Filtered by vendor Gnu
Subscribe
Total
1065 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0216 | 3 Gnu, Hp, Linux | 3 Inet, Hp-ux, Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
| Denial of service of inetd on Linux through SYN and RST packets. | |||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
| The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | |||||
| CVE-2003-0853 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
| An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | |||||
| CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | |||||
| CVE-2001-0290 | 1 Gnu | 1 Mailman | 2023-12-10 | 4.6 MEDIUM | N/A |
| Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | |||||
| CVE-2002-0388 | 1 Gnu | 1 Mailman | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | |||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2023-12-10 | 3.6 LOW | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2023-12-10 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2004-0623 | 1 Gnu | 1 Gnats | 2023-12-10 | 10.0 HIGH | N/A |
| Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog. | |||||
| CVE-2002-1265 | 3 Apple, Gnu, Sgi | 4 Mac Os X, Mac Os X Server, Glibc and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). | |||||
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | |||||
| CVE-1999-0150 | 1 Gnu | 1 Fingerd | 2023-12-10 | 7.5 HIGH | N/A |
| The Perl fingerd program allows arbitrary command execution from remote users. | |||||
| CVE-2001-1228 | 1 Gnu | 1 Gzip | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | |||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2023-12-10 | 5.0 MEDIUM | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2002-0399 | 1 Gnu | 1 Tar | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | |||||
| CVE-2004-2014 | 1 Gnu | 1 Wget | 2023-12-10 | 2.6 LOW | N/A |
| Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | |||||
| CVE-2004-0581 | 2 Gnu, Mandrakesoft | 3 Ksymoops, Mandrake Linux, Mandrake Linux Corporate Server | 2023-12-10 | 4.6 MEDIUM | N/A |
| ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. | |||||
| CVE-2002-0204 | 1 Gnu | 1 Chess | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. | |||||
| CVE-2003-0972 | 1 Gnu | 1 Screen | 2023-12-10 | 10.0 HIGH | N/A |
| Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | |||||
| CVE-2003-0854 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2023-12-10 | 2.1 LOW | N/A |
| ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | |||||