Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1453 | 1 Gnu | 1 Glibc | 2023-12-10 | 2.1 LOW | N/A |
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | |||||
CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Land IP denial of service. | |||||
CVE-2002-2099 | 1 Gnu | 1 Data Display Debugger | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE. | |||||
CVE-2003-1232 | 1 Gnu | 1 Emacs | 2023-12-10 | 5.1 MEDIUM | N/A |
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. | |||||
CVE-1999-0402 | 1 Gnu | 1 Wget | 2023-12-10 | 5.0 MEDIUM | N/A |
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | |||||
CVE-2003-0992 | 1 Gnu | 1 Mailman | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | |||||
CVE-2004-0603 | 1 Gnu | 1 Gzip | 2023-12-10 | 10.0 HIGH | N/A |
gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332. | |||||
CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2023-12-10 | 7.5 HIGH | N/A |
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | |||||
CVE-2004-0412 | 1 Gnu | 1 Mailman | 2023-12-10 | 5.0 MEDIUM | N/A |
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
CVE-2000-0271 | 1 Gnu | 1 Emacs | 2023-12-10 | 4.6 MEDIUM | N/A |
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | |||||
CVE-2002-1602 | 1 Gnu | 1 Screen | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code. | |||||
CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. | |||||
CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2023-12-10 | 1.2 LOW | N/A |
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | |||||
CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2023-12-10 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | |||||
CVE-2002-1344 | 2 Gnu, Sun | 2 Wget, Cobalt Raq Xtr | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. | |||||
CVE-2004-1296 | 1 Gnu | 1 Groff | 2023-12-10 | 2.1 LOW | N/A |
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2023-12-10 | 7.5 HIGH | N/A |
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | |||||
CVE-2001-1376 | 12 Ascend, Freeradius, Gnu and 9 more | 12 Radius, Freeradius, Radius and 9 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. | |||||
CVE-2004-0849 | 1 Gnu | 1 Radius | 2023-12-10 | 5.0 MEDIUM | N/A |
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. |