Filtered by vendor Gnu
Subscriptions
Total
1148 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0778 | 2 Gnu, Redhat | 2 Cvs, Enterprise Linux | 2025-04-03 | N/A |
| CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned. | ||||
| CVE-2005-1705 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2025-04-03 | N/A |
| gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. | ||||
| CVE-2005-2397 | 1 Gnu | 1 Phpbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter. | ||||
| CVE-2001-1267 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). | ||||
| CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2025-04-03 | N/A |
| (1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | ||||
| CVE-2002-0388 | 2 Gnu, Redhat | 5 Mailman, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | ||||
| CVE-2005-2878 | 1 Gnu | 1 Mailutils | 2025-04-03 | N/A |
| Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command. | ||||
| CVE-2001-1036 | 2 Gnu, Slackware | 2 Findutils, Slackware Linux | 2025-04-03 | N/A |
| GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | ||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2025-04-03 | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | ||||
| CVE-2001-1022 | 3 Gnu, Jgroff, Redhat | 3 Groff, Jgroff, Linux | 2025-04-03 | N/A |
| Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | ||||
| CVE-2000-0271 | 1 Gnu | 1 Emacs | 2025-04-03 | N/A |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | ||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2025-04-03 | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | ||||
| CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. | ||||
| CVE-2005-3137 | 1 Gnu | 1 Cfengine | 2025-04-03 | N/A |
| The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960. | ||||
| CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2025-04-03 | N/A |
| A version of finger is running that exposes valid user information to any entity on the network. | ||||
| CVE-1999-0491 | 1 Gnu | 1 Bash | 2025-04-03 | N/A |
| The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. | ||||
| CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | ||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | ||||
| CVE-2005-3425 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. | ||||
| CVE-2005-3424 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | ||||