Filtered by vendor Gnu
Subscribe
Total
1161 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2397 | 1 Gnu | 1 Phpbook | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.
|
|||||
| CVE-1999-0491 | 1 Gnu | 1 Bash | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
|
|||||
| CVE-2003-0826 | 1 Gnu | 1 Lsh | 2025-04-03 | 7.5 HIGH | N/A |
|
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
|
|||||
| CVE-2000-0824 | 1 Gnu | 1 Glibc | 2025-04-03 | 7.2 HIGH | N/A |
|
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
|
|||||
| CVE-2006-4624 | 1 Gnu | 1 Mailman | 2025-04-03 | 2.6 LOW | N/A |
|
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.
|
|||||
| CVE-2000-0959 | 1 Gnu | 1 Glibc | 2025-04-03 | 1.2 LOW | N/A |
|
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
|
|||||
| CVE-2001-1376 | 12 Ascend, Freeradius, Gnu and 9 more | 12 Radius, Freeradius, Radius and 9 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
|
|||||
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2025-04-03 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
|
|||||
| CVE-2005-1520 | 1 Gnu | 1 Mailutils | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail.
|
|||||
| CVE-2004-0984 | 1 Gnu | 1 Mailutils | 2025-04-03 | 7.2 HIGH | N/A |
|
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges.
|
|||||
| CVE-2000-1219 | 1 Gnu | 2 G\+\+, Gcc | 2025-04-03 | 7.5 HIGH | N/A |
|
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
|
|||||
| CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2025-04-03 | 2.1 LOW | N/A |
|
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
|
|||||
| CVE-2004-0576 | 1 Gnu | 1 Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
|
|||||
| CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2025-04-03 | 3.7 LOW | N/A |
|
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
|
|||||
| CVE-2001-1267 | 1 Gnu | 1 Tar | 2025-04-03 | 2.1 LOW | N/A |
|
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
|
|||||
| CVE-2006-0455 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | 4.6 MEDIUM | N/A |
|
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
|
|||||
| CVE-2004-0849 | 1 Gnu | 1 Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
|
|||||
| CVE-2004-0182 | 1 Gnu | 1 Mailman | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
|
|||||
| CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
|
|||||
| CVE-2002-1216 | 1 Gnu | 1 Tar | 2025-04-03 | 5.0 MEDIUM | N/A |
|
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
|
|||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2025-04-03 | 3.6 LOW | N/A |
|
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
|
|||||
| CVE-2002-0204 | 1 Gnu | 1 Chess | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.
|
|||||
| CVE-2006-0300 | 1 Gnu | 1 Tar | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
|
|||||
| CVE-2003-0038 | 1 Gnu | 1 Mailman | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
|
|||||
| CVE-2005-1918 | 2 Gnu, Redhat | 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-03 | 2.6 LOW | N/A |
|
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
|
|||||
| CVE-2002-0003 | 1 Gnu | 1 Groff | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system.
|
|||||
| CVE-2004-2460 | 1 Gnu | 1 Gnubiff | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list.
|
|||||
| CVE-2004-1185 | 1 Gnu | 1 Enscript | 2025-04-03 | 7.5 HIGH | N/A |
|
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
|
|||||
| CVE-2006-4146 | 1 Gnu | 1 Gdb | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
|
|||||
| CVE-2004-2264 | 1 Gnu | 1 Less | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed
|
|||||
| CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2025-04-03 | N/A | N/A |
|
A version of finger is running that exposes valid user information to any entity on the network.
|
|||||
| CVE-2003-0991 | 2 Gnu, Sgi | 2 Mailman, Propack | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
|
|||||
| CVE-2004-0555 | 1 Gnu | 1 Queue | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.
|
|||||
| CVE-2005-0202 | 1 Gnu | 1 Mailman | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
|
|||||
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2025-04-03 | 10.0 HIGH | N/A |
|
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
|
|||||
| CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2025-04-03 | 4.6 MEDIUM | N/A |
|
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.
|
|||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2025-04-03 | 7.2 HIGH | N/A |
|
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
|
|||||
| CVE-2000-0803 | 1 Gnu | 1 Groff | 2025-04-03 | 10.0 HIGH | N/A |
|
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
|
|||||
| CVE-2004-0969 | 3 Gentoo, Gnu, Ubuntu | 3 Linux, Groff, Ubuntu Linux | 2025-04-03 | 2.1 LOW | N/A |
|
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
|
|||||
| CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
|
|||||