Filtered by vendor Gnu
Subscriptions
Total
1203 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1487 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2025-04-03 | N/A |
| wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences. | ||||
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2025-04-03 | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | ||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2025-04-03 | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | ||||
| CVE-2004-0603 | 1 Gnu | 1 Gzip | 2025-04-03 | N/A |
| gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332. | ||||
| CVE-2000-1137 | 2 Gnu, Redhat | 2 Ed, Linux | 2025-04-03 | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | ||||
| CVE-2004-0548 | 2 Gentoo, Gnu | 2 Linux, Aspell | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. | ||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2025-04-03 | 6.5 Medium |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | ||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2025-04-03 | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | ||||
| CVE-2000-0271 | 1 Gnu | 1 Emacs | 2025-04-03 | N/A |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | ||||
| CVE-2004-0353 | 1 Gnu | 1 Anubis | 2025-04-03 | N/A |
| Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | ||||
| CVE-2002-0204 | 1 Gnu | 1 Chess | 2025-04-03 | N/A |
| Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. | ||||
| CVE-2000-0151 | 1 Gnu | 1 Make | 2025-04-03 | N/A |
| GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | ||||
| CVE-2002-1216 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2025-04-03 | N/A |
| GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check. | ||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2025-04-03 | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | ||||
| CVE-2004-1184 | 4 Gnu, Redhat, Sgi and 1 more | 5 Enscript, Enterprise Linux, Fedora Core and 2 more | 2025-04-03 | N/A |
| The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | ||||
| CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2025-04-03 | N/A |
| (1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | ||||
| CVE-2004-0969 | 3 Gentoo, Gnu, Ubuntu | 3 Linux, Groff, Ubuntu Linux | 2025-04-03 | N/A |
| The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-0966 | 2 Gnu, Ubuntu | 2 Gettext, Ubuntu Linux | 2025-04-03 | N/A |
| The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-1453 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-03 | N/A |
| GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | ||||