Search Results (1247 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3424 1 Gnu 1 Gnump3d 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
CVE-2003-0991 3 Gnu, Redhat, Sgi 3 Mailman, Enterprise Linux, Propack 2026-04-16 N/A
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
CVE-2005-3355 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".
CVE-2005-3349 1 Gnu 1 Gnump3d 2026-04-16 N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
CVE-2003-0978 1 Gnu 1 Privacy Guard 2026-04-16 N/A
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
CVE-2001-1228 1 Gnu 1 Gzip 2026-04-16 N/A
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
CVE-1999-0491 1 Gnu 1 Bash 2026-04-16 N/A
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
CVE-2005-3137 1 Gnu 1 Cfengine 2026-04-16 N/A
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.
CVE-2005-3123 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
CVE-2003-0972 1 Gnu 1 Screen 2026-04-16 N/A
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
CVE-2005-3011 2 Gnu, Redhat 2 Texinfo, Enterprise Linux 2026-04-16 N/A
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2003-0971 2 Gnu, Redhat 3 Privacy Guard, Enterprise Linux, Linux 2026-04-16 N/A
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
CVE-2005-2960 2 Debian, Gnu 2 Debian Linux, Cfengine 2026-04-16 N/A
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
CVE-2001-1132 1 Gnu 1 Mailman 2026-04-16 N/A
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
CVE-2004-2459 1 Gnu 1 Gnubiff 2026-04-16 N/A
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
CVE-2005-2878 1 Gnu 1 Mailutils 2026-04-16 N/A
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
CVE-2003-0965 2 Gnu, Redhat 2 Mailman, Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
CVE-2005-2541 1 Gnu 1 Tar 2026-04-16 7.0 High
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
CVE-2000-0335 2 Gnu, Isc 2 Glibc, Bind 2026-04-16 N/A
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
CVE-2005-2397 1 Gnu 1 Phpbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.