Filtered by vendor Gnu
Subscribe
Total
1141 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2025-04-03 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2025-04-03 | 7.5 HIGH | N/A |
| The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2025-04-03 | 2.1 LOW | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | |||||
| CVE-2004-1453 | 1 Gnu | 1 Glibc | 2025-04-03 | 2.1 LOW | N/A |
| GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | |||||
| CVE-2000-1219 | 1 Gnu | 2 G\+\+, Gcc | 2025-04-03 | 7.5 HIGH | N/A |
| The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows. | |||||
| CVE-2004-0576 | 1 Gnu | 1 Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
| The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID. | |||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | |||||
| CVE-2001-1267 | 1 Gnu | 1 Tar | 2025-04-03 | 2.1 LOW | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). | |||||
| CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in NLS (Natural Language Service). | |||||
| CVE-2002-1146 | 1 Gnu | 1 Glibc | 2025-04-03 | 5.0 MEDIUM | N/A |
| The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). | |||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2025-04-03 | 2.1 LOW | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | |||||
| CVE-2002-1216 | 1 Gnu | 1 Tar | 2025-04-03 | 5.0 MEDIUM | N/A |
| GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check. | |||||
| CVE-2005-1431 | 1 Gnu | 1 Gnutls | 2025-04-03 | 5.0 MEDIUM | N/A |
| The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c. | |||||
| CVE-2006-2362 | 1 Gnu | 1 Binutils | 2025-04-03 | 7.5 HIGH | 7.3 HIGH |
| Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. | |||||
| CVE-2003-0965 | 1 Gnu | 1 Mailman | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. | |||||
| CVE-2005-4808 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2025-04-03 | 7.6 HIGH | N/A |
| Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. | |||||
| CVE-2001-1377 | 11 Freeradius, Gnu, Icradius and 8 more | 11 Freeradius, Radius, Icradius and 8 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-2004-1337 | 3 Conectiva, Gnu, Ubuntu | 3 Linux, Realtime Linux Security Module, Ubuntu Linux | 2025-04-03 | 7.2 HIGH | N/A |
| The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. | |||||