Filtered by vendor Gnu
Subscribe
Total
1161 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4881 | 1 Gnu | 1 Glibc | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.
|
|||||
| CVE-2010-0825 | 1 Gnu | 1 Emacs | 2025-04-11 | 4.4 MEDIUM | N/A |
|
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
|
|||||
| CVE-2013-4332 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
|
|||||
| CVE-2013-4458 | 2 Gnu, Suse | 3 Glibc, Linux Enterprise Debuginfo, Linux Enterprise Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
|
|||||
| CVE-2012-3404 | 3 Canonical, Gnu, Redhat | 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
|
|||||
| CVE-2010-0830 | 1 Gnu | 1 Glibc | 2025-04-11 | 5.1 MEDIUM | N/A |
|
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
|
|||||
| CVE-2011-4128 | 1 Gnu | 1 Gnutls | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.
|
|||||
| CVE-2012-0864 | 1 Gnu | 1 Glibc | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.
|
|||||
| CVE-2012-5667 | 1 Gnu | 1 Grep | 2025-04-11 | 4.4 MEDIUM | N/A |
|
Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow.
|
|||||
| CVE-2012-4424 | 1 Gnu | 1 Glibc | 2025-04-11 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.
|
|||||
| CVE-2013-4466 | 1 Gnu | 1 Gnutls | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries.
|
|||||
| CVE-2012-0035 | 2 Eric M Ludlam, Gnu | 2 Cedet, Emacs | 2025-04-11 | 9.3 HIGH | N/A |
|
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
|
|||||
| CVE-2011-3771 | 1 Gnu | 1 Phpbook | 2025-04-11 | 5.0 MEDIUM | N/A |
|
phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php and certain other files.
|
|||||
| CVE-2010-3856 | 1 Gnu | 1 Glibc | 2025-04-11 | 7.2 HIGH | N/A |
|
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
|
|||||
| CVE-2009-5078 | 2 Apple, Gnu | 2 Mac Os X, Groff | 2025-04-11 | 6.4 MEDIUM | 6.5 MEDIUM |
|
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document.
|
|||||
| CVE-2010-3192 | 1 Gnu | 1 Glibc | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) imp ...
Show More |
|||||
| CVE-2010-2056 | 1 Gnu | 1 Gv | 2025-04-11 | 3.3 LOW | N/A |
|
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
|||||
| CVE-2011-1095 | 1 Gnu | 1 Glibc | 2025-04-11 | 6.2 MEDIUM | N/A |
|
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
|
|||||
| CVE-2010-3089 | 1 Gnu | 1 Mailman | 2025-04-11 | 3.5 LOW | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field.
|
|||||
| CVE-2009-5081 | 1 Gnu | 1 Groff | 2025-04-11 | 3.3 LOW | N/A |
|
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969.
|
|||||
| CVE-2012-3479 | 1 Gnu | 1 Emacs | 2025-04-11 | 6.8 MEDIUM | N/A |
|
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
|
|||||
| CVE-2008-5659 | 1 Gnu | 1 Classpath | 2025-04-09 | 7.5 HIGH | N/A |
|
The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys.
|
|||||
| CVE-2008-4989 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2025-04-09 | 4.3 MEDIUM | 5.9 MEDIUM |
|
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).
|
|||||
| CVE-2006-4181 | 1 Gnu | 1 Radius | 2025-04-09 | 10.0 HIGH | N/A |
|
Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-4128 | 1 Gnu | 1 Grub 2 | 2025-04-09 | 7.2 HIGH | N/A |
|
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1.
|
|||||
| CVE-2006-6235 | 6 Gnu, Gpg4win, Redhat and 3 more | 9 Privacy Guard, Gpg4win, Enterprise Linux and 6 more | 2025-04-09 | 10.0 HIGH | N/A |
|
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
|
|||||
| CVE-2006-7151 | 2 Gnu, Redhat | 2 Libtool-ltdl, Fedora Core | 2025-04-09 | 6.6 MEDIUM | N/A |
|
Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories.
|
|||||
| CVE-2006-4810 | 1 Gnu | 1 Texinfo | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file.
|
|||||
| CVE-2007-3741 | 2 Gnu, Mandriva | 2 Gimp, Linux | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.
|
|||||
| CVE-2007-2452 | 1 Gnu | 1 Findutils | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
|
|||||
| CVE-2008-1367 | 1 Gnu | 1 Gcc | 2025-04-09 | 7.5 HIGH | N/A |
|
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.
|
|||||
| CVE-2009-2409 | 3 Gnu, Mozilla, Openssl | 3 Gnutls, Network Security Services, Openssl | 2025-04-09 | 5.1 MEDIUM | N/A |
|
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
|
|||||
| CVE-2007-5377 | 1 Gnu | 1 Tramp | 2025-04-09 | 6.9 MEDIUM | N/A |
|
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-2008-3896 | 1 Gnu | 1 Grub Legacy | 2025-04-09 | 2.1 LOW | N/A |
|
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
|
|||||
| CVE-2008-1688 | 1 Gnu | 1 M4 | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.
|
|||||
| CVE-2008-3863 | 1 Gnu | 1 Enscript | 2025-04-09 | 7.6 HIGH | N/A |
|
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
|
|||||
| CVE-2010-0015 | 1 Gnu | 1 Glibc | 2025-04-09 | 7.5 HIGH | N/A |
|
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.
|
|||||
| CVE-2008-1948 | 1 Gnu | 1 Gnutls | 2025-04-09 | 10.0 HIGH | N/A |
|
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS ...
Show More |
|||||
| CVE-2008-1946 | 1 Gnu | 1 Coreutils | 2025-04-09 | 4.4 MEDIUM | N/A |
|
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.
|
|||||
| CVE-2006-5864 | 1 Gnu | 1 Gv | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
|
|||||