Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0548 | 2 Gentoo, Gnu | 2 Linux, Aspell | 2024-02-28 | 7.2 HIGH | N/A |
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. | |||||
CVE-2003-0859 | 5 Gnu, Intel, Quagga and 2 more | 7 Glibc, Zebra, Ia64 and 4 more | 2024-02-28 | 4.9 MEDIUM | N/A |
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
CVE-2001-1132 | 1 Gnu | 1 Mailman | 2024-02-28 | 7.5 HIGH | N/A |
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | |||||
CVE-2002-1146 | 1 Gnu | 1 Glibc | 2024-02-28 | 5.0 MEDIUM | N/A |
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). | |||||
CVE-2004-0182 | 1 Gnu | 1 Mailman | 2024-02-28 | 5.0 MEDIUM | N/A |
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field. | |||||
CVE-1999-0216 | 3 Gnu, Hp, Linux | 3 Inet, Hp-ux, Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service of inetd on Linux through SYN and RST packets. | |||||
CVE-2002-0388 | 1 Gnu | 1 Mailman | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | |||||
CVE-2002-0178 | 1 Gnu | 1 Sharutils | 2024-02-28 | 7.2 HIGH | N/A |
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. | |||||
CVE-2001-1377 | 11 Freeradius, Gnu, Icradius and 8 more | 11 Freeradius, Radius, Icradius and 8 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | |||||
CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2024-02-28 | 2.1 LOW | N/A |
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2024-02-28 | 7.2 HIGH | N/A |
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
CVE-2003-0972 | 1 Gnu | 1 Screen | 2024-02-28 | 10.0 HIGH | N/A |
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | |||||
CVE-2003-0854 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2024-02-28 | 2.1 LOW | N/A |
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | |||||
CVE-2004-1337 | 3 Conectiva, Gnu, Ubuntu | 3 Linux, Realtime Linux Security Module, Ubuntu Linux | 2024-02-28 | 7.2 HIGH | N/A |
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. | |||||
CVE-2003-0853 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | |||||
CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in NLS (Natural Language Service). | |||||
CVE-2000-0271 | 1 Gnu | 1 Emacs | 2024-02-28 | 4.6 MEDIUM | N/A |
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | |||||
CVE-2004-0623 | 1 Gnu | 1 Gnats | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog. | |||||
CVE-2003-0826 | 1 Gnu | 1 Lsh | 2024-02-28 | 7.5 HIGH | N/A |
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. | |||||
CVE-2004-1382 | 1 Gnu | 1 Glibc | 2024-02-28 | 2.1 LOW | N/A |
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. |