GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-08310)

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GNU GRUB. The vulnerability stems from the romsfs module containing an integer overflow issue when handling symbolic links, resulting in a heap-based out-of-bounds write when reading data. No...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Watson AIOps version 4.2.0 Vulnerability Details CVEID:CVE-2023-24539 DESCRIPTION: Go is vulnerable to HTML injection. A remote attacker could inject malicious HTML code into a template containing multiple actions separated by a...

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Red Hat is used by IBM Robotic Process Automation for Cloud Pak as part of base container images. CVE-2016-4074. getaddrinfo is used by IBM Robotic Process Automation for Cloud Pak as part of the ba...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Watson AIOps version 4.1.1 Vulnerability Details CVEID:CVE-2021-40528 DESCRIPTION: GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a...

GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-08311)

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GRUB. The vulnerability stems from the fs/hfs module containing an integer overflow issue that results in heap-based out-of-bounds writes. An attacker can exploit this vulnerability to execut...

编号撤回

libgsf is a GNOME open source library. This CVE number has been withdrawn...

CBL Mariner 2.0 Security Update: emacs (CVE-2024-53920)

The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53920 advisory. - In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code...

SUSE CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...

UBUNTU-CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...

RLSA-2025:1309 Moderate: gcc-toolset-13-gcc security update

The gcc-toolset-13-gcc13 package contains the GNU Compiler Collection version 13. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

RLSA-2024:9430 Low: nano security update

GNU nano is a small and friendly text editor. Security Fixes: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 For more details about the security issues, including the impact, a CVSS scor...

Security Bulletin: Vulnerability in GNU Wget affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in GNU Wget has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 This is a PoC Proof Of Concept for the Looney...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-08319)

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from a failure to properly account for the length of an environment variable when copying user-controlled environment variable data to an internal buffer, resulting in an...

Security Bulletin: Vulnerability in GNU Wget affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in GNU Wget has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

GNU GRUB2 Out-of-Bounds Write Vulnerability (CNVD-2025-08320)

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from an out-of-bounds write vulnerability that stems from a flaw found in the HFS file system. No details of the vulnerability are provided at this time...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-08321)

GRUB2 is a multiple bootloader for the GNU Project. A buffer overflow vulnerability exists in GNU GRUB2, which stems from the fact that when reading a tar file, GRUB2 allocates an internal buffer for the filename, and does not properly validate the allocation for a possible integer overflow. An...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-08322)

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from a buffer overflow problem contained in reading the BFS file system. An attacker could exploit this vulnerability to cause a denial of service...

GNU GRUB2 Buffer Overflow Vulnerability (CNVD-2025-08323)

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from an integer overflow flaw found in GRUB2's BFS file system driver. No detailed vulnerability details are provided at this time...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : GNU Chess vulnerability (USN-7336-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7336-1 advisory. Michael Vaughan discovered an overflow vulnerability in GNU Chess that occurs when reading a specially crafted Portable Game Notation PGN file...