Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Findutils
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2452 1 Gnu 1 Findutils 2024-11-21 6.0 MEDIUM N/A
Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.
CVE-2001-1036 2 Gnu, Slackware 2 Findutils, Slackware Linux 2024-11-20 7.2 HIGH N/A
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.