Filtered by vendor Gnu
Subscriptions
Total
1222 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0855 | 2 Gnu, Redhat | 5 Mailman, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | ||||
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | ||||
| CVE-2001-1376 | 13 Ascend, Freeradius, Gnu and 10 more | 13 Radius, Freeradius, Radius and 10 more | 2026-04-16 | N/A |
| Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. | ||||
| CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | ||||
| CVE-2002-1265 | 3 Apple, Gnu, Sgi | 4 Mac Os X, Mac Os X Server, Glibc and 1 more | 2026-04-16 | N/A |
| The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). | ||||
| CVE-2001-1022 | 3 Gnu, Jgroff, Redhat | 3 Groff, Jgroff, Linux | 2026-04-16 | N/A |
| Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | ||||
| CVE-2004-0353 | 1 Gnu | 1 Anubis | 2026-04-16 | N/A |
| Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | ||||
| CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2026-04-16 | N/A |
| rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | ||||
| CVE-2005-1521 | 1 Gnu | 1 Mailutils | 2026-04-16 | N/A |
| Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. | ||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2026-04-16 | 6.5 Medium |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | ||||
| CVE-2005-1705 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2026-04-16 | N/A |
| gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. | ||||
| CVE-2006-2362 | 1 Gnu | 1 Binutils | 2026-04-16 | 7.3 High |
| Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. | ||||
| CVE-2003-0992 | 2 Gnu, Redhat | 2 Mailman, Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | ||||
| CVE-2002-0003 | 2 Gnu, Redhat | 2 Groff, Linux | 2026-04-16 | N/A |
| Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | ||||
| CVE-2005-0100 | 2 Gnu, Redhat | 3 Emacs, Xemacs, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | ||||
| CVE-2000-0959 | 1 Gnu | 1 Glibc | 2026-04-16 | N/A |
| glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. | ||||
| CVE-2001-0191 | 3 Andynorman, Gnu, Redhat | 4 Gnuserv, Xemacs, Linux and 1 more | 2026-04-16 | N/A |
| gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. | ||||
| CVE-2006-2191 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Format string vulnerability in Mailman before 2.1.9 allows attackers to execute arbitrary code via unspecified vectors. NOTE: the vendor has disputed this vulnerability, stating that it is "unexploitable. | ||||
| CVE-2006-1712 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument. | ||||
| CVE-2005-1229 | 1 Gnu | 1 Cpio | 2026-04-16 | N/A |
| Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file. | ||||