Every CVE whose affected-product data names Gnu Coreutils, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2015-4042 — CVSS 9.8 (critical): Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of…
CVE-2015-4041 — CVSS 7.8 (high): The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without…
CVE-2014-9471 — CVSS 7.5 (high): The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary…
CVE-2017-18018 — CVSS 7.1 (high): In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of…
CVE-2024-0684 — CVSS 5.5 (medium): A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could…
CVE-2016-2781 — CVSS 4.6 (medium): chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call…
CVE-2009-4135 — CVSS 4.4 (medium): The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file…
CVE-2008-1946 — CVSS 4.4 (medium): The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2)…
CVE-2005-1039 — CVSS 3.7 (low): Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local…