GNU GNU

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any GNU product.

RSS Feeds for GNU security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in GNU products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by GNU Sorted by Most Security Vulnerabilities since 2018

GNU Binutils128 vulnerabilities

GNU Glibc87 vulnerabilities

GNU Libredwg83 vulnerabilities

GNU Grub239 vulnerabilities

Gnutls26 vulnerabilities

GNU Ncurses24 vulnerabilities

GNU Mailman19 vulnerabilities

GNU Emacs13 vulnerabilities

GNU Gcc10 vulnerabilities

GNU Adns8 vulnerabilities

GNU Wget8 vulnerabilities

GNU Pspp8 vulnerabilities

GNU Tar7 vulnerabilities

GNU Bash7 vulnerabilities

GNU Screen5 vulnerabilities

GNU Org Mode5 vulnerabilities

GNU Gdb5 vulnerabilities

GNU Inetutils5 vulnerabilities

GNU Cpio5 vulnerabilities

GNU Grub5 vulnerabilities

GNU Cflow4 vulnerabilities

GNU Coreutils4 vulnerabilities

GNU Gzip3 vulnerabilities

GNU Eglibc2 vulnerabilities

GNU Libmicrohttpd2 vulnerabilities

GNU Less2 vulnerabilities

GNU Indent2 vulnerabilities

GNU Savane1 vulnerability

GNU Cvs1 vulnerability

GNU Gpgme1 vulnerability

GNU Privacy Guard1 vulnerability

Gnu Scientific Library1 vulnerability

GNU Nano1 vulnerability

GNU Bison1 vulnerability

GNU Automake1 vulnerability

GNU Grub 21 vulnerability

GNU Gnash1 vulnerability

GNU Libiberty1 vulnerability

GNU Gawk1 vulnerability

GNU Libcdio1 vulnerability

Known Exploited GNU Vulnerabilities

The following GNU vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
GNU C Library Buffer Overflow Vulnerability GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.
CVE-2023-4911 Exploit Probability: 63.2%
November 21, 2023
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code.
CVE-2014-6271 Exploit Probability: 94.2%
January 28, 2022
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271.
CVE-2014-7169 Exploit Probability: 88.5%
January 28, 2022

Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. The vulnerability CVE-2023-4911: GNU C Library Buffer Overflow Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.

By the Year

In 2025 there have been 28 vulnerabilities in GNU with an average score of 5.9 out of ten. Last year, in 2024 GNU had 28 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in GNU in 2025 could surpass last years number. Last year, the average CVE base score was greater by 0.62




Year Vulnerabilities Average Score
2025 28 5.94
2024 28 6.56
2023 78 6.89
2022 45 7.15
2021 87 7.47
2020 54 7.11
2019 80 7.06
2018 77 6.62

It may take a day or so for new GNU vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent GNU Security Vulnerabilities

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb

CVE-2025-5001 5.5 - Medium - May 20, 2025

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Integer Overflow or Wraparound

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries

CVE-2025-4802 - May 16, 2025

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

libpspp-core.a in GNU PSPP through 2.0.1

CVE-2025-47815 9.8 - Critical - May 10, 2025

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c.

Memory Corruption

libpspp-core.a in GNU PSPP through 2.0.1

CVE-2025-47814 9.8 - Critical - May 10, 2025

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.

Memory Corruption

libpspp-core.a in GNU PSPP through 2.0.1

CVE-2025-47816 9.1 - Critical - May 10, 2025

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_attributes out-of-bounds read, related to extra content at the end of a document.

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint

CVE-2025-43921 5.3 - Medium - April 20, 2025

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.

AuthZ

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations

CVE-2025-43920 8.1 - High - April 20, 2025

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.

Shell injection

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via

CVE-2025-43919 7.5 - High - April 20, 2025

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.

Directory traversal

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic

CVE-2025-3198 5.5 - Medium - April 04, 2025

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.

Memory Leak

A flaw was found in grub2

CVE-2025-0678 7.8 - High - March 03, 2025

A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.

Integer Overflow or Wraparound

A flaw was found in the HFS filesystem

CVE-2024-45782 7.8 - High - March 03, 2025

A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.

Memory Corruption

A stack overflow flaw was found when reading a BFS file system

CVE-2024-45778 5.5 - Medium - March 03, 2025

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

Integer Overflow or Wraparound

A flaw was found in grub2

CVE-2024-45780 6.7 - Medium - March 03, 2025

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.

Memory Corruption

An integer overflow flaw was found in the BFS file system driver in grub2

CVE-2024-45779 6 - Medium - March 03, 2025

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.

Integer Overflow or Wraparound

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43

CVE-2025-1182 5 - Medium - February 11, 2025

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.

Buffer Overflow

A vulnerability classified as critical was found in GNU Binutils 2.43

CVE-2025-1181 5 - Medium - February 11, 2025

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.

Buffer Overflow

A vulnerability classified as problematic has been found in GNU Binutils 2.43

CVE-2025-1180 3.1 - Low - February 11, 2025

A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Buffer Overflow

A vulnerability was found in GNU Binutils 2.43

CVE-2025-1179 7.5 - High - February 11, 2025

A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases".

Buffer Overflow

A vulnerability was found in GNU Binutils 2.43

CVE-2025-1178 5.6 - Medium - February 11, 2025

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.

Buffer Overflow

A vulnerability was found in GNU Binutils 2.43 and classified as critical

CVE-2025-1176 5 - Medium - February 11, 2025

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.

Buffer Overflow

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44

CVE-2025-1153 5.9 - Medium - February 10, 2025

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.

Buffer Overflow

A vulnerability classified as problematic has been found in GNU Binutils 2.43

CVE-2025-1152 3.7 - Low - February 10, 2025

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Improper Resource Shutdown or Release

A vulnerability was found in GNU Binutils 2.43

CVE-2025-1151 3.1 - Low - February 10, 2025

A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Improper Resource Shutdown or Release

A vulnerability was found in GNU Binutils 2.43

CVE-2025-1150 3.1 - Low - February 10, 2025

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Improper Resource Shutdown or Release

A vulnerability was found in GNU Binutils 2.43

CVE-2025-1149 3.1 - Low - February 10, 2025

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Improper Resource Shutdown or Release

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic

CVE-2025-1147 5.3 - Medium - February 10, 2025

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Buffer Overflow

A vulnerability was found in GNU Binutils 2.43 and classified as problematic

CVE-2025-1148 3.1 - Low - February 10, 2025

A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Improper Resource Shutdown or Release

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43

CVE-2025-0840 7.5 - High - January 29, 2025

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.

Buffer Overflow

GRUB2 Side-Channel Attack Vulnerability in grub_crypto_memcmp

CVE-2024-56738 - December 29, 2024

GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.

Side Channel Attack

GNU GRUB2 HFS Filesystem Heap-based Buffer Overflow Vulnerability

CVE-2024-56737 - December 29, 2024

GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.

GNU Emacs elisp-mode Unsafe Macro Expansion Code Execution Vulnerability

CVE-2024-53920 - November 27, 2024

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)

Wget Arbitrary Host Access Vulnerability via Shorthand URL Credential Injection

CVE-2024-10524 - November 19, 2024

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.

SSRF

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(

CVE-2024-39331 - June 23, 2024

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data

CVE-2024-38428 9.1 - Critical - June 16, 2024

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.

Interpretation Conflict

Buffer Overflow Vulnerability in libcdio v2.1.0

CVE-2024-36600 - June 14, 2024

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file

CVE-2024-5742 6.7 - Medium - June 12, 2024

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.

insecure temporary file

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache

CVE-2024-33602 - May 06, 2024

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients

CVE-2024-33601 - May 06, 2024

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request

CVE-2024-33600 - May 06, 2024

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow

CVE-2024-33599 - May 06, 2024

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

An issue was discovered in GNU Savane v.3.13 and before

CVE-2024-29399 - April 11, 2024

An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode

CVE-2024-30202 - March 25, 2024

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.

In Emacs before 29.3

CVE-2024-30203 - March 25, 2024

In Emacs before 29.3, Gnus treats inline MIME contents as trusted.

In Emacs before 29.3

CVE-2024-30204 - March 25, 2024

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.

In Emacs before 29.3, Org mode considers contents of remote files to be trusted

CVE-2024-30205 - March 25, 2024

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

A flaw was found in the grub2-set-bootflag utility of grub2

CVE-2024-1048 3.3 - Low - February 06, 2024

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.

Insufficient Cleanup

A flaw was found in indent, a program for formatting C code

CVE-2024-0911 5.5 - Medium - February 06, 2024

A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash.

Memory Corruption

A flaw was found in the GNU coreutils "split" program

CVE-2024-0684 5.5 - Medium - February 06, 2024

A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.

Memory Corruption

A path traversal vulnerability was found in the CPIO utility

CVE-2023-7216 5.3 - Medium - February 05, 2024

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.

Directory traversal

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library

CVE-2023-6779 7.5 - High - January 31, 2024

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.

Memory Corruption

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.