Vulnerabilities (CVE)

Vendor filter

Gnu Subscribe

Filter

755 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-3425 1 Gnu 1 Gnump3d 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.
CVE-2005-1824 1 Gnu 1 Mailutils 2008-09-05 7.5
The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks.
CVE-2005-1523 1 Gnu 1 Mailutils 2008-09-05 7.5
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.
CVE-2005-1522 1 Gnu 1 Mailutils 2008-09-05 5.0
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command.
CVE-2005-1521 1 Gnu 1 Mailutils 2008-09-05 7.5
Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END...
CVE-2005-1520 1 Gnu 1 Mailutils 2008-09-05 7.5
Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail.
CVE-2005-1039 1 Gnu 1 Coreutils 2008-09-05 3.7
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.
CVE-2004-2459 1 Gnu 1 Gnubiff 2008-09-05 2.1
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
CVE-2004-0182 1 Gnu 1 Mailman 2008-09-05 5.0
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
CVE-2002-0855 1 Gnu 1 Mailman 2008-09-05 7.5
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
CVE-2002-0435 1 Gnu 1 Fileutils 2008-09-05 1.2
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher...
CVE-2001-1301 2 Gnu, Xemacs 2 Xemacs, Emacs 2008-09-05 1.2
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
CVE-2001-1267 1 Gnu 1 Tar 2008-09-05 2.1
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
CVE-2001-0290 1 Gnu 1 Mailman 2008-09-05 4.6
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
CVE-2000-1219 1 Gnu 2 Gcc, G%2b%2b 2008-09-05 7.5
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.