emacs' htmlfontify.el module. It allows attackers to execute arbitrary code by crafting mal...
Feb 20, 2023This CVE describes a timing side-channel vulnerability in GnuTLS that allows attackers to perform Bleichenbacher-style attacks against RSA encryption....
Feb 15, 2023This vulnerability in GNU Less allows crafted data to bypass ANSI escape sequence filtering when using the '-R' flag, potentially enabling terminal ma...
Feb 7, 2023CVE-2023-25139 is a buffer overflow vulnerability in glibc's sprintf function that occurs when formatting numbers with thousands separators and paddin...
Feb 3, 2023CVE-2021-3697 is a heap buffer underflow vulnerability in GRUB2's JPEG parser that allows a crafted JPEG image to corrupt heap memory. Successful expl...
Jul 6, 2022LibreDWG v0.12.4.4608 contains a heap-use-after-free vulnerability in the decode_preR13_section function at decode_r11.c. This allows attackers to pot...
Jun 23, 2022LibreDWG v0.12.4.4608 contains a heap-use-after-free vulnerability in the dwg_add_handleref function that could allow attackers to execute arbitrary c...
Jun 23, 2022LibreDWG v0.12.4.4608 contains a heap buffer overflow vulnerability in the decode_preR13_section_hdr function. This allows attackers to execute arbitr...
Jun 23, 2022CVE-2022-33034 is a stack overflow vulnerability in LibreDWG's decode_r2007.c file that allows attackers to execute arbitrary code or cause denial of ...
Jun 23, 2022CVE-2021-42585 is a heap buffer overflow vulnerability in LibreDWG's dwgread library that allows remote code execution when processing malicious DWG f...
May 23, 2022CVE-2022-29458 is an out-of-bounds read vulnerability in ncurses' terminfo library that can cause segmentation faults and potentially lead to informat...
Apr 18, 2022A buffer overflow vulnerability in glibc's sunrpc module allows attackers to execute arbitrary code or cause denial of service. This affects applicati...
Jan 14, 2022This vulnerability in GNU Binutils allows attackers to trigger a heap-based buffer overflow via the stab_xcoff_builtin_type function in stabs.c. It ca...
Dec 15, 2021LibreDWG v0.12.3 contains a NULL pointer dereference vulnerability in out_dxfb.c that can cause denial of service (DoS) through application crashes. T...
Dec 2, 2021LibreDWG v0.12.3 contains a heap-buffer overflow vulnerability in the decode_preR13 function that allows attackers to execute arbitrary code or cause ...
Dec 2, 2021CVE-2021-44227 is a Cross-Site Request Forgery (CSRF) vulnerability in GNU Mailman that allows authenticated list members or moderators to obtain CSRF...
Dec 2, 2021CVE-2021-37322 is a use-after-free vulnerability in GCC's c++filt utility (version 2.26) that can lead to arbitrary code execution or denial of servic...
Nov 18, 2021This CVE describes a privilege escalation vulnerability in GNU Hurd where during execution of setuid binaries, there's a timing window where the proce...
Nov 7, 2021This vulnerability in GNU Hurd allows any user who can read a file to modify it by exploiting a shared pager port in memory-mapped file operations. Th...
Nov 7, 2021CVE-2021-42097 is a Cross-Site Request Forgery (CSRF) vulnerability in GNU Mailman that allows privilege escalation. An attacker can obtain a CSRF tok...
Oct 21, 2021CVE-2021-39528 is a double-free vulnerability in LibreDWG's dwg_free_MATERIAL_private() function that can lead to memory corruption and potential remo...
Sep 20, 2021CVE-2021-39522 is a heap-based buffer overflow vulnerability in LibreDWG's bit_wcs2len() function. This allows attackers to execute arbitrary code or ...
Sep 20, 2021CVE-2021-39525 is a heap-based buffer overflow vulnerability in libredwg's bit_read_fixed() function. This allows attackers to execute arbitrary code ...
Sep 20, 2021This vulnerability in glibc's wordexp function allows attackers to cause denial of service or potentially read arbitrary memory when processing malici...
Jul 22, 2021CVE-2021-36080 is a double-free vulnerability in GNU LibreDWG's bit_chain_free function that can lead to memory corruption and potential remote code e...
Jul 1, 2021CVE-2021-3530 is a stack exhaustion vulnerability in GNU libiberty's rust-demangle.c that allows crafted symbols to cause denial of service through ap...
Jun 2, 2021CVE-2020-18395 is a NULL pointer dereference vulnerability in GNU Gama's ellipsoid.h component that allows attackers to cause denial of service throug...
May 28, 2021This CVE describes a use-after-free vulnerability in the GNU C Library (glibc) mq_notify function affecting versions 2.32 and 2.33. Attackers could ex...
May 25, 2021A heap-based buffer overflow vulnerability in GNU LibreDWG 0.10 allows attackers to execute arbitrary code or cause denial of service by processing sp...
May 17, 2021CVE-2020-21843 is a heap-based buffer overflow vulnerability in GNU LibreDWG 0.10, allowing attackers to execute arbitrary code or cause denial-of-ser...
May 17, 2021A heap-based buffer overflow vulnerability in GNU LibreDWG 0.10 allows attackers to execute arbitrary code or cause denial of service by processing sp...
May 17, 2021CVE-2020-21833 is a heap-based buffer overflow vulnerability in GNU LibreDWG's DWG file parser. Attackers can exploit this by crafting malicious DWG f...
May 17, 2021CVE-2020-21836 is a heap-based buffer overflow vulnerability in GNU LibreDWG's DWG file parser. Attackers can exploit this by crafting malicious DWG f...
May 17, 2021Why Monitor Gnu Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 113+ known vulnerabilities affecting Gnu products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Gnu packages in under 60 seconds. No agents required - completely agentless scanning that works across Gnu deployments.
Free vulnerability database: Access detailed information about every Gnu CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Gnu CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
