Filtered by vendor Gnu
Subscriptions
Total
1068 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-0684 | 1 Gnu | 1 Coreutils | 2024-08-08 | 5.5 Medium |
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. | ||||
CVE-2000-1137 | 2 Gnu, Redhat | 2 Ed, Linux | 2024-08-08 | N/A |
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | ||||
CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2024-08-08 | N/A |
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | ||||
CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2024-08-08 | N/A |
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | ||||
CVE-2000-0959 | 1 Gnu | 1 Glibc | 2024-08-08 | N/A |
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. | ||||
CVE-2000-0963 | 4 Freebsd, Gnu, Immunix and 1 more | 4 Freebsd, Ncurses, Immunix and 1 more | 2024-08-08 | N/A |
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | ||||
CVE-2000-0861 | 1 Gnu | 1 Mailman | 2024-08-08 | N/A |
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | ||||
CVE-2000-0824 | 1 Gnu | 1 Glibc | 2024-08-08 | N/A |
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. | ||||
CVE-2000-0803 | 1 Gnu | 1 Groff | 2024-08-08 | N/A |
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | ||||
CVE-2000-0786 | 1 Gnu | 1 Userv | 2024-08-08 | N/A |
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions. | ||||
CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2024-08-08 | N/A |
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | ||||
CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2024-08-08 | N/A |
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | ||||
CVE-2000-0269 | 1 Gnu | 1 Emacs | 2024-08-08 | N/A |
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | ||||
CVE-2000-0271 | 1 Gnu | 1 Emacs | 2024-08-08 | N/A |
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | ||||
CVE-2000-0270 | 1 Gnu | 1 Emacs | 2024-08-08 | N/A |
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | ||||
CVE-2000-0151 | 1 Gnu | 1 Make | 2024-08-08 | N/A |
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | ||||
CVE-2001-1593 | 1 Gnu | 1 A2ps | 2024-08-08 | N/A |
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file. | ||||
CVE-2001-1377 | 12 Freeradius, Gnu, Icradius and 9 more | 12 Freeradius, Radius, Icradius and 9 more | 2024-08-08 | N/A |
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | ||||
CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2024-08-08 | N/A |
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | ||||
CVE-2001-1376 | 13 Ascend, Freeradius, Gnu and 10 more | 13 Radius, Freeradius, Radius and 10 more | 2024-08-08 | N/A |
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. |