Filtered by vendor Gnu
Subscriptions
Total
1164 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0991 | 3 Gnu, Redhat, Sgi | 3 Mailman, Enterprise Linux, Propack | 2025-04-03 | N/A |
| Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. | ||||
| CVE-2003-0992 | 2 Gnu, Redhat | 2 Mailman, Linux | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | ||||
| CVE-2004-2531 | 1 Gnu | 1 Gnutls | 2025-04-03 | N/A |
| X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | ||||
| CVE-2005-0080 | 2 Gnu, Ubuntu | 2 Mailman, Ubuntu Linux | 2025-04-03 | N/A |
| The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. | ||||
| CVE-2005-0100 | 2 Gnu, Redhat | 3 Emacs, Xemacs, Enterprise Linux | 2025-04-03 | N/A |
| Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | ||||
| CVE-2004-1170 | 3 Gnu, Sun, Suse | 3 A2ps, Java Desktop System, Suse Linux | 2025-04-03 | N/A |
| a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | ||||
| CVE-2006-0455 | 2 Gnu, Redhat | 2 Privacy Guard, Enterprise Linux | 2025-04-03 | N/A |
| gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify". | ||||
| CVE-2005-1521 | 1 Gnu | 1 Mailutils | 2025-04-03 | N/A |
| Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. | ||||
| CVE-2005-1704 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow. | ||||
| CVE-2005-1824 | 1 Gnu | 1 Mailutils | 2025-04-03 | N/A |
| The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks. | ||||
| CVE-2005-3424 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | ||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2025-04-03 | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | ||||
| CVE-2006-2362 | 1 Gnu | 1 Binutils | 2025-04-03 | 7.3 High |
| Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. | ||||
| CVE-2005-3137 | 1 Gnu | 1 Cfengine | 2025-04-03 | N/A |
| The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960. | ||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | ||||
| CVE-2005-3425 | 1 Gnu | 1 Gnump3d | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. | ||||
| CVE-2005-3573 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2025-04-03 | N/A |
| Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-4153 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2025-04-03 | N/A |
| Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573. | ||||
| CVE-2005-4808 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2025-04-03 | N/A |
| Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. | ||||
| CVE-2006-0075 | 1 Gnu | 1 Phpbook | 2025-04-03 | N/A |
| Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file. | ||||