Filtered by vendor Gnu
Subscriptions
Total
1073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0603 | 1 Gnu | 1 Gzip | 2024-11-20 | N/A |
| gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332. | ||||
| CVE-2004-0581 | 2 Gnu, Mandrakesoft | 3 Ksymoops, Mandrake Linux, Mandrake Linux Corporate Server | 2024-11-20 | N/A |
| ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. | ||||
| CVE-2004-0576 | 1 Gnu | 1 Radius | 2024-11-20 | N/A |
| The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID. | ||||
| CVE-2004-0555 | 1 Gnu | 1 Queue | 2024-11-20 | N/A |
| Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0548 | 2 Gentoo, Gnu | 2 Linux, Aspell | 2024-11-20 | N/A |
| Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. | ||||
| CVE-2004-0422 | 2 Gnu, Redhat | 2 Flim, Enterprise Linux | 2024-11-20 | N/A |
| flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. | ||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2024-11-20 | 6.5 Medium |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | ||||
| CVE-2004-0354 | 1 Gnu | 1 Anubis | 2024-11-20 | N/A |
| Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c. | ||||
| CVE-2004-0353 | 1 Gnu | 1 Anubis | 2024-11-20 | N/A |
| Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | ||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2024-11-20 | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | ||||
| CVE-2004-0182 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2024-11-20 | N/A |
| Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field. | ||||
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2024-11-20 | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | ||||
| CVE-2003-1232 | 1 Gnu | 1 Emacs | 2024-11-20 | N/A |
| Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. | ||||
| CVE-2003-0992 | 2 Gnu, Redhat | 2 Mailman, Linux | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | ||||
| CVE-2003-0991 | 3 Gnu, Redhat, Sgi | 3 Mailman, Enterprise Linux, Propack | 2024-11-20 | N/A |
| Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. | ||||
| CVE-2003-0978 | 1 Gnu | 1 Privacy Guard | 2024-11-20 | N/A |
| Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval. | ||||
| CVE-2003-0972 | 1 Gnu | 1 Screen | 2024-11-20 | N/A |
| Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | ||||
| CVE-2003-0971 | 2 Gnu, Redhat | 3 Privacy Guard, Enterprise Linux, Linux | 2024-11-20 | N/A |
| GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature. | ||||
| CVE-2003-0965 | 2 Gnu, Redhat | 2 Mailman, Linux | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. | ||||
| CVE-2003-0859 | 5 Gnu, Intel, Quagga and 2 more | 8 Glibc, Zebra, Ia64 and 5 more | 2024-11-20 | N/A |
| The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||