Search Results (1261 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0422 2 Gnu, Redhat 2 Flim, Enterprise Linux 2026-04-16 N/A
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
CVE-2001-0071 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
CVE-2003-0038 1 Gnu 1 Mailman 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
CVE-2005-1521 1 Gnu 1 Mailutils 2026-04-16 N/A
Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow.
CVE-2004-0256 1 Gnu 1 Libtool 2026-04-16 N/A
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp.
CVE-2006-0049 2 Gnu, Redhat 2 Privacy Guard, Enterprise Linux 2026-04-16 N/A
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
CVE-2004-0131 1 Gnu 1 Radius 2026-04-16 N/A
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
CVE-2004-1772 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument.
CVE-2005-3424 1 Gnu 1 Gnump3d 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
CVE-2005-0202 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
CVE-2002-0204 1 Gnu 1 Chess 2026-04-16 N/A
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.
CVE-2005-3349 1 Gnu 1 Gnump3d 2026-04-16 N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
CVE-2002-1602 1 Gnu 1 Screen 2026-04-16 N/A
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.
CVE-2004-2531 1 Gnu 1 Gnutls 2026-04-16 N/A
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
CVE-2004-1487 2 Gnu, Redhat 2 Wget, Enterprise Linux 2026-04-16 N/A
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
CVE-2005-1520 1 Gnu 1 Mailutils 2026-04-16 N/A
Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail.
CVE-2005-4808 2 Canonical, Gnu 2 Ubuntu Linux, Binutils 2026-04-16 N/A
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.
CVE-2004-1702 1 Gnu 1 Cfengine 2026-04-16 N/A
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).
CVE-2003-1232 1 Gnu 1 Emacs 2026-04-16 N/A
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
CVE-2004-0555 1 Gnu 1 Queue 2026-04-16 N/A
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.