Filtered by vendor Gnu
Subscribe
Total
1176 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-69194 | 1 Gnu | 1 Wget2 | 2026-03-05 | N/A | 8.8 HIGH |
| A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user’s environment. | |||||
| CVE-2023-7216 | 2 Gnu, Redhat | 2 Cpio, Enterprise Linux | 2026-02-25 | N/A | 5.3 MEDIUM |
| A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks. | |||||
| CVE-2025-11840 | 1 Gnu | 1 Binutils | 2026-02-24 | 1.7 LOW | 3.3 LOW |
| A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing a manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. This patch is called 16357. It is best practice to apply a patch to resolve this issue. | |||||
| CVE-2025-11839 | 1 Gnu | 1 Binutils | 2026-02-24 | 1.7 LOW | 3.3 LOW |
| A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2025-11413 | 1 Gnu | 1 Binutils | 2026-02-24 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised. | |||||
| CVE-2023-4911 | 6 Canonical, Debian, Fedoraproject and 3 more | 41 Ubuntu Linux, Debian Linux, Fedora and 38 more | 2026-02-13 | N/A | 7.8 HIGH |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | |||||
| CVE-2021-35942 | 3 Debian, Gnu, Netapp | 7 Debian Linux, Glibc, Active Iq Unified Manager and 4 more | 2026-02-13 | 6.4 MEDIUM | 9.1 CRITICAL |
| The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. | |||||
| CVE-2026-24061 | 2 Debian, Gnu | 2 Debian Linux, Inetutils | 2026-02-11 | N/A | 9.8 CRITICAL |
| telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable. | |||||
| CVE-2025-15281 | 1 Gnu | 1 Glibc | 2026-02-05 | N/A | 7.5 HIGH |
| Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. | |||||
| CVE-2026-0861 | 1 Gnu | 1 Glibc | 2026-02-03 | N/A | 8.4 HIGH |
| Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1<<62+ 1, 1<<63] and exactly 1<<63 for posix_memalign and aligned_alloc. Typically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments. | |||||
| CVE-2025-13151 | 1 Gnu | 1 Libtasn1 | 2026-02-02 | N/A | 7.5 HIGH |
| Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string. | |||||
| CVE-2026-0915 | 1 Gnu | 1 Glibc | 2026-01-23 | N/A | 7.5 HIGH |
| Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. | |||||
| CVE-2025-66866 | 1 Gnu | 1 Binutils | 2026-01-14 | N/A | 7.5 HIGH |
| An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | |||||
| CVE-2025-66865 | 1 Gnu | 1 Binutils | 2026-01-14 | N/A | 7.5 HIGH |
| An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | |||||
| CVE-2025-66864 | 1 Gnu | 1 Binutils | 2026-01-14 | N/A | 7.5 HIGH |
| An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | |||||
| CVE-2025-66863 | 1 Gnu | 1 Binutils | 2026-01-14 | N/A | 7.5 HIGH |
| An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | |||||
| CVE-2025-66862 | 1 Gnu | 1 Binutils | 2026-01-14 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. | |||||
| CVE-2025-66861 | 1 Gnu | 1 Binutils | 2026-01-14 | N/A | 2.5 LOW |
| An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file. | |||||
| CVE-2025-65409 | 1 Gnu | 1 Recutils | 2026-01-09 | N/A | 7.5 HIGH |
| A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service (DoS) via inputting an empty value as a password. | |||||
| CVE-2025-1125 | 1 Gnu | 1 Grub2 | 2026-01-08 | N/A | 7.8 HIGH |
| When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections. | |||||