Search Results (1257 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4807 2 Canonical, Gnu 2 Ubuntu Linux, Binutils 2026-04-16 N/A
Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.
CVE-2005-1523 1 Gnu 1 Mailutils 2026-04-16 N/A
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.
CVE-2006-4146 2 Gnu, Redhat 2 Gdb, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
CVE-2000-1137 2 Gnu, Redhat 2 Ed, Linux 2026-04-16 N/A
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
CVE-2006-0075 1 Gnu 1 Phpbook 2026-04-16 N/A
Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file.
CVE-2006-0052 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
CVE-2004-0353 1 Gnu 1 Anubis 2026-04-16 N/A
Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string.
CVE-2000-0959 1 Gnu 1 Glibc 2026-04-16 N/A
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
CVE-2002-1344 3 Gnu, Redhat, Sun 4 Wget, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
CVE-2001-0522 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
CVE-2005-2878 1 Gnu 1 Mailutils 2026-04-16 N/A
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
CVE-2005-2541 1 Gnu 1 Tar 2026-04-16 7.0 High
Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.
CVE-2006-0300 2 Gnu, Redhat 2 Tar, Enterprise Linux 2026-04-16 N/A
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
CVE-2005-0202 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
CVE-2003-0859 5 Gnu, Intel, Quagga and 2 more 8 Glibc, Zebra, Ia64 and 5 more 2026-04-16 N/A
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2004-0555 1 Gnu 1 Queue 2026-04-16 N/A
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.
CVE-2005-0990 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file.
CVE-2003-0853 3 Gnu, Redhat, Washington University 4 Fileutils, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
CVE-2004-0581 2 Gnu, Mandrakesoft 3 Ksymoops, Mandrake Linux, Mandrake Linux Corporate Server 2026-04-16 N/A
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
CVE-2005-3424 1 Gnu 1 Gnump3d 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.