Search Results (1261 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0049 2 Gnu, Redhat 2 Privacy Guard, Enterprise Linux 2026-04-16 N/A
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
CVE-2001-0071 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
CVE-2004-1337 3 Conectiva, Gnu, Ubuntu 3 Linux, Realtime Linux Security Module, Ubuntu Linux 2026-04-16 N/A
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
CVE-2002-1146 2 Gnu, Redhat 3 Glibc, Enterprise Linux, Linux 2026-04-16 N/A
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
CVE-2004-1296 1 Gnu 1 Groff 2026-04-16 N/A
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-1999-0402 1 Gnu 1 Wget 2026-04-16 N/A
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
CVE-2001-0191 3 Andynorman, Gnu, Redhat 4 Gnuserv, Xemacs, Linux and 1 more 2026-04-16 N/A
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
CVE-2004-1184 4 Gnu, Redhat, Sgi and 1 more 5 Enscript, Enterprise Linux, Fedora Core and 2 more 2026-04-16 N/A
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2000-0269 1 Gnu 1 Emacs 2026-04-16 N/A
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVE-2004-1143 1 Gnu 1 Mailman 2026-04-16 N/A
The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.
CVE-1999-0041 5 Cray, Gnu, Ibm and 2 more 6 Unicos, Unicos Max, Libc and 3 more 2026-04-16 N/A
Buffer overflow in NLS (Natural Language Service).
CVE-2002-1265 3 Apple, Gnu, Sgi 4 Mac Os X, Mac Os X Server, Glibc and 1 more 2026-04-16 N/A
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
CVE-2005-0100 2 Gnu, Redhat 3 Emacs, Xemacs, Enterprise Linux 2026-04-16 N/A
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
CVE-2006-0455 2 Gnu, Redhat 2 Privacy Guard, Enterprise Linux 2026-04-16 N/A
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
CVE-2004-2093 1 Gnu 1 Rsync 2026-04-16 N/A
Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future.
CVE-2002-0389 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.
CVE-2004-0984 1 Gnu 1 Mailutils 2026-04-16 N/A
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges.
CVE-2001-0884 2 Gnu, Redhat 4 Mailman, Linux, Powertools and 1 more 2026-04-16 N/A
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
CVE-2004-1701 1 Gnu 1 Cfengine 2026-04-16 N/A
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
CVE-2004-0970 1 Gnu 1 Gzip 2026-04-16 N/A
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.