Search Results (1247 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0270 1 Gnu 1 Emacs 2026-04-16 N/A
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
CVE-2003-0992 2 Gnu, Redhat 2 Mailman, Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.
CVE-2005-0758 3 Canonical, Gnu, Redhat 3 Ubuntu Linux, Gzip, Enterprise Linux 2026-04-16 N/A
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
CVE-2002-0389 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.
CVE-2002-0388 2 Gnu, Redhat 5 Mailman, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
CVE-2004-1772 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument.
CVE-2005-3349 1 Gnu 1 Gnump3d 2026-04-16 N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
CVE-2005-3424 1 Gnu 1 Gnump3d 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
CVE-2001-1022 3 Gnu, Jgroff, Redhat 3 Groff, Jgroff, Linux 2026-04-16 N/A
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
CVE-2001-1267 2 Gnu, Redhat 3 Tar, Enterprise Linux, Linux 2026-04-16 N/A
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
CVE-2003-0972 1 Gnu 1 Screen 2026-04-16 N/A
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
CVE-1999-0041 5 Cray, Gnu, Ibm and 2 more 6 Unicos, Unicos Max, Libc and 3 more 2026-04-16 N/A
Buffer overflow in NLS (Natural Language Service).
CVE-2004-1170 3 Gnu, Sun, Suse 3 A2ps, Java Desktop System, Suse Linux 2026-04-16 N/A
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
CVE-2005-3137 1 Gnu 1 Cfengine 2026-04-16 N/A
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.
CVE-2000-0335 2 Gnu, Isc 2 Glibc, Bind 2026-04-16 N/A
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
CVE-2006-1902 1 Gnu 1 Gcc 2026-04-16 N/A
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."
CVE-2003-0859 5 Gnu, Intel, Quagga and 2 more 8 Glibc, Zebra, Ia64 and 5 more 2026-04-16 N/A
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2000-0824 1 Gnu 1 Glibc 2026-04-16 N/A
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
CVE-2003-0858 3 Gnu, Quagga, Redhat 4 Zebra, Quagga Routing Software Suite, Enterprise Linux and 1 more 2026-04-16 N/A
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-1999-0035 2 Gnu, Sgi 2 Inet, Irix 2026-04-16 5.4 Medium
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.