Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2023-12-10 | 2.1 LOW | N/A |
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2004-0353 | 1 Gnu | 1 Anubis | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | |||||
CVE-2002-0389 | 1 Gnu | 1 Mailman | 2023-12-10 | 2.1 LOW | N/A |
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | |||||
CVE-2002-0003 | 1 Gnu | 1 Groff | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | |||||
CVE-1999-0035 | 2 Gnu, Sgi | 2 Inet, Irix | 2023-12-10 | 5.1 MEDIUM | N/A |
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | |||||
CVE-2003-0038 | 1 Gnu | 1 Mailman | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. | |||||
CVE-2000-0151 | 1 Gnu | 1 Make | 2023-12-10 | 6.2 MEDIUM | N/A |
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | |||||
CVE-2001-1267 | 1 Gnu | 1 Tar | 2023-12-10 | 2.1 LOW | N/A |
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). | |||||
CVE-2002-1216 | 1 Gnu | 1 Tar | 2023-12-10 | 5.0 MEDIUM | N/A |
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check. | |||||
CVE-2003-0826 | 1 Gnu | 1 Lsh | 2023-12-10 | 7.5 HIGH | N/A |
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. | |||||
CVE-2002-0178 | 1 Gnu | 1 Sharutils | 2023-12-10 | 7.2 HIGH | N/A |
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. | |||||
CVE-2000-0861 | 1 Gnu | 1 Mailman | 2023-12-10 | 7.2 HIGH | N/A |
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | |||||
CVE-2003-0859 | 5 Gnu, Intel, Quagga and 2 more | 7 Glibc, Zebra, Ia64 and 4 more | 2023-12-10 | 4.9 MEDIUM | N/A |
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2023-12-10 | 4.6 MEDIUM | N/A |
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | |||||
CVE-2001-0072 | 1 Gnu | 1 Privacy Guard | 2023-12-10 | 5.0 MEDIUM | N/A |
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | |||||
CVE-2001-1022 | 2 Gnu, Jgroff | 2 Groff, Jgroff | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | |||||
CVE-2000-0963 | 4 Freebsd, Gnu, Immunix and 1 more | 4 Freebsd, Ncurses, Immunix and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | |||||
CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2023-12-10 | N/A | N/A |
A version of finger is running that exposes valid user information to any entity on the network. | |||||
CVE-2004-1773 | 1 Gnu | 1 Sharutils | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar. | |||||
CVE-1999-0491 | 1 Gnu | 1 Bash | 2023-12-10 | 4.6 MEDIUM | N/A |
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. |