Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2459 | 1 Gnu | 1 Gnubiff | 2023-12-10 | 2.1 LOW | N/A |
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | |||||
CVE-2006-2941 | 1 Gnu | 1 Mailman | 2023-12-10 | 5.0 MEDIUM | N/A |
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers". | |||||
CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2023-12-10 | 2.1 LOW | N/A |
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | |||||
CVE-2005-3573 | 1 Gnu | 1 Mailman | 2023-12-10 | 5.0 MEDIUM | N/A |
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash). | |||||
CVE-2005-2397 | 1 Gnu | 1 Phpbook | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter. | |||||
CVE-2004-1184 | 4 Gnu, Redhat, Sgi and 1 more | 4 Enscript, Fedora Core, Propack and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. | |||||
CVE-2006-0075 | 1 Gnu | 1 Phpbook | 2023-12-10 | 7.5 HIGH | N/A |
Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file. | |||||
CVE-2005-1520 | 1 Gnu | 1 Mailutils | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail. | |||||
CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2023-12-10 | 3.7 LOW | N/A |
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | |||||
CVE-2004-0968 | 2 Gnu, Redhat | 3 Glibc, Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 2.1 LOW | N/A |
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | |||||
CVE-2005-1705 | 1 Gnu | 1 Gdb | 2023-12-10 | 7.2 HIGH | N/A |
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. | |||||
CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2023-12-10 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
CVE-2005-1522 | 1 Gnu | 1 Mailutils | 2023-12-10 | 5.0 MEDIUM | N/A |
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. | |||||
CVE-2006-4624 | 1 Gnu | 1 Mailman | 2023-12-10 | 2.6 LOW | N/A |
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI. | |||||
CVE-2004-1185 | 1 Gnu | 1 Enscript | 2023-12-10 | 7.5 HIGH | N/A |
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames. | |||||
CVE-2004-1170 | 3 Gnu, Sun, Suse | 3 A2ps, Java Desktop System, Suse Linux | 2023-12-10 | 10.0 HIGH | N/A |
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | |||||
CVE-2005-0080 | 2 Gnu, Ubuntu | 2 Mailman, Ubuntu Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. | |||||
CVE-2005-0990 | 1 Gnu | 1 Sharutils | 2023-12-10 | 2.1 LOW | N/A |
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. | |||||
CVE-2006-3636 | 1 Gnu | 1 Mailman | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2000-0824 | 1 Gnu | 1 Glibc | 2023-12-10 | 7.2 HIGH | N/A |
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. |