Filtered by vendor Gnu
Subscriptions
Total
1208 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | ||||
| CVE-2005-3573 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-2397 | 1 Gnu | 1 Phpbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter. | ||||
| CVE-2002-0044 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Enscript, Linux | 2026-04-16 | N/A |
| GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | ||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2026-04-16 | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | ||||
| CVE-2000-1137 | 2 Gnu, Redhat | 2 Ed, Linux | 2026-04-16 | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | ||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2026-04-16 | 6.2 Medium |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-3137 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960. | ||||
| CVE-2003-0858 | 3 Gnu, Quagga, Redhat | 4 Zebra, Quagga Routing Software Suite, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||
| CVE-2003-0965 | 2 Gnu, Redhat | 2 Mailman, Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. | ||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | ||||
| CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2026-04-16 | N/A |
| Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | ||||
| CVE-2006-3636 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2005-2180 | 1 Gnu | 1 Gnats | 2026-04-16 | N/A |
| gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files. | ||||
| CVE-2000-0861 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | ||||
| CVE-2005-3424 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | ||||
| CVE-2004-1143 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. | ||||
| CVE-2004-1170 | 3 Gnu, Sun, Suse | 3 A2ps, Java Desktop System, Suse Linux | 2026-04-16 | N/A |
| a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | ||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2026-04-16 | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | ||||