Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0990 | 1 Gnu | 1 Sharutils | 2024-02-28 | 2.1 LOW | N/A |
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. | |||||
CVE-2005-3011 | 1 Gnu | 1 Texinfo | 2024-02-28 | 1.2 LOW | N/A |
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2005-4808 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. | |||||
CVE-2006-3636 | 1 Gnu | 1 Mailman | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2006-0300 | 1 Gnu | 1 Tar | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers. | |||||
CVE-2006-0455 | 1 Gnu | 1 Privacy Guard | 2024-02-28 | 4.6 MEDIUM | N/A |
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify". | |||||
CVE-2006-0052 | 1 Gnu | 1 Mailman | 2024-02-28 | 5.0 MEDIUM | N/A |
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary. | |||||
CVE-2004-1185 | 1 Gnu | 1 Enscript | 2024-02-28 | 7.5 HIGH | N/A |
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames. | |||||
CVE-2005-4268 | 1 Gnu | 1 Cpio | 2024-02-28 | 3.7 LOW | N/A |
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. | |||||
CVE-2005-0758 | 2 Canonical, Gnu | 2 Ubuntu Linux, Gzip | 2024-02-28 | 4.6 MEDIUM | N/A |
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. | |||||
CVE-2005-3424 | 1 Gnu | 1 Gnump3d | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | |||||
CVE-2005-1228 | 1 Gnu | 1 Gzip | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. | |||||
CVE-2006-4624 | 1 Gnu | 1 Mailman | 2024-02-28 | 2.6 LOW | N/A |
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI. | |||||
CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2024-02-28 | 1.9 LOW | N/A |
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | |||||
CVE-2004-2461 | 1 Gnu | 1 Gnubiff | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | |||||
CVE-2005-3137 | 1 Gnu | 1 Cfengine | 2024-02-28 | 2.1 LOW | N/A |
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960. | |||||
CVE-2005-0100 | 1 Gnu | 2 Emacs, Xemacs | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | |||||
CVE-2004-1177 | 1 Gnu | 1 Mailman | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | |||||
CVE-2005-2397 | 1 Gnu | 1 Phpbook | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter. | |||||
CVE-2004-2531 | 1 Gnu | 1 Gnutls | 2024-02-28 | 7.8 HIGH | N/A |
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. |