ReportizFlow
Filtered by vendor Gnu
Subscriptions
Total
1218 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2026-04-16 | 6.5 Medium |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | ||||
| CVE-2004-0581 | 2 Gnu, Mandrakesoft | 3 Ksymoops, Mandrake Linux, Mandrake Linux Corporate Server | 2026-04-16 | N/A |
| ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. | ||||
| CVE-2000-0824 | 1 Gnu | 1 Glibc | 2026-04-16 | N/A |
| The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. | ||||
| CVE-2004-2460 | 1 Gnu | 1 Gnubiff | 2026-04-16 | N/A |
| Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. | ||||
| CVE-2005-4808 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2026-04-16 | N/A |
| Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. | ||||
| CVE-2005-1431 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2026-04-16 | N/A |
| The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c. | ||||
| CVE-2004-0849 | 1 Gnu | 1 Radius | 2026-04-16 | N/A |
| Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. | ||||
| CVE-2001-0290 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | ||||
| CVE-2004-1488 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2026-04-16 | N/A |
| wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | ||||
| CVE-2005-3349 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | ||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2026-04-16 | N/A |
| GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | ||||
| CVE-2001-0522 | 2 Gnu, Redhat | 2 Privacy Guard, Linux | 2026-04-16 | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | ||||
| CVE-2004-2093 | 1 Gnu | 1 Rsync | 2026-04-16 | N/A |
| Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future. | ||||
| CVE-2005-1521 | 1 Gnu | 1 Mailutils | 2026-04-16 | N/A |
| Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. | ||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2005-3425 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. | ||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2026-04-16 | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | ||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | ||||
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2026-04-16 | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | ||||
| CVE-2003-0991 | 3 Gnu, Redhat, Sgi | 3 Mailman, Enterprise Linux, Propack | 2026-04-16 | N/A |
| Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. | ||||