GNU
CVE Severity Distribution (All Time)
Timeline Overview
Recent CVEs
View allGNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.
GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp sourc…
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these c…
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns …
GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When params.n_tries is negative, i…
Related Security News
Two security vulnerabilities were discovered in Emacs: CVE-2024-53920 Elisp byte-compilation ('elisp-flymake-byte-compile') in the Flymake mode is now disabled for untrusted files. CVE-2025-1244 An i…
The Emacs extensible text editor (among other things) has made a security release to address two vulnerabilities. Emacs 30.1 has fixes for CVE-2025-1244, which is a shell-command-injection flaw in th…