Filtered by vendor Gnu
Subscriptions
Total
1164 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0080 | 2 Gnu, Ubuntu | 2 Mailman, Ubuntu Linux | 2025-04-03 | N/A |
| The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. | ||||
| CVE-2003-0971 | 2 Gnu, Redhat | 3 Privacy Guard, Enterprise Linux, Linux | 2025-04-03 | N/A |
| GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature. | ||||
| CVE-2003-0978 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | N/A |
| Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval. | ||||
| CVE-2005-1228 | 2 Gnu, Redhat | 2 Gzip, Enterprise Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. | ||||
| CVE-2005-1229 | 1 Gnu | 1 Cpio | 2025-04-03 | N/A |
| Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file. | ||||
| CVE-2004-0849 | 1 Gnu | 1 Radius | 2025-04-03 | N/A |
| Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. | ||||
| CVE-2006-0049 | 2 Gnu, Redhat | 2 Privacy Guard, Enterprise Linux | 2025-04-03 | N/A |
| gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455. | ||||
| CVE-2005-0202 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences. | ||||
| CVE-2004-0966 | 2 Gnu, Ubuntu | 2 Gettext, Ubuntu Linux | 2025-04-03 | N/A |
| The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2000-0861 | 1 Gnu | 1 Mailman | 2025-04-03 | N/A |
| Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | ||||
| CVE-2004-0968 | 2 Gnu, Redhat | 3 Glibc, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | N/A |
| The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-0969 | 3 Gentoo, Gnu, Ubuntu | 3 Linux, Groff, Ubuntu Linux | 2025-04-03 | N/A |
| The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-0984 | 1 Gnu | 1 Mailutils | 2025-04-03 | N/A |
| Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges. | ||||
| CVE-2004-1177 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||||
| CVE-2004-1185 | 2 Gnu, Redhat | 2 Enscript, Enterprise Linux | 2025-04-03 | N/A |
| Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames. | ||||
| CVE-2004-1186 | 2 Gnu, Redhat | 2 Enscript, Enterprise Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash). | ||||
| CVE-2005-0990 | 2 Gnu, Redhat | 2 Sharutils, Enterprise Linux | 2025-04-03 | N/A |
| unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. | ||||
| CVE-2004-1296 | 1 Gnu | 1 Groff | 2025-04-03 | N/A |
| The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0991 | 3 Gnu, Redhat, Sgi | 3 Mailman, Enterprise Linux, Propack | 2025-04-03 | N/A |
| Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. | ||||
| CVE-2003-0965 | 2 Gnu, Redhat | 2 Mailman, Linux | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. | ||||