Filtered by vendor Gnu
Subscriptions
Total
1151 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0853 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
| CVE-2003-0858 | 3 Gnu, Quagga, Redhat | 4 Zebra, Quagga Routing Software Suite, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2025-04-03 | N/A |
| The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | ||||
| CVE-2003-0972 | 1 Gnu | 1 Screen | 2025-04-03 | N/A |
| Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | ||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2025-04-03 | 6.5 Medium |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | ||||
| CVE-2005-1228 | 2 Gnu, Redhat | 2 Gzip, Enterprise Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. | ||||
| CVE-2005-1229 | 1 Gnu | 1 Cpio | 2025-04-03 | N/A |
| Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file. | ||||
| CVE-2004-0555 | 1 Gnu | 1 Queue | 2025-04-03 | N/A |
| Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-0202 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences. | ||||
| CVE-2004-0970 | 1 Gnu | 1 Gzip | 2025-04-03 | N/A |
| The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367. | ||||
| CVE-2004-1143 | 1 Gnu | 1 Mailman | 2025-04-03 | N/A |
| The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. | ||||
| CVE-2004-1184 | 4 Gnu, Redhat, Sgi and 1 more | 5 Enscript, Enterprise Linux, Fedora Core and 2 more | 2025-04-03 | N/A |
| The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2004-1349 | 2 Gnu, Oracle | 2 Gzip, Solaris | 2025-04-03 | N/A |
| gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. | ||||
| CVE-2004-1377 | 2 Gnu, Turbolinux | 4 A2ps, Turbolinux Home, Turbolinux Server and 1 more | 2025-04-03 | N/A |
| The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-1918 | 2 Gnu, Redhat | 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-03 | N/A |
| The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". | ||||
| CVE-2005-2180 | 1 Gnu | 1 Gnats | 2025-04-03 | N/A |
| gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files. | ||||
| CVE-2005-1520 | 1 Gnu | 1 Mailutils | 2025-04-03 | N/A |
| Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail. | ||||
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2025-04-03 | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | ||||
| CVE-2004-1488 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2025-04-03 | N/A |
| wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | ||||
| CVE-2005-1521 | 1 Gnu | 1 Mailutils | 2025-04-03 | N/A |
| Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. | ||||