VYPR

Vendor CVEs

GNU

All CVEs

1,137 total · sorted by risk
  • CVE-2009-2624Jan 29, 2010
    risk 0.00cvss epss 0.04

    The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code via a crafted archive. NOTE: this…

  • CVE-2010-0015Jan 14, 2010
    risk 0.00cvss epss 0.03

    nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the…

  • CVE-2009-4029Dec 20, 2009
    risk 0.00cvss epss 0.00

    The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a…

  • CVE-2009-4135Dec 11, 2009
    risk 0.00cvss epss 0.00

    The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.

  • CVE-2009-4128Dec 1, 2009
    risk 0.00cvss epss 0.01

    GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1.

  • CVE-2009-3736Nov 29, 2009
    risk 0.00cvss epss 0.00

    ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.

  • CVE-2009-3490Sep 30, 2009
    risk 0.00cvss epss 0.04

    GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification…

  • CVE-2009-2730Aug 12, 2009
    risk 0.00cvss epss 0.02

    libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a…

  • CVE-2009-2409Jul 30, 2009
    risk 0.00cvss epss 0.05

    The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws…

  • CVE-2009-1417Apr 30, 2009
    risk 0.00cvss epss 0.01

    gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the…

  • CVE-2009-1215Apr 1, 2009
    risk 0.00cvss epss 0.00

    Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.

  • CVE-2009-1214Apr 1, 2009
    risk 0.00cvss epss 0.00

    GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.

  • CVE-2009-0757Mar 3, 2009
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions.

  • CVE-2008-5078Dec 19, 2008
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename.

  • CVE-2008-4475Oct 7, 2008
    risk 0.00cvss epss 0.00

    ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

  • CVE-2008-3949Sep 22, 2008
    risk 0.00cvss epss 0.01

    emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.

  • CVE-2008-4100Sep 18, 2008
    risk 0.00cvss epss 0.01

    GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is…

  • CVE-2008-3916Sep 4, 2008
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only…

  • CVE-2008-3896Sep 3, 2008
    risk 0.00cvss epss 0.00

    Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.

  • CVE-2008-2377Aug 8, 2008
    risk 0.00cvss epss 0.05

    Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data…

  • CVE-2008-1946Jul 28, 2008
    risk 0.00cvss epss 0.00

    The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.

  • CVE-2008-1950May 21, 2008
    risk 0.00cvss epss 0.05

    Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted…

  • CVE-2008-1949May 21, 2008
    risk 0.00cvss epss 0.06

    The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service…

  • CVE-2008-2142May 12, 2008
    risk 0.00cvss epss 0.04

    Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.

  • CVE-2008-1694Apr 22, 2008
    risk 0.00cvss epss 0.00

    vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

  • CVE-2008-1688Apr 9, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.

  • CVE-2008-1687Apr 9, 2008
    risk 0.00cvss epss 0.02

    The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.

  • CVE-2008-1685Apr 6, 2008
    risk 0.00cvss epss 0.01

    gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer…

  • CVE-2008-1367Mar 17, 2008
    risk 0.00cvss epss 0.03

    gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong…

  • CVE-2007-6109Dec 7, 2007
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain…

  • CVE-2007-6130Nov 26, 2007
    risk 0.00cvss epss 0.01

    gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.

  • CVE-2007-5377Oct 12, 2007
    risk 0.00cvss epss 0.00

    The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension for Emacs, and possibly earlier 2.1.x versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

  • CVE-2007-3741Aug 27, 2007
    risk 0.00cvss epss 0.03

    The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.

  • CVE-2007-4131Aug 25, 2007
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

  • CVE-2007-3508Jul 3, 2007
    risk 0.00cvss epss 0.00

    Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is…

  • CVE-2007-2833Jun 21, 2007
    risk 0.00cvss epss 0.02

    Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.

  • CVE-2007-2452Jun 4, 2007
    risk 0.00cvss epss 0.02

    Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability…

  • CVE-2007-2808May 22, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter.

  • CVE-2007-2500May 4, 2007
    risk 0.00cvss epss 0.05

    server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote attackers to execute arbitrary code via a large number of SHOWFRAME elements within a DEFINESPRITE element, which triggers memory corruption and enables the attacker to call free with an…

  • CVE-2007-2162Apr 22, 2007
    risk 0.00cvss epss 0.01

    (1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service (browser crash or system hang) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.

  • CVE-2006-7151Mar 7, 2007
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories.

  • CVE-2007-1269Mar 6, 2007
    risk 0.00cvss epss 0.03

    GNUMail 1.1.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the…

  • CVE-2006-6939Jan 17, 2007
    risk 0.00cvss epss 0.00

    GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.

  • CVE-2006-6235Dec 7, 2006
    risk 0.00cvss epss 0.06

    A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

  • CVE-2006-4181Nov 28, 2006
    risk 0.00cvss epss 0.05

    Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2006-4810Nov 8, 2006
    risk 0.00cvss epss 0.01

    Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file.

  • CVE-2006-4573Oct 24, 2006
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences.

  • CVE-2006-2191Sep 19, 2006
    risk 0.00cvss epss 0.02

    Format string vulnerability in Mailman before 2.1.9 allows attackers to execute arbitrary code via unspecified vectors. NOTE: the vendor has disputed this vulnerability, stating that it is "unexploitable.

  • CVE-2006-4790Sep 14, 2006
    risk 0.00cvss epss 0.02

    verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and…

  • CVE-2006-4624Sep 7, 2006
    risk 0.00cvss epss 0.03

    CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.

Page 20 of 23