Filtered by vendor Gnu Subscriptions
Total 1074 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0290 1 Gnu 1 Mailman 2024-11-21 N/A
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
CVE-2001-0191 3 Andynorman, Gnu, Redhat 4 Gnuserv, Xemacs, Linux and 1 more 2024-11-21 N/A
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
CVE-2001-0072 2 Gnu, Redhat 2 Privacy Guard, Linux 2024-11-21 N/A
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
CVE-2001-0071 2 Gnu, Redhat 2 Privacy Guard, Linux 2024-11-21 N/A
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
CVE-2000-1219 1 Gnu 2 G\+\+, Gcc 2024-11-21 N/A
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
CVE-2000-1137 2 Gnu, Redhat 2 Ed, Linux 2024-11-21 N/A
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
CVE-2000-0974 1 Gnu 1 Privacy Guard 2024-11-21 N/A
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
CVE-2000-0963 4 Freebsd, Gnu, Immunix and 1 more 4 Freebsd, Ncurses, Immunix and 1 more 2024-11-21 N/A
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
CVE-2000-0959 1 Gnu 1 Glibc 2024-11-21 N/A
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
CVE-2000-0947 1 Gnu 1 Cfengine 2024-11-21 N/A
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
CVE-2000-0861 1 Gnu 1 Mailman 2024-11-21 N/A
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
CVE-2000-0824 1 Gnu 1 Glibc 2024-11-21 N/A
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
CVE-2000-0803 1 Gnu 1 Groff 2024-11-21 N/A
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
CVE-2000-0786 1 Gnu 1 Userv 2024-11-21 N/A
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
CVE-2000-0701 3 Conectiva, Gnu, Redhat 3 Linux, Mailman, Linux 2024-11-21 N/A
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
CVE-2000-0335 2 Gnu, Isc 2 Glibc, Bind 2024-11-21 N/A
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
CVE-2000-0271 1 Gnu 1 Emacs 2024-11-21 N/A
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
CVE-2000-0270 1 Gnu 1 Emacs 2024-11-21 N/A
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
CVE-2000-0269 1 Gnu 1 Emacs 2024-11-21 N/A
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVE-2000-0151 1 Gnu 1 Make 2024-11-21 N/A
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands.