ReportizFlow
Filtered by vendor Gnu
Subscriptions
Total
1241 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0075 | 1 Gnu | 1 Phpbook | 2026-04-16 | N/A |
| Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file. | ||||
| CVE-2002-1344 | 3 Gnu, Redhat, Sun | 4 Wget, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. | ||||
| CVE-2004-1296 | 1 Gnu | 1 Groff | 2026-04-16 | N/A |
| The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0100 | 2 Gnu, Redhat | 3 Emacs, Xemacs, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | ||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2026-04-16 | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | ||||
| CVE-2003-0992 | 2 Gnu, Redhat | 2 Mailman, Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | ||||
| CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2026-04-16 | N/A |
| (1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | ||||
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | ||||
| CVE-2003-0991 | 3 Gnu, Redhat, Sgi | 3 Mailman, Enterprise Linux, Propack | 2026-04-16 | N/A |
| Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. | ||||
| CVE-2001-1022 | 3 Gnu, Jgroff, Redhat | 3 Groff, Jgroff, Linux | 2026-04-16 | N/A |
| Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | ||||
| CVE-2005-1522 | 1 Gnu | 1 Mailutils | 2026-04-16 | N/A |
| The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. | ||||
| CVE-2005-1523 | 1 Gnu | 1 Mailutils | 2026-04-16 | N/A |
| Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands. | ||||
| CVE-2004-1488 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2026-04-16 | N/A |
| wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | ||||
| CVE-2005-3573 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2004-1377 | 2 Gnu, Turbolinux | 4 A2ps, Turbolinux Home, Turbolinux Server and 1 more | 2026-04-16 | N/A |
| The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2026-04-16 | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | ||||
| CVE-2001-0290 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | ||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2026-04-16 | N/A |
| Land IP denial of service. | ||||
| CVE-2004-2093 | 1 Gnu | 1 Rsync | 2026-04-16 | N/A |
| Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future. | ||||
| CVE-2001-0072 | 2 Gnu, Redhat | 2 Privacy Guard, Linux | 2026-04-16 | N/A |
| gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | ||||